urlscan.io logo urlscan.io
SecurityTrails logo

www.slovenskenovice.si Open in urlscan Pro
2001:67c:300:de10::100  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.slovenskenovice.si/
Submission: On March 20 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 14 countries across 101 domains to perform 607 HTTP transactions. The main IP is 2001:67c:300:de10::100, located in Bruckneudorf, Austria and belongs to DELO-AS, SI. The main domain is www.slovenskenovice.si.
TLS certificate: Issued by R3 on March 13th 2021. Valid for: 3 months.
This is the only time www.slovenskenovice.si was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
94 2001:67c:300:... 39387 (DELO-AS)
7 2a00:1450:400... 15169 (GOOGLE)
4 65.9.58.5 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.93.164.116 14061 (DIGITALOC...)
3 46.19.9.11 51790 (SIEL)
6 188.40.118.169 24940 (HETZNER-AS)
42 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
5 148.251.44.50 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 199.232.137.44 54113 (FASTLY)
49 195.5.165.20 44968 (IPROM-AS)
1 3 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2a04:4e42:3::621 54113 (FASTLY)
2 178.250.2.146 44788 (ASN-CRITE...)
4 185.86.138.16 201081 (SMARTADSE...)
1 10 37.157.4.28 198622 (ADFORM)
1 72.251.249.9 29791 (VOXEL-DOT...)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 185.184.8.30 204995 (RTB-HOUSE...)
11 16 37.252.172.249 29990 (ASN-APPNEX)
2 178.250.2.131 44788 (ASN-CRITE...)
9 2606:4700:e0:... 13335 (CLOUDFLAR...)
6 77.234.148.163 12778 (NETSI NET...)
1 176.9.70.89 24940 (HETZNER-AS)
1 195.5.165.21 44968 (IPROM-AS)
35 142.250.186.162 15169 (GOOGLE)
5 195.5.165.160 44968 (IPROM-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 65.9.67.31 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
9 37.157.2.248 198622 (ADFORM)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 185.97.52.29 51790 (SIEL)
1 46.19.11.36 51790 (SIEL)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 151.101.113.108 54113 (FASTLY)
9 104.79.88.155 16625 (AKAMAI-AS)
1 88.214.193.146 46636 (NATCOWEB)
4 185.64.190.78 62713 (AS-PUBMATIC)
1 2a0c:5c81:516... 55081 (24SHELLS)
3 3 35.186.253.211 15169 (GOOGLE)
1 3 62.149.0.72 15497 (COLOCALL ...)
2 213.155.156.168 1299 (TELIANET ...)
2 178.250.2.151 44788 (ASN-CRITE...)
16 17 142.250.186.98 15169 (GOOGLE)
1 20 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
2 34 185.64.190.80 62713 (AS-PUBMATIC)
2 159.253.128.188 36351 (SOFTLAYER)
8 11 34.246.156.173 16509 (AMAZON-02)
5 7 37.157.4.40 198622 (ADFORM)
5 5 185.29.135.190 30419 (MEDIAMATH...)
8 8 52.58.45.227 16509 (AMAZON-02)
1 1 18.159.69.204 16509 (AMAZON-02)
1 2 216.58.212.166 15169 (GOOGLE)
7 34.98.64.218 15169 (GOOGLE)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 13 46.249.52.248 50673 (SERVERIUS-AS)
5 2a00:1288:110... 34010 (YAHOO-IRD)
4 4 18.159.182.76 16509 (AMAZON-02)
1 1 13.226.159.45 16509 (AMAZON-02)
10 10 54.228.192.197 16509 (AMAZON-02)
2 185.86.138.143 201081 (SMARTADSE...)
4 4 2620:116:800d... 16509 (AMAZON-02)
3 3 66.155.71.150 13768 (COGECO-PEER1)
3 3 213.19.147.151 3356 (LEVEL3)
5 5.178.65.253 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.157.249.55 16509 (AMAZON-02)
1 52.4.128.233 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 116.202.50.131 24940 (HETZNER-AS)
1 178.162.133.149 60781 (LEASEWEB-...)
6 6 18.156.0.31 16509 (AMAZON-02)
1 1 88.214.206.247 46636 (NATCOWEB)
1 1 104.117.200.100 16625 (AKAMAI-AS)
2 23.37.42.132 16625 (AKAMAI-AS)
5 185.64.189.114 62713 (AS-PUBMATIC)
2 9 104.79.88.202 16625 (AKAMAI-AS)
4 6 35.227.248.159 15169 (GOOGLE)
1 217.156.250.128 3549 (LVLT-3549)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 63.33.120.132 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
1 89.163.159.103 24961 (MYLOC-AS ...)
3 4 54.171.173.220 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.127.52.31 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 34.247.1.48 16509 (AMAZON-02)
5 5 151.101.114.49 54113 (FASTLY)
1 1 184.30.20.207 16625 (AKAMAI-AS)
1 1 34.237.146.133 14618 (AMAZON-AES)
1 2 52.95.116.38 16509 (AMAZON-02)
1 1 23.79.152.128 16625 (AKAMAI-AS)
1 34.252.198.170 16509 (AMAZON-02)
1 2 52.94.232.32 16509 (AMAZON-02)
1 1 54.74.23.153 16509 (AMAZON-02)
2 3 88.221.62.154 16625 (AKAMAI-AS)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 51.158.29.12 12876 (Online SAS)
2 2 88.212.252.22 7979 (SERVERS-COM)
1 208.100.17.181 32748 (STEADFAST)
1 51.89.9.253 16276 (OVH)
3 3 198.148.27.139 19189 (PULSEPOINT)
3 3 51.210.112.236 16276 (OVH)
2 2 52.30.234.204 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (TURN)
2 2 178.62.202.251 14061 (DIGITALOC...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 87.98.242.60 16276 (OVH)
1 72.251.241.204 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 35.210.53.219 15169 (GOOGLE)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 52.30.76.93 16509 (AMAZON-02)
607 95
94    2001:67c:300:de10::100 (Bruckneudorf, Austria)

ASN39387 (DELO-AS, SI)
www.slovenskenovice.si
services.delo.si
7    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    65.9.58.5 (United States)

ASN16509 (AMAZON-02, US)
script.dotmetrics.net
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.93.164.116 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn.onthe.io
3    46.19.9.11 (Slovenia)

ASN51790 (SIEL, SI)
PTR: trafex.serv.si
si.contentexchange.me
tracker.contentexchange.me
tracker_si.contentexchange.me
6    188.40.118.169 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.169.118.40.188.clients.your-server.de
tt.onthe.io
42    2606:4700:10::6816:47af (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ipromcloud.com
a.ipromcloud.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    148.251.44.50 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.50.44.251.148.clients.your-server.de
bin.livenetlife.com
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
match.taboola.com
49    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
3    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
10    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
1    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
1    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
prebid-eu.creativecdn.com
16    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
9    2606:4700:e0::ac40:6308 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
s2.adxpremium.services
user-sync.adxpremium.services
6    77.234.148.163 (Ljubljana, Slovenia)

ASN12778 (NETSI NETSI.NET AS, SI)
engine4.livenetlife.com
1    176.9.70.89 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.89.70.9.176.clients.your-server.de
adserver.livenetlife.com
1    195.5.165.21 (Slovenia)

ASN44968 (IPROM-AS, SI)
cdn.core.iprom.si
35    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
5    195.5.165.160 (Slovenia)

ASN44968 (IPROM-AS, SI)
PTR: central.iprom.net
central.iprom.net
2    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    65.9.67.31 (United States)

ASN16509 (AMAZON-02, US)
d1vbprrijiwq7d.cloudfront.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.pl
32    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fe172631fc8977665e845de572a97e91.safeframe.googlesyndication.com
4126a4335856b675d6eadb810e718850.safeframe.googlesyndication.com
3847535e915d11cfbd378958276f815a.safeframe.googlesyndication.com
27    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.pl
adservice.google.de
20    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d1be26bb51e36bd074dcb3fb2dcb6748.safeframe.googlesyndication.com
e061cb84236a64447e157dac6ff50d86.safeframe.googlesyndication.com
34b1a43e04de86d119a72ac91d576ebf.safeframe.googlesyndication.com
526dff8e19425ce178237e40692ba742.safeframe.googlesyndication.com
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    185.97.52.29 (Slovenia)

ASN51790 (SIEL, SI)
PTR: cex1.vsn.serv.si
images4.contentexchange.me
1    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
hb.contentexchange.me
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
9    104.79.88.155 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-155.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    88.214.193.146 (United Kingdom)

ASN46636 (NATCOWEB, US)
ssp-nj.webtradehub.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a0c:5c81:5161::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
3    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
2    213.155.156.168 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
17    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
20    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
34    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
11    34.246.156.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
7    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
5    185.29.135.190 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    52.58.45.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    18.159.69.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
sonata-notifications.taptapnetworks.com
2    216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net
ad.doubleclick.net
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
us-u.openx.net
eu-u.openx.net
2    2606:4700:3037::6815:18da (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.rtbsrv.com
13    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
5    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    18.159.182.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    13.226.159.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-45.dus51.r.cloudfront.net
cm.smadex.com
10    54.228.192.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
2    185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
4    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
3    213.19.147.151 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
s.e-planning.net
1    2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
2    35.157.249.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
1    52.4.128.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    116.202.50.131 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cm021.richaudience.com
sync.richaudience.com
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
sync.go.sonobi.com
6    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
9    104.79.88.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-202.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
1    217.156.250.128 (United Kingdom)

ASN3549 (LVLT-3549, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    63.33.120.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-120-132.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
1    89.163.159.103 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
4    54.171.173.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
cms.analytics.yahoo.com
1    3.127.52.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
2    34.247.1.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-1-48.eu-west-1.compute.amazonaws.com
beacon.krxd.net
5    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    34.237.146.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.116.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.252.198.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.74.23.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
3    88.221.62.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
px.owneriq.net
6    2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
2    51.158.29.12 (Paris, France)

ASN12876 (Online SAS, FR)
js.cookieless-data.com
sddan.mgr.consensu.org
2    88.212.252.22 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    208.100.17.181 (United States)

ASN32748 (STEADFAST, US)
ic.tynt.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: ns3175227.ip-51-210-112.eu
pixel.onaudience.com
2    52.30.234.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    87.98.242.60 (Saarbrücken, Germany)

ASN16276 (OVH, FR)
green.erne.co
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2606:4700:3039::6815:c025 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pool.admedo.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    52.30.76.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
66 slovenskenovice.si
www.slovenskenovice.si
2 MB
60 googlesyndication.com
fe172631fc8977665e845de572a97e91.safeframe.googlesyndication.com
tpc.googlesyndication.com
4126a4335856b675d6eadb810e718850.safeframe.googlesyndication.com
3847535e915d11cfbd378958276f815a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
d1be26bb51e36bd074dcb3fb2dcb6748.safeframe.googlesyndication.com
e061cb84236a64447e157dac6ff50d86.safeframe.googlesyndication.com
34b1a43e04de86d119a72ac91d576ebf.safeframe.googlesyndication.com
526dff8e19425ce178237e40692ba742.safeframe.googlesyndication.com
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
206 KB
55 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
aud.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
image4.pubmatic.com
146 KB
55 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
908 KB
54 iprom.net
core.iprom.net
central.iprom.net
27 KB
42 ipromcloud.com
cdn.ipromcloud.com
a.ipromcloud.com
1 MB
28 delo.si
services.delo.si
749 KB
26 adform.net
adx.adform.net
s1.adform.net
track.adform.net
c1.adform.net
dmp.adform.net
213 KB
20 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
7 KB
20 googletagservices.com
www.googletagservices.com
584 KB
18 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
19 KB
17 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
30 KB
15 google.com
www.google.com
adservice.google.com
21 KB
12 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
8 KB
12 livenetlife.com
bin.livenetlife.com
engine4.livenetlife.com
adserver.livenetlife.com
121 KB
12 contentexchange.me
si.contentexchange.me
tracker.contentexchange.me
tracker_si.contentexchange.me
images4.contentexchange.me
hb.contentexchange.me
117 KB
11 adsrvr.org
match.adsrvr.org
5 KB
10 bidr.io
match.prod.bidr.io
4 KB
10 openx.net
rtb.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
9 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com Failed
12 KB
9 adxpremium.services
rtb.adxpremium.services
s2.adxpremium.services
user-sync.adxpremium.services
9 KB
9 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
2 KB
8 bidswitch.net
x.bidswitch.net
3 KB
7 onthe.io
cdn.onthe.io
tt.onthe.io
21 KB
6 quantumdex.io
sync.quantumdex.io
3 KB
6 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net Failed
sync.crwdcntrl.net
3 KB
6 tapad.com
pixel.tapad.com
2 KB
6 mathtag.com
sync.mathtag.com
pixel.mathtag.com
3 KB
6 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
2 KB
6 taboola.com
cdn.taboola.com
trc.taboola.com
match.taboola.com
129 KB
5 everesttech.net
sync-tm.everesttech.net
2 KB
5 google.de
www.google.de
adservice.google.de
1 KB
5 gstatic.com
www.gstatic.com
443 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
2 KB
4 google.pl
adservice.google.pl
2 KB
4 connectad.io
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
2 KB
4 dotmetrics.net
script.dotmetrics.net
39 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 contextweb.com
bh.contextweb.com
1 KB
3 owneriq.net
px.owneriq.net
1 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
943 B
3 adition.com
dsp.adfarm1.adition.com
2 KB
3 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com Failed
10 KB
3 richaudience.com
sync.richaudience.com
1 KB
3 dotomi.com
prebid-match.dotomi.com
pubmatic-match.dotomi.com
310 B
3 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
962 B
3 google-analytics.com
www.google-analytics.com
19 KB
2 admedo.com
pool.admedo.com
783 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 bidtheatre.com
match.adsby.bidtheatre.com
1 KB
2 turn.com
ad.turn.com
1 KB
2 betweendigital.com
ads.betweendigital.com
925 B
2 demdex.net
dpm.demdex.net
2 KB
2 tidaltv.com
sync.tidaltv.com
793 B
2 360yield.com
ad.360yield.com
678 B
2 1rx.io
sync.1rx.io
1 KB
2 rtbsrv.com
dmp.rtbsrv.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 de17a.com
d5p.de17a.com
268 B
2 criteo.net
static.criteo.net
51 KB
2 createjs.com
code.createjs.com
125 KB
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
486 B
1 ad4m.at
ad4m.at
1 KB
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
326 B
1 consensu.org
sddan.mgr.consensu.org
109 B
1 onetag-sys.com
onetag-sys.com
818 B
1 tynt.com
ic.tynt.com
1 cookieless-data.com
js.cookieless-data.com
2 KB
1 adroll.com
d.adroll.com
112 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
38 B
1 bluekai.com
tags.bluekai.com
346 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
382 B
1 theadex.com
dmp.theadex.com
378 B
1 bemail.it
bn01.er.bemail.it
659 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 admanmedia.com
cs.admanmedia.com
428 B
1 sonobi.com
sync.go.sonobi.com
474 B
1 audrte.com
a.audrte.com
2 KB
1 navdmp.com
tag.navdmp.com
4 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
606 B
1 smadex.com
cm.smadex.com
526 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
314 B
1 googleapis.com
fonts.googleapis.com
1 KB
1 cloudfront.net
d1vbprrijiwq7d.cloudfront.net
936 B
1 iprom.si
cdn.core.iprom.si
3 KB
1 webtradehub.com
ssp-nj.webtradehub.com Failed
127 B
1 creativecdn.com
prebid-eu.creativecdn.com
184 B
1 lijit.com
ap.lijit.com
763 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 weborama.fr Failed
idsync.frontend.weborama.fr Failed
0 exelator.com Failed
loadeu.exelator.com Failed
607 101
Domain Requested by
66 www.slovenskenovice.si www.slovenskenovice.si
49 core.iprom.net cdn.ipromcloud.com
cdn.core.iprom.si
35 securepubads.g.doubleclick.net cdn.ipromcloud.com
securepubads.g.doubleclick.net
www.slovenskenovice.si
www.googletagservices.com
30 a.ipromcloud.com cdn.ipromcloud.com
a.ipromcloud.com
www.slovenskenovice.si
cdn.core.iprom.si
28 services.delo.si www.slovenskenovice.si
services.delo.si
27 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.slovenskenovice.si
21 simage2.pubmatic.com 1 redirects ads.pubmatic.com
image6.pubmatic.com
20 www.googletagservices.com securepubads.g.doubleclick.net
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
17 cm.g.doubleclick.net 16 redirects us-u.openx.net
16 mwzeom.zeotap.com ads.pubmatic.com
spl.zeotap.com
ads.us.e-planning.net
13 image2.pubmatic.com 1 redirects ads.pubmatic.com
image6.pubmatic.com
13 ib.adnxs.com 9 redirects cdn.ipromcloud.com
acdn.adnxs.com
spl.zeotap.com
12 cdn.ipromcloud.com www.slovenskenovice.si
cdn.ipromcloud.com
11 match.adsrvr.org 8 redirects us-u.openx.net
ssum.casalemedia.com
ssum-sec.casalemedia.com
10 match.prod.bidr.io 10 redirects
9 ads.pubmatic.com cdn.ipromcloud.com
ads.pubmatic.com
user-sync.adxpremium.services
ads.us.e-planning.net
9 s1.adform.net cdn.ipromcloud.com
track.adform.net
s1.adform.net
www.slovenskenovice.si
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
8 x.bidswitch.net 8 redirects
8 images4.contentexchange.me
8 adservice.google.com securepubads.g.doubleclick.net
7 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
7 www.google.com www.slovenskenovice.si
www.gstatic.com
www.google.com
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
6 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
6 pixel.tapad.com 4 redirects spl.zeotap.com
image6.pubmatic.com
6 ups.analytics.yahoo.com 6 redirects
6 c1.adform.net 5 redirects image6.pubmatic.com
6 engine4.livenetlife.com
6 tt.onthe.io cdn.onthe.io
5 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
5 sync-tm.everesttech.net 5 redirects
5 s.e-planning.net ads.us.e-planning.net
5 pr-bh.ybp.yahoo.com us-u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
5 sync.mathtag.com 5 redirects
5 track.adform.net fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
s1.adform.net
5 central.iprom.net
5 rtb.adxpremium.services cdn.ipromcloud.com
s.adtelligent.com
user-sync.adxpremium.services
ads.us.e-planning.net
ads.pubmatic.com
5 adx.adform.net 1 redirects cdn.ipromcloud.com
s1.adform.net
5 bin.livenetlife.com www.slovenskenovice.si
bin.livenetlife.com
5 www.gstatic.com www.google.com
4 bcp.crwdcntrl.net 3 redirects ssum-sec.casalemedia.com
4 spl.zeotap.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
4 pixel.quantserve.com 4 redirects
4 pm.w55c.net 4 redirects
4 us-u.openx.net fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
us-u.openx.net
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
4 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
4 adservice.google.de securepubads.g.doubleclick.net
4 adservice.google.pl securepubads.g.doubleclick.net
4 prg.smartadserver.com cdn.ipromcloud.com
4 script.dotmetrics.net www.slovenskenovice.si
script.dotmetrics.net
3 image4.pubmatic.com ads.pubmatic.com
3 pixel.onaudience.com 3 redirects
3 bh.contextweb.com 3 redirects
3 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 dsp.adfarm1.adition.com 3 redirects
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
3 eu-u.openx.net us-u.openx.net
3 ads.us.e-planning.net 2 redirects user-sync.adxpremium.services
3 sync.adtelligent.com 1 redirects s.adtelligent.com
3 rtb.openx.net 3 redirects
3 gum.criteo.com 1 redirects static.criteo.net
3 cdn.taboola.com cdn.ipromcloud.com
cdn.taboola.com
3 www.google-analytics.com www.slovenskenovice.si
www.google-analytics.com
2 pool.admedo.com 2 redirects
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 ad.turn.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 ads.betweendigital.com 2 redirects
2 ssum-sec.casalemedia.com ssum.casalemedia.com
sync.quantumdex.io
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 beacon.krxd.net spl.zeotap.com
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 simage4.pubmatic.com ads.pubmatic.com
2 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
2 ad.360yield.com 2 redirects
2 sync.1rx.io 2 redirects
2 rtb-csync.smartadserver.com us-u.openx.net
image6.pubmatic.com
2 dmp.rtbsrv.com 2 redirects
2 ad.doubleclick.net 1 redirects fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
2 um.simpli.fi ads.pubmatic.com
image6.pubmatic.com
2 aud.pubmatic.com ads.pubmatic.com
2 dis.criteo.com image6.pubmatic.com
2 d5p.de17a.com image6.pubmatic.com
2 fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdn.connectad.io cdn.ipromcloud.com
user-sync.adxpremium.services
2 user-sync.adxpremium.services cdn.ipromcloud.com
user-sync.adxpremium.services
2 s2.adxpremium.services cdn.ipromcloud.com
2 static.criteo.net cdn.ipromcloud.com
static.criteo.net
2 code.createjs.com a.ipromcloud.com
s1.adform.net
2 bidder.criteo.com cdn.ipromcloud.com
2 mug.criteo.com
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.taboola.com image6.pubmatic.com
1 ad4m.at image6.pubmatic.com
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 green.erne.co 1 redirects
1 sddan.mgr.consensu.org js.cookieless-data.com
1 onetag-sys.com sync.quantumdex.io
1 ic.tynt.com sync.quantumdex.io
1 js.cookieless-data.com s.e-planning.net
1 d.adroll.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 dmp.v.fwmrm.net spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 sync.go.sonobi.com ads.us.e-planning.net
1 prebid-match.dotomi.com ads.us.e-planning.net
1 a.audrte.com ads.us.e-planning.net
1 tag.navdmp.com ads.us.e-planning.net
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.sitescout.com 1 redirects
1 cm.smadex.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 s.adtelligent.com user-sync.adxpremium.services
1 acdn.adnxs.com cdn.ipromcloud.com
1 526dff8e19425ce178237e40692ba742.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 hb.contentexchange.me www.slovenskenovice.si
1 34b1a43e04de86d119a72ac91d576ebf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fonts.googleapis.com si.contentexchange.me
1 e061cb84236a64447e157dac6ff50d86.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d1be26bb51e36bd074dcb3fb2dcb6748.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tracker_si.contentexchange.me si.contentexchange.me
1 3847535e915d11cfbd378958276f815a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 4126a4335856b675d6eadb810e718850.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fe172631fc8977665e845de572a97e91.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tracker.contentexchange.me cdn.ipromcloud.com
1 d1vbprrijiwq7d.cloudfront.net
1 cdn.core.iprom.si www.slovenskenovice.si
1 adserver.livenetlife.com
1 ssp-nj.webtradehub.com cdn.ipromcloud.com
1 prebid-eu.creativecdn.com cdn.ipromcloud.com
1 i.connectad.io cdn.ipromcloud.com
1 hbopenbid.pubmatic.com cdn.ipromcloud.com
1 ap.lijit.com cdn.ipromcloud.com
1 cdn.jsdelivr.net cdn.ipromcloud.com
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 si.contentexchange.me www.slovenskenovice.si
1 cdn.onthe.io www.slovenskenovice.si
0 beacon.lynx.cognitivlabs.com Failed ssum-sec.casalemedia.com
0 tags.crwdcntrl.net Failed s.e-planning.net
0 p.rfihub.com Failed ssum.casalemedia.com
0 dsum.casalemedia.com Failed ssum.casalemedia.com
0 token.rubiconproject.com Failed eus.rubiconproject.com
0 idsync.frontend.weborama.fr Failed spl.zeotap.com
0 loadeu.exelator.com Failed spl.zeotap.com
607 169
Subject Issuer Validity Valid
services.delo.si
R3		 2021-03-13 -
2021-06-11		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.dotmetrics.net
Amazon		 2020-11-23 -
2021-12-22		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2020-04-07 -
2021-06-06		 a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2020-05-22 -
2021-06-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-06 -
2021-08-06		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
bin.livenetlife.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-14 -
2022-02-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.iprom.net
R3		 2021-01-15 -
2021-04-15		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2020-06-16 -
2021-06-16		 a year crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018		 2019-01-11 -
2021-04-11		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
engine4.livenetlife.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-01 -
2021-12-02		 a year crt.sh
adserver.livenetlife.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-18 -
2021-08-18		 a year crt.sh
cdn.core.iprom.si
R3		 2021-01-28 -
2021-04-28		 3 months crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google.pl
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
webtradehub.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
s.adtelligent.com
R3		 2021-02-06 -
2021-05-07		 3 months crt.sh
sync.adtelligent.com
R3		 2021-02-05 -
2021-05-06		 3 months crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
ads.us.e-planning.net
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.e-planning.net
R3		 2021-01-15 -
2021-04-15		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL RSA CA 2018		 2019-03-07 -
2021-04-05		 2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-05 -
2022-01-18		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
js.cookieless-data.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
onetag-sys.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
sddan.mgr.consensu.org
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh

This page contains 72 frames:

Primary Page: https://www.slovenskenovice.si/
Frame ID: 541678342319297803BE01AFBAEE306E
Requests: 243 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&co=aHR0cHM6Ly93d3cuc2xvdmVuc2tlbm92aWNlLnNpOjQ0Mw..&hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=hkjfm783n070
Frame ID: 8B8B74619CE7CE94C8D3B56FD0B069C0
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&cb=i1arjmbxlj6m
Frame ID: 573CD796C28294E9777E4AF5C62AA43D
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5E9AFC860CAA1C6958F8FA3023E8FCFF
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7202009DF2DFD162F76DBEACCD034705
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: AB8244DDA04479005CC06CE674A6AD31
Requests: 11 HTTP requests in this frame

Frame: https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI
Frame ID: E979B972B206FAE7098AF1A9EDE414D1
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHWpYOgSwGUZJsvgkcdRIvYqSbhPAlsNFdRd84n49lT5L6NZacqKIwSKqpMncqZ753bYtfPooCocaQXuLacALQp4xBmjY1WJxKmLz3e36N4Pxa8PI-BH4ovqbHvObhkTEfRUOK5nJIeIiJNIAGcfT6mqw2iWy3C-mcm6f206Fbr3h-s0k-daJtFaFOqeD65cPRp3mKybIkzRekFFhU0pqS23sb_4kz2hvWI8SBJu8-u0qIJXBT-f9SUb7JZI3gNx8ejVGr4ppArqA0QiwVuOggAGAQ11vNb1lYwStK-D7jaNiLY59WXWgIMPXMDzdv3bQVEFA8pDSfoTQgyg&sai=AMfl-YREzzcqtyf3eqa9cdeFOGPZdrYPv1vTEGB74cf0EDg0KiKLl_DETiYmqzNbRW4mtIURkZA5jeh1W0_sJkEZ2nFLvl-ze4vk-_Dgq-266TM3EuODRa5dFmNvvY5riE7I&sig=Cg0ArKJSzJS4XBSJcedaEAE&urlfix=1&adurl=
Frame ID: 714D6E88C0534F93EFF4B53581230146
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4NZ62oiXVw7feRwenFgaAzvjj50ZqCDTUC8bPU4fUP8m5zmzL9t8xslIXsEXCvzhKFxI7h3GQ9qhYuSLmFDn36VYr-yXFPkgMs62dARP49aQhRkxxaoqQ9Fznq6Zh1uUz7RqiOSaFhhFEp-OeinuCbIIM3o6Z8FLM1CGVUttzO8jPsiVN1gc8SfZdTDIQf5wQW8c-pxPAUaQQfScSsp9K_OAi1Jj-jaAWkKJv3CELGxvRTwB7zJmctSYbPbixZRTaxCI4RPXM75EyTOvv-lSkeuaMIEgcYG32bZE9aTvlhiqCDXvfOKIdgv3_k9a-jbkr7NBYrLtsTsb-&sai=AMfl-YR-1zFxxg6GRClHnMzW_o_33Y00xdT-3p9CKrm-LzO6yWPvm0-EJU8OuIqft7yKNEZPvFJvlr_xEiXq7vsry8ppEWcXpxH2i443FBmgMC80o5KNpN5XJ5VPY65tbfw&sig=Cg0ArKJSzEf2rd1So5mIEAE&urlfix=1&adurl=
Frame ID: 640E1F2118891E454342432A41C56EED
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxRvPZCYbSrsh4Z1b5ToYKwhlQvDQXLHCUAFNTD1aIH4UFoLIaB_s4AkfU9kqn9JHon6syov0Q9oyD7_KV4gukPFl_6SFVb2X2iHalTb75IBGe-q1PEB0ffxiDenrdd09weTov9RBJGCJHCqh7blCDm33dZw6c25X5Ch2-CfRGnqpCTuJK6xd2vK5HPwYps5BNhbn9quE05cNfEVxJtRlymCvA1vGeEZb0MU70p69fSp52LKUmcX3jU2XezuzkbJ57wGXQJpL0KeQkCl4osZExuDKGR8gajt2FnvUfEaet3N-2Zoq-tjivwIgqEjJozcqvrrRxQYBvBHzJuA&sai=AMfl-YS77aUWps5ztZGDRh35eZHw_LH7ofQlshG0JOaUg2uMkUfsAZDFvlbuIlF6vrXiXiCMpPiQKCUuEKEjsp0_ujfE-FXsQQIXFSM1_Vw4585fnvpM4JYpQ2OPyBT9Gzlj&sig=Cg0ArKJSzO4hSXO9XsVbEAE&urlfix=1&adurl=
Frame ID: E3F963530C377A88BA7C4B04CC9CB42A
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3A5B997C0DD1D8F596E7CBBF234CEDA3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 8101640D6142FA853C45F7F468782A98
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ipromcloud.com/custom/resources/click.png
Frame ID: B6068F8304346D5B7022850A7D53EFF6
Requests: 3 HTTP requests in this frame

Frame: https://a.ipromcloud.com/2020/113157/307ba1d7591444443149beac3b11b8ac_480.jpg
Frame ID: B3D748241FF8AFBCA82E70B01DAF58BC
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstU-hDEXnrH9AS7PjpmHy0ffesPwIYnNDr0PQGOErNh9C5Ei4Avh4Q_IwUaeU1-KOwlRJTE4CSu2nNwrqIdlDZqqgxRhB9idWvsHpqKxnfRMS8hkbWxFSQ1J_7w5oYoQbtbQrtWXYknDrziuyyR9iBcRqA0FgC8xDqUGnwnJ78fgbO6C9HXM2hwnPfmITW2sXhBGqGJC_SHVTMRwe5KzDh65G9z1ifRhDR6k7iReWcaU9zdd_jVBW7D5f-gBuzs_d6qfNT6WxP9oNIKF_py91z9HMfkR-nqY4TCaBTW0jHe5mLMx7g_pRlIaueuV2SrljSFMqQNT8BcHcjr9w&sig=Cg0ArKJSzMY9VWgxfdCPEAE&urlfix=1&adurl=
Frame ID: E2A48CAED68C0EE3B183A8A98FD8571C
Requests: 3 HTTP requests in this frame

Frame: https://hb.contentexchange.me/nativehb?domain=www.slovenskenovice.si
Frame ID: 381CFB5EA0EE175EE846AE9DF5907F30
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 2415EB83022DAEA889D38222E9318922
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5Fa4FUf-kpqTgX3Xu37vhE6kUEu_i-7MxleHx7e3eg3sTjY7P3tetiR5LTqkZGDFWi8b7obFTIq_9Diyhk9i2bhPdm54dQzxlOJCY1KGHdUHpsYuGQf7n1NxcqQzAMao21qcjzOqRhm9WMFG4uvaODWUCqeKVIo7AXUlc6afx7I8x0-hNcEPYiN-74zsucadQe8f_DDFTeAwpyGIrrsB-7i5fIC8kpMG-hzkW1_lptnS-SGV_Ge84jXGfsmqJT0_afXDx0dCKH0fWonPUq-eZwAFAGAtV3HBwm2cyDADJHFLkzG7oFuSw1nG9xpJgF3a2oDFTVCgSw5Xj&sig=Cg0ArKJSzJ8jt4m9B-4kEAE&urlfix=1&adurl=
Frame ID: A50888459D5065FDDCED7CA0965B24F9
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSOvBzRbGSif_0qCPHkTEXmCT1c_D_bNDCIYNENua-HSbIri16LE5nFXxA5uoXmEICneBDj8Jq7IC88fhxnG8lTRnvoIdIAxl3TXz7HNCS9lBqEloP66F6G1NM_W73jF-XrJVR7-CSk89om8wztIfrxpZF4-KCLAyZY7H4G-CeK6iizjTsI6ZJkuhPBPrqBAV4VUSCeWIGZzbL5q0VOEqiWh_QqT8xr2cNHxxWW0ILgJOedRXVn-JqhyEkWbxARFPPL9SQ_9mU_RUiM8XETJ5d91jr8NwMV1wEiGlvnHjkkks03kQaKx_j-tNdvjWzFanOVAky_19JGNqb2Q&sig=Cg0ArKJSzMKMdK_hDd8_EAE&urlfix=1&adurl=
Frame ID: 82BB165097CB5D13F9D3AE73E5D3219B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 0337DA88EAF8AD0B762B488BACF8822D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 4A2627808896DD04EB26DD550A628834
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.slovenskenovice.si
Frame ID: 4BE0482CC290B8160EB3A5F17EF07379
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 30321F7BD073466CD81F2DB30E8EC9C9
Requests: 2 HTTP requests in this frame

Frame: https://a.ipromcloud.com/script/fallback.js
Frame ID: 9BC1660314D5986A1205DAE47DA13AC1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 380E77DC0FF7106139993BA5BB1D7635
Requests: 11 HTTP requests in this frame

Frame: https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331
Frame ID: 5218D1C3D01D9E04FEBE3B71C72235AA
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY2tvCuu8Jl9GQKnVe1MjF2VU6GvNiFmbw3JjSO9H5uoDl0jETxIufjo5ZYsIl1hypaaverUpbT5X8wCnUBmWWqROkAlQmwmq5GRFpkGO9r1L0oxkfmZ1iI06uWNIIQxxgpn3PQL1q3Cs6cmYZt-c6tP7TEWB_qgm62Xq6baczKKPfnaj8rUQri30pdLif8SmomhvuXL1XbxDymXZm8tdgdajfbnUBYZqxZL6x-jFOcbIQSY-sbgA2Q4DrAuvmmEf1XUabvNoNw1sj3VkRW9DiOY8L5cZJH-R8WNTy8mnws5I7KdgkiPAzwh6ktgIYiBN2JipVj6RSEQjvOw&sig=Cg0ArKJSzE1k5wmTs-CXEAE&urlfix=1&adurl=
Frame ID: 1C77398D6729807DED35A954D9B0A7F4
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C68393F423A99FAEB332BA74D07CF5D5
Requests: 3 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: E0A401C20B7A3EF30C0CB8477EF4BA42
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 06EFB90AE4F3A99D18773B9C30DF22D2
Requests: 15 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: A0BAFB37A634FC9A3B857705A5184D81
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DCC01FF220C6C200CCCF96E8DDCB9BC5
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: 3B13E04D8AAA44B671D7C26E5825F626
Requests: 4 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 52DCD02C1C172D4E6265E46DDF09E021
Requests: 1 HTTP requests in this frame

Frame: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: D733D94308F9562C59EF3B614A2232CE
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: A9562E29682BE9E85EB2EF649D53E6EC
Requests: 2 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: EFDA41D4E6FA1997947E157831F0A577
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 12371A4DA6E6732DAAD78B5427F38AB9
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Frame ID: AFA6F07CBE997936415317CD8C28E56B
Requests: 11 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2077934/9223123/9223123.js?ADFassetID=9223123&bv=258
Frame ID: 7667459A421866B19F22A16EA5844011
Requests: 6 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: BA0AE3D53E3A025A4B5FEB4699BA2CB9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 201AA7F20E804781523BA6BC0194BBC2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 785F91BE51639F486FDB136598069125
Requests: 14 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: 312B266C991AE6A0124C1D1A655AABC4
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 894EE48C41E6F1EDC1CF56E004F2BED9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De533928420f05e88%26uid%3D
Frame ID: A133801E06DFDCEFB3D19275C8D77C9A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5A67C53FA9E8100E1AB44A397BAFECCD
Requests: 25 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Frame ID: 77B16D7A79B031F9A5A6B106A17A75E0
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&cmp=0
Frame ID: 180D56029DF8BC909201E12B457DBE08
Requests: 31 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: B8B4F5EE48285138673A94511177B77C
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: D1081FD67747155B1AA8ECD54612A185
Requests: 6 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AMjaCvTgBC9Nqdoj
Frame ID: 8056327DEED3031BAB5A6F3D98AE03C6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: C69BBBCED4C4616D1F37FA7D74C5A6A1
Requests: 10 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 740E1BBFEFB8DCD2519DECF2607C1CB7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 3E7FAED3D505BC7E4CEA9F928DCC071C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C
Frame ID: 1197B6313FDD0F443556184797B2AA97
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABlQU7ArC4AABF5bJoaug
Frame ID: FA0CEF7D4B41E3D4388EAB6DC7892D74
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353401890963
Frame ID: 208EC46DBE0E039B0CE1E9EE5A956C6F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C
Frame ID: 1A2383A551676EC970712310EFEA90FF
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: D78BC454D4F7FFFCDD5908D711D09D2E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0C9CF81E46F8DA7E095C808B3CC71F2E
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir
Frame ID: 2909A3FCD072DC64D782CD7249FC8E2D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353411524755
Frame ID: F201E729B76FD3671BCAAFAD23D97063
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ClgvDQP9e5F5jvDYD8bcWgOr
Frame ID: 11ABA75AB4D5EBFD3F4C7502E41C6E1C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 14375B83A5A8B4F0A1BC7A4550FA4177
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5D61BF1F84467C3850C5A88AD6BDAC13
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FcANgonFaqN6&pid=557219
Frame ID: 16EAEB8B02DFC9CD087C2B4CB9E61C76
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: A1DB3C6E89470F3A4E01F80A1B39433F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ea81de4e-0a0a-46f9-9e08-65a1c19e2fdd-tuct74f9cad&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 6DE45AE832F6696F7BFB864A8491DB0B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 3370EABF0EF0A1C66D834F71B4173F6E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UAgoKqpI1LnDHf5&gdpr=0&gdpr_consent=
Frame ID: 3D33EBE5F01D1ED106A1A2DB381E228A
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=e533928420f05e88&uid=984868AC-385D-41A3-A06C-A07431D2124B
Frame ID: F96E6FC345C8619ED606D7A3C5D3F268
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

607
Requests

99 %
HTTPS

27 %
IPv6

101
Domains

169
Subdomains

95
IPs

14
Countries

7775 kB
Transfer

17809 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.slovenskenovice.si%2F&domain=www.slovenskenovice.si&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Cn55HnxxNXVrWmpOQlc2SmlIaVJGYXpxcjhGMlVxSlM5eUZCWm4wRXhiWWlBTS8wcTBIOEJjYkNxeWxVTnlEVVFkV0FxZVplUUVOMFRjSnkrRXU0cTU5SXRselBvZTk4NkR6cXpLYmVoTUgxdlV1ZzhQdWU3ZWR1dTFKcUljNlFKVjBvNHRmbFhLUWg2NjRPZFROSkV3LzdieXFoMEVXMXQxbDZnNWZjNkdxNzNERXJzUHZaNGJnNmpoRzIxY2F2L0dic1dlUVpFT3BoZXprRXpxdkNTYXo2NzBvNHhEN1F0ME9FVm44WUJxYWQrWjBvPXw&cppv=2
Request Chain 121
  • https://adx.adform.net/adx/?mid=116897 HTTP 302
  • https://adx.adform.net/adx/?CC=1&mid=116897
Request Chain 399
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 410
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6a9ef610-faef-44ee-9727-6a529ba83978
Request Chain 411
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2843067914202549357
Request Chain 412
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=d9f2faffbdb02c46
Request Chain 424
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MK0CcYRRdWBhd9bX7umDA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 426
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 427
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&addseg=21
Request Chain 428
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUNDMkI0MDktQzYxMS00NUQ1LTgxODUtREY1QjVGQkJBNjBD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDrWAb2pKQ4eCBJ5xs8mxn8&google_cver=1
Request Chain 431
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=920e402c-c30f-44de-a326-4d757e2435a5
Request Chain 432
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7213171251011680079
Request Chain 433
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c3636056-1729-4e00-af2e-d0fac6aa9162&gdpr=0&gdpr_consent=
Request Chain 434
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2843067914202549357&gdpr=0&gdpr_consent=
Request Chain 435
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b4cb0d90-65fd-448e-956c-aab8c440e71e&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d81b75a6-9147-4c20-91b2-cb3d99514257&bsw_param=b4cb0d90-65fd-448e-956c-aab8c440e71e&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b4cb0d90-65fd-448e-956c-aab8c440e71e&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 440
  • https://ad.doubleclick.net/ddm/trackimp/N1426392.3421449OMNICONSOLE/B25163995.293635391;dc_trk_aid=486903751;dc_trk_cid=144336572;ord=42281;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1426392.3421449OMNICONSOLE/B25163995.293635391;dc_pre=CJ_2g5eav-8CFcEWiwod6WcD3w;dc_trk_aid=486903751;dc_trk_cid=144336572;ord=42281;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=
Request Chain 456
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D HTTP 302
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=TDXHJAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcReATy HTTP 302
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=2843067914202549357&mpk=TDXHJAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcReATy HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=2843067914202549357
Request Chain 457
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Request Chain 459
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qpLWjYjR1LnDHc5
Request Chain 460
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=b4cb0d90-65fd-448e-956c-aab8c440e71e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=a1ea3b7f-bd8d-4485-888c-171b3bbafc58&expires=10&ssp=openx&bsw_param=b4cb0d90-65fd-448e-956c-aab8c440e71e HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b4cb0d90-65fd-448e-956c-aab8c440e71e
Request Chain 461
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDa2xVN0FyQzRBQUJHNXEtSWRiQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACklU7ArC4AABG5q-IdbA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir
Request Chain 462
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c3636056-1729-4e00-af2e-d0fac6aa9162
Request Chain 463
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=CqtFAw2sQgwR-UkNXqxdAl2iEVAR-UBWCalaBjNh
Request Chain 464
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7213171251011680079
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9SDR-cIjFTW2XLcHroIpI&google_cver=1
Request Chain 468
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3De533928420f05e88 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=e533928420f05e88
Request Chain 469
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2356433572 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c3eb79ee-5b99-436c-a8f4-02447e7a2eec HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d59fb517-c06b-48b3-ada6-56bd038bd4c5-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d59fb517-c06b-48b3-ada6-56bd038bd4c5-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-d59fb517-c06b-48b3-ada6-56bd038bd4c5-003&dc=1079cc634ca638f8&iss=1
Request Chain 473
  • https://ad.360yield.com/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3De533928420f05e88%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3De533928420f05e88%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=e533928420f05e88&uid=99131853-d3f7-4ed4-bf14-7b93f88b3bac
Request Chain 474
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3De533928420f05e88%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e533928420f05e88&uid=6a9ef610-faef-44ee-9727-6a529ba83978
Request Chain 478
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3De533928420f05e88 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 479
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De533928420f05e88%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=e533928420f05e88&uid=2843067914202549357
Request Chain 481
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-tm6pV_lE2uEEfruQDVmw04g0ZeId8xB8OLUhTCw-~A
Request Chain 482
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3De533928420f05e88%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=e533928420f05e88&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
Request Chain 484
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 488
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Request Chain 491
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMX81p9p9FuOTw9VHVp1iN8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Request Chain 492
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=73107123-8992-11eb-b02c-769fd3df2705&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Request Chain 494
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=920e402c-c30f-44de-a326-4d757e2435a5&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Request Chain 498
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b8903535-f99c-4ef4-81db-3ef15f5bee4f&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 499
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=708b4473-4523-42ed-4b67-7ad913749a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=708b4473-4523-42ed-4b67-7ad913749a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=07559488528607013161103483173107377997&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Request Chain 501
  • https://bn01.er.bemail.it/zeotap.php?_bid=708b4473-4523-42ed-4b67-7ad913749a4b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021032016-27755-0.180978001616254765-0ea6af8314a5983ddde20aa6afd660a9&zdid=533&env=mWeb
Request Chain 502
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6941761353411524755&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Request Chain 503
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=708b4473-4523-42ed-4b67-7ad913749a4b HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=708b4473-4523-42ed-4b67-7ad913749a4b
Request Chain 506
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=708b4473-4523-42ed-4b67-7ad913749a4b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=708b4473-4523-42ed-4b67-7ad913749a4b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=b6defa5647cf427dde65de3d8d3f30de&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Request Chain 507
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-hwz11.FE2opfguC5A40lm5QVz8UQPUzUHw--~A&zpartnerid=570&env=mWeb
Request Chain 508
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=VrbOaIEaYN4zRAtZaqxfPTwkWqAkGUDa%2BS41iYitP1U%3D
Request Chain 512
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361&_test=YFYXLAAAAIfZCSrK HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YFYXLAAAAIfZCSrK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&_test=YFYXLAAAAIfZCSrK
Request Chain 513
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=fadf6056-172d-4100-bd1a-351e47123987&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Request Chain 514
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Request Chain 515
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=708b4473-4523-42ed-4b67-7ad913749a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=708b4473-4523-42ed-4b67-7ad913749a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&dcc=t
Request Chain 516
  • https://tags.bluekai.com/site/87734?id=708b4473-4523-42ed-4b67-7ad913749a4b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 522
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB&dcc=t
Request Chain 523
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFYXK68MMJwlPOsTzdL4YQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGTKcy5qi0yLTtYzf_XMn3U&google_cver=1
Request Chain 524
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGae7qqlZIbGes8DQUwWby4&google_cver=1
Request Chain 525
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 526
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616341163&gdpr=1
Request Chain 527
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6695411661888153133&uid=Q6695411661888153133&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 533
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AMjaCvTgBC9Nqdoj
Request Chain 535
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2843067914202549357
Request Chain 536
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9ed3b79d-970f-514f-ae43-5240ce15456c
Request Chain 537
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2843067914202549357
Request Chain 538
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-tm6pV_lE2uEEfruQDVmw04g0ZeId8xB8OLUhTCw-~A
Request Chain 545
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
Request Chain 546
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3636056-1729-4e00-af2e-d0fac6aa9162&gdpr=1&gdpr_consent=
Request Chain 548
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Zj291GE6utt9b7HaMjql1TE06Yd9b7iBZT-xgVf3
Request Chain 549
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YFYXK68MMJwlPOsTzdL4YQAA%261172 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YFYXK68MMJwlPOsTzdL4YQAA%261172
Request Chain 558
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACklU7ArC4AABG5q-IdbA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACklU7ArC4AABG5q-IdbA&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABlQU7ArC4AABF5bJoaug
Request Chain 559
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353401890963
Request Chain 561
  • https://pixel.onaudience.com/?partner=214&mapped=ECC2B409-C611-45D5-8185-DF5B5FBBA60C HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b6defa5647cf427dde65de3d8d3f30de HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=c3eb79ee-5b99-436c-a8f4-02447e7a2eec&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=18a9079d64d1bb81 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ddc97a7c-1159-417e-6b6e-81218528d67c&reqId=4694fcca-934d-413f-4d90-2b8a703bbb75&zcluid=18a9079d64d1bb81&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ddc97a7c-1159-417e-6b6e-81218528d67c&reqId=4694fcca-934d-413f-4d90-2b8a703bbb75&zcluid=18a9079d64d1bb81&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELLWsnYvl9fK5wK0Ta92xq0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ddc97a7c-1159-417e-6b6e-81218528d67c&reqId=4694fcca-934d-413f-4d90-2b8a703bbb75&zcluid=18a9079d64d1bb81&zdid=1332
Request Chain 562
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c3636056-1729-4e00-af2e-d0fac6aa9162
Request Chain 564
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nJF6uGdE2uURovzLiQXAazqgqSl5LTM-~A&gdpr=0&gdpr_consent=
Request Chain 565
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nsU1UJnCMl-FlzleysItUcnMYQOFlzAFncc6KN0x
Request Chain 566
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YFYXLAAAAJ-kgjoG HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFYXLAAAAJ-kgjoG&gdpr=0&gdpr_consent=&_test=YFYXLAAAAJ-kgjoG
Request Chain 567
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3080670461861644091&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 568
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:25481367-bbfd-4932-ba5d-a3a316183164&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 569
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 573
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMVR6zn8sN603Iv2jDyWY04&google_cver=1
Request Chain 575
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=28521972-698f-4126-a9d1-f4ca5e95dbf1
Request Chain 578
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5184534216915365347
Request Chain 579
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8a616056-172d-4400-9a08-50d289ac9b4a&gdpr=0&gdpr_consent=
Request Chain 580
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8835092150836305382&gdpr=0&gdpr_consent=
Request Chain 581
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo
Request Chain 582
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbFFVN0FyQzRBQUJGNWJKb2F1Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABlQU7ArC4AABF5bJoaug&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABlQU7ArC4AABF5bJoaug&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir
Request Chain 583
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353411524755
Request Chain 584
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f5fa5cb6-3f8d-4a6d-bead-3b0cc99475bb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 585
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 586
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ClgvDQP9e5F5jvDYD8bcWgOr
Request Chain 588
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 589
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FcANgonFaqN6&pid=557219
Request Chain 591
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ea81de4e-0a0a-46f9-9e08-65a1c19e2fdd-tuct74f9cad&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 592
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 593
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UAgoKqpI1LnDHf5&gdpr=0&gdpr_consent=
Request Chain 595
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mEhorDhdQaOgbKB0MdISSw%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mEhorDhdQaOgbKB0MdISSw%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 597
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=984868AC-385D-41A3-A06C-A07431D2124B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=984868AC-385D-41A3-A06C-A07431D2124B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 598
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=984868AC-385D-41A3-A06C-A07431D2124B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=984868AC-385D-41A3-A06C-A07431D2124B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=984868AC-385D-41A3-A06C-A07431D2124B&addseg=21
Request Chain 599
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTg0ODY4QUMtMzg1RC00MUEzLUEwNkMtQTA3NDMxRDIxMjRC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 600
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=af0b2d81-fa23-42b5-a001-b70477845da4&user_group=1&ssp=pubmatic&bsw_param=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 602
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=984868AC-385D-41A3-A06C-A07431D2124B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=984868AC-385D-41A3-A06C-A07431D2124B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Jt4rEmBE2uXMMgVEtDgTAFvlNi6eGk0-~A&gdpr=0&gdpr_consent=
Request Chain 603
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFYXLAAAAJ-kgjoG&gdpr=0&gdpr_consent=
Request Chain 604
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3154976557178373947&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 606
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5031862600181567872
Request Chain 607
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_301a5954-c676-43fb-aac9-a64b96727046

607 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.slovenskenovice.si/ 		902 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
742218418825c467e8e4e0170169db13bb6fbfb17767569859cdef2fb4ec8206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
www.slovenskenovice.si
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:48 GMT
Content-Type
text/html; charset=utf-8
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
DENY
X-Backend-Server
sn-app0
Content-Encoding
gzip
Vary
Cookie, Accept-Encoding
X-Varnish
827520506 833736864
Age
85
Via
1.1 varnish-v4
grace
none
X-DELO-Cache
varnish4a-HIT
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Server
nginx via Varnish
Service-Worker-Allowed
/
Accept-Ranges
bytes
Transfer-Encoding
chunked
Connection
keep-alive
app.28e4c60c7277.js
www.slovenskenovice.si/static/sn_ads/js/ 		994 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn_ads/js/app.28e4c60c7277.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
8db7da9fc42780bb6c7617c9388e729793aa7da49a74d54eec76d7bd48bb2f34

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:07 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
6
grace
none
Last-Modified
Fri, 12 Feb 2021 13:15:52 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
513
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60267f88-3e2"
Vary
Accept-Encoding
X-Varnish
834386114 830989343
Via
1.1 varnish-v4
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
api.js
www.google.com/recaptcha/ 		850 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=sl
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6320b5ce544cd96a8893b0904e16d1d12e9b885c3dbfc1a37003a3775e58a7aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sat, 20 Mar 2021 15:39:14 GMT
cookie_monger.js
services.delo.si/cookie/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.delo.si/cookie/cookie_monger.js?rev=15
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
db72f9f8bcbcd02a044d9fbe7c7ca19bf533e377b15437786b8094f3316da31d

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:14 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
0
grace
none
Last-Modified
Wed, 06 Jan 2021 14:51:15 GMT
Connection
keep-alive
Content-Length
936
X-DELO-Cache
varnish4a-MISS
Server
Apache via Varnish
ETag
"9db-5b83c747867ff-gzip"
Vary
Accept-Encoding
X-Varnish
827520518
Via
1.1 varnish-v4
Accept-Ranges
bytes
Content-Type
application/javascript
X-Time
D=319 microseconds
jwtc.js
www.slovenskenovice.si/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/jwtc.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
95ac7683dc2b8c5626ada4b325c1ccbdcf1f486f665b06f08473fdbac5ea5e41

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:50 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
83
grace
none
P3P
CP=Potato
Last-Modified
Mon, 04 Mar 2019 12:54:44 GMT
Connection
keep-alive
Content-Length
1425
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
ETag
"fb3-5834442c5754e-gzip"
Vary
Accept-Encoding
X-Varnish
834386115 832336942
Via
1.1 varnish-v4
Accept-Ranges
bytes
Content-Type
application/javascript
X-Time
D=307 microseconds
style.5e48f48848da.css
www.slovenskenovice.si/static/sn/css/ 		392 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
ee0c09fc616d6c86b4e21d2bc10127f02e508c1ca02ab4febb64c34f6e0c51fc

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:12 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
2
grace
none
Last-Modified
Thu, 18 Mar 2021 09:27:18 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
57436
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60531cf6-61ff2"
Vary
Accept-Encoding
X-Varnish
833025413 834552662
Via
1.1 varnish-v4
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Type
text/css
door.js
script.dotmetrics.net/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.dotmetrics.net/door.js?id=2763
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
513be1f74cfb3fd061a1b0e3655617c4718298b16e4dca9983cd9eabfeb31c48

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
FRA56-C1
etag
"2763...176.2021032015"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control
private
content-type
application/javascript
x-amz-cf-id
Cvqja3NLNOMRSpd7zO-QgKCDFXtp3LG5u8-seHMGbcn1SM31tr2fwA==
recaptcha__sl.js
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ 		333 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__sl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=sl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b6534892fcdfa6dd275dd8600e81e7a2cb82d8eee3b9842b73be4e001b0b91c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 16:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430145
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133769
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Mar 2022 16:10:09 GMT
promo.523908dfcbb2.png
www.slovenskenovice.si/static/delo/images/article_icons/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/static/delo/images/article_icons/promo.523908dfcbb2.png
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
1afb64f9b606241d97bc8d996beaf49650d9dabb936493d4bdc555d01ca83b58

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:32 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
101
grace
none
Last-Modified
Tue, 14 Jul 2020 09:24:16 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
12434
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5f0d79c0-318d"
Vary
Accept-Encoding
X-Varnish
833737866 836112704
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
image/png
camera.d78b5f6983d5.png
www.slovenskenovice.si/static/delo/images/article_icons/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/static/delo/images/article_icons/camera.d78b5f6983d5.png
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
d0a7a7e70dc6920d0bc596b6fc4038418ddc4c46f9cc234ba4b5486eb4365963

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:52 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
22
grace
none
Last-Modified
Tue, 14 Jul 2020 09:24:16 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
9230
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5f0d79c0-254e"
Vary
Accept-Encoding
X-Varnish
833058977 833406060
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
image/png
W_logo30_2.41dab42207c4.svg
www.slovenskenovice.si/static/sn/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/static/sn/images/W_logo30_2.41dab42207c4.svg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
bd8772f76149e69b93d328a33ae387f5e17c2110cfe320f88b78ee6cc2a36d50

Request headers

Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:17 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
117
grace
none
Last-Modified
Tue, 05 Jan 2021 11:16:47 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
2831
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5ff44a9f-1eb1"
Vary
Accept-Encoding
X-Varnish
834781452 832528553
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
image/svg+xml
Roboto-Regular.11eabca22513.ttf
www.slovenskenovice.si/static/sn/fonts/roboto/ 		167 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/fonts/roboto/Roboto-Regular.11eabca22513.ttf
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:44 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
90
grace
none
Last-Modified
Tue, 29 Dec 2020 15:51:39 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
89693
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5feb508b-29d08"
Vary
Accept-Encoding
X-Varnish
833737867 836506584
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
application/octet-stream
icomoon.2032c7222cb0.ttf
www.slovenskenovice.si/static/sn/fonts/icomoon/fonts/ 		109 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/fonts/icomoon/fonts/icomoon.2032c7222cb0.ttf?wuj2o4
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
7390a77512e1f754109ed4c5b9fdbde5ce75995715b6591d76bcdfa5d8dabb6b

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:12 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
62
grace
none
Last-Modified
Fri, 06 Nov 2020 13:25:43 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
53793
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fa54ed7-1b514"
Vary
Accept-Encoding
X-Varnish
833058978 834685855
Via
1.1 varnish-v4
Accept-Ranges
bytes
Content-Type
application/octet-stream
Mulish-Black.792ce4b85b6f.ttf
www.slovenskenovice.si/static/sn/fonts/mulish/ 		87 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/fonts/mulish/Mulish-Black.792ce4b85b6f.ttf
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
60dc4ef4a64c54e79d365d8ba3001630cc6e4519a162f7629dd00c44e4eaa10d

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:18 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
56
grace
none
Last-Modified
Tue, 03 Nov 2020 14:30:33 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
42446
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fa16989-15cc4"
Vary
Accept-Encoding
X-Varnish
834781453 835297638
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
application/octet-stream
Mulish-Regular.e128ac44faa8.ttf
www.slovenskenovice.si/static/sn/fonts/mulish/ 		87 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/fonts/mulish/Mulish-Regular.e128ac44faa8.ttf
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
eb364c7f2d591189ec69cd14387bc8b3419bf5bf467bba354151ec26d014e857

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:51 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
83
grace
none
Last-Modified
Tue, 29 Dec 2020 15:51:39 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
42281
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5feb508b-15c9c"
Vary
Accept-Encoding
X-Varnish
833058979 834848805
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
application/octet-stream
fa-solid-900.8e1ed89b6ccb.woff2
www.slovenskenovice.si/static/sn/fonts/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/fonts/fontawesome/webfonts/fa-solid-900.8e1ed89b6ccb.woff2
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:29 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
45
grace
none
Last-Modified
Tue, 29 Dec 2020 15:51:39 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
80286
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5feb508b-139ac"
Vary
Accept-Encoding
X-Varnish
836440765 833218832
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
application/octet-stream
photo.29209f0d5116.svg
www.slovenskenovice.si/static/sn/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/static/sn/images/photo.29209f0d5116.svg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
2744e7c4ced5817da5864da609f9cc06741de869dabbfefd7735623607d4cb40

Request headers

Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:57 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
17
grace
none
Last-Modified
Mon, 18 Jan 2021 10:56:34 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
1555
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60056962-d5f"
Vary
Accept-Encoding
X-Varnish
833447143 833507070
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
image/svg+xml
904887.0550b3e4.fill-965x543.jpg
www.slovenskenovice.si/media/images/20210320/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904887.0550b3e4.fill-965x543.jpg?rev=0
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
1eecc69e4faa700fdf450c642ca47fb79d989655f4f93d0c0128c6980e1e46b0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:16 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
118
grace
none
Last-Modified
Sat, 20 Mar 2021 13:42:03 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
68220
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055fbab-10add"
Vary
Accept-Encoding
X-Varnish
836051643 832101930
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904888.7f80302f.fill-240x135.jpg
www.slovenskenovice.si/media/images/20210320/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904888.7f80302f.fill-240x135.jpg?rev=0
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
4fa5411a523f5eb12165125cce26da45b14f0ab06bf216180623a2e7834268f2

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:26 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
108
grace
none
Last-Modified
Sat, 20 Mar 2021 14:09:23 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
6819
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60560213-1b0f"
Vary
Accept-Encoding
X-Varnish
833282049 831650320
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904884.ada5af4a.fill-240x135.jpg
www.slovenskenovice.si/media/images/20210320/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904884.ada5af4a.fill-240x135.jpg?rev=0
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
a4c79f45d87616162a05d4d9210502ea4578e8b6a28192731ea4311e30e26bae

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:17 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
57
grace
none
Last-Modified
Sat, 20 Mar 2021 13:08:28 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
8599
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055f3cc-220f"
Vary
Accept-Encoding
X-Varnish
833247016 833676598
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904003.4b5be46a.fill-240x135.jpg
www.slovenskenovice.si/media/images/20210320/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904003.4b5be46a.fill-240x135.jpg?rev=0
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
37b0a4f88153f498d2f5359218fb0ac78c43f34f1dbd0528933c9044266e15bf

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:54 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
20
grace
none
Last-Modified
Sat, 20 Mar 2021 12:22:17 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
10624
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055e8f9-29e0"
Vary
Accept-Encoding
X-Varnish
835630379 832269675
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904510.1e813868.fill-240x135.jpg
www.slovenskenovice.si/media/images/20210320/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904510.1e813868.fill-240x135.jpg?rev=0
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
867ce2c7c6507b0f0df8a3c3854179e7fa7e1719b9dc9bb546af56680ba92b82

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:18 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
56
grace
none
Last-Modified
Sat, 20 Mar 2021 08:14:26 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
8802
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055aee2-22c0"
Vary
Accept-Encoding
X-Varnish
836407069 833089410
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904852.2e16d0ba.fill-240x135.jpg
www.slovenskenovice.si/media/images/20210320/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904852.2e16d0ba.fill-240x135.jpg?rev=1
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
fe344300cddaecf1bc0da6bac520501dc510d8ebdc1264fd167617c3500cd339

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:26 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
108
grace
none
Last-Modified
Sat, 20 Mar 2021 08:52:11 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
7829
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055b7bb-1f05"
Vary
Accept-Encoding
X-Varnish
833282050 832467035
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
dejan-vodovnik.2e16d0ba.fill-100x100-c100.png
www.slovenskenovice.si/media/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/dejan-vodovnik.2e16d0ba.fill-100x100-c100.png
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
0970280f24215d5aefdbd44bbde87841a4d59a769508c460ef37e5beb8aae90f

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:12 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
62
grace
none
Last-Modified
Thu, 05 Nov 2020 19:13:54 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
15769
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fa44ef2-3d76"
Vary
Accept-Encoding
X-Varnish
836051644 834220078
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/png
user.55016b0d6a1d.png
www.slovenskenovice.si/static/sn/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/static/sn/images/user.55016b0d6a1d.png
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
7841c411f0c8fd37063fc45350d46c7d57df36c8732b3b28ce10cfffd9d449ae

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:10 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
64
grace
none
Last-Modified
Thu, 07 Jan 2021 14:32:59 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
29302
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5ff71b9b-7367"
Vary
Accept-Encoding
X-Varnish
833447144 830731232
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
image/png
budja.2e16d0ba.fill-100x100-c100.png
www.slovenskenovice.si/media/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/budja.2e16d0ba.fill-100x100-c100.png
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
d93e759bd0fe63a1ba638e63e00840aa294edbb5ef3ceacb5e53662089f59884

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:20 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
114
grace
none
Last-Modified
Mon, 21 Dec 2020 13:54:15 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
16391
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fe0a907-3fe4"
Vary
Accept-Encoding
X-Varnish
833447145 833023830
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/png
stil_back.d560efdec2de.jpg
www.slovenskenovice.si/static/sn/images/backgrounds/ 		23 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/static/sn/images/backgrounds/stil_back.d560efdec2de.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
d1e6dbc8b6d2496ca8e40b81a47d1824a2846d6998bd0e4b83495e8df24b6f65

Request headers

Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:14 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
121
grace
none
Last-Modified
Tue, 29 Dec 2020 15:51:39 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
15913
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5feb508b-5db2"
Vary
Accept-Encoding
X-Varnish
836051645 832857352
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
image/jpeg
Mulish-Bold.d182a4e3cece.ttf
www.slovenskenovice.si/static/sn/fonts/mulish/ 		87 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/fonts/mulish/Mulish-Bold.d182a4e3cece.ttf
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
499c5b939b037bc5a01668352e3376ef872a2787e7c4414fcac359f7f151677a

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:22 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
53
grace
none
Last-Modified
Tue, 03 Nov 2020 14:30:33 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
42428
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fa16989-15cb4"
Vary
Accept-Encoding
X-Varnish
833247017 834976499
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
application/octet-stream
Mulish-ExtraLight.9105ec56b657.ttf
www.slovenskenovice.si/static/sn/fonts/mulish/ 		87 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/fonts/mulish/Mulish-ExtraLight.9105ec56b657.ttf
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
8ba51371bb2bd3ee1e41e8ab3760a91298faa006ec3d6766eec0e42f68050e55

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:41 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
93
grace
none
Last-Modified
Tue, 03 Nov 2020 14:30:33 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
42221
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fa16989-15cdc"
Vary
Accept-Encoding
X-Varnish
835630380 835141341
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
application/octet-stream
fa-brands-400.f075c50f8979.woff2
www.slovenskenovice.si/static/sn/fonts/fontawesome/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/fonts/fontawesome/webfonts/fa-brands-400.f075c50f8979.woff2
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:37 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
37
grace
none
Last-Modified
Tue, 29 Dec 2020 15:51:39 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
78515
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5feb508b-1327c"
Vary
Accept-Encoding
X-Varnish
836407070 835036238
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
application/octet-stream
Roboto-Bold.e07df86cef2e.ttf
www.slovenskenovice.si/static/sn/fonts/roboto/ 		166 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/fonts/roboto/Roboto-Bold.e07df86cef2e.ttf
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Request headers

Origin
https://www.slovenskenovice.si
Referer
https://www.slovenskenovice.si/static/sn/css/style.5e48f48848da.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:48 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
86
grace
none
Last-Modified
Mon, 02 Nov 2020 08:27:46 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
90253
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5f9fc302-2996c"
Vary
Accept-Encoding
X-Varnish
833282051 835075260
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
application/octet-stream
904887.0550b3e4.fill-100x100.jpg
www.slovenskenovice.si/media/images/20210320/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904887.0550b3e4.fill-100x100.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
fb8c3b3d39f1fb2abc56e8f497b744797814bca689eb709ca7f66a42c0d27736

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:17 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
57
grace
none
Last-Modified
Sat, 20 Mar 2021 13:42:03 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
4104
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055fbab-1075"
Vary
Accept-Encoding
X-Varnish
834811923 834488776
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904888.7f80302f.fill-100x100.jpg
www.slovenskenovice.si/media/images/20210320/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904888.7f80302f.fill-100x100.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
c308cb0e1fcbe1b505ef6dac80828729bb54e448d4361b8962202379d0bd1684

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:43 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
91
grace
none
Last-Modified
Sat, 20 Mar 2021 14:09:24 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
3688
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60560214-ed4"
Vary
Accept-Encoding
X-Varnish
833058984 835368242
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904884.ada5af4a.fill-100x100.jpg
www.slovenskenovice.si/media/images/20210320/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904884.ada5af4a.fill-100x100.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
731ed9c89c55236ccc0b9bee61ea67e591148c3e817c22ddde85949514320519

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:24 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
110
grace
none
Last-Modified
Sat, 20 Mar 2021 13:08:29 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
3251
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055f3cd-d24"
Vary
Accept-Encoding
X-Varnish
836051646 836732134
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904003.4b5be46a.fill-100x100.jpg
www.slovenskenovice.si/media/images/20210320/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904003.4b5be46a.fill-100x100.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
448174baa514cb54644dddbbcd25ad358b9aafd456c36cfdfc9b24dda83d0268

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:42 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
92
grace
none
Last-Modified
Sat, 20 Mar 2021 12:22:17 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
4656
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055e8f9-1294"
Vary
Accept-Encoding
X-Varnish
835792814 836019988
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904510.1e813868.fill-100x100.jpg
www.slovenskenovice.si/media/images/20210320/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904510.1e813868.fill-100x100.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
8a20b2af360827b13534d10ab4bdeb5b99792e4627ea2abc1dc17217abb81c35

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:55 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
20
grace
none
Last-Modified
Sat, 20 Mar 2021 08:19:59 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
3620
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055b02f-e95"
Vary
Accept-Encoding
X-Varnish
833447146 834781113
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904852.2e16d0ba.fill-100x100.jpg
www.slovenskenovice.si/media/images/20210320/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904852.2e16d0ba.fill-100x100.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
080854fd740fe08f9b79d5c80109389d7868560216e673dfc932046ac07c68ab

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:07 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
7
grace
none
Last-Modified
Sat, 20 Mar 2021 08:52:12 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
3580
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055b7bc-e78"
Vary
Accept-Encoding
X-Varnish
835761154 836961184
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
sn_cajtng.8a5839ae4e4f.png
www.slovenskenovice.si/static/sn/images/ 		52 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/static/sn/images/sn_cajtng.8a5839ae4e4f.png
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
58f04afab81e22381c36497d846960ad9ae1aa20ee4e68910c623afe2bb5a68b

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:11 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
63
grace
none
Last-Modified
Tue, 29 Dec 2020 15:51:39 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
40241
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5feb508b-d0c6"
Vary
Accept-Encoding
X-Varnish
835761155 833703142
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
image/png
sn_logo_only.a6027973b627.svg
www.slovenskenovice.si/static/sn/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/static/sn/images/sn_logo_only.a6027973b627.svg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
de281fc61e74b7f839ab771fd2f8b9d63a05ace688090e75ba4705ee1222b3aa

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:21 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
53
grace
none
Last-Modified
Tue, 10 Nov 2020 11:46:45 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
1503
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5faa7da5-e4d"
Vary
Accept-Encoding
X-Varnish
833447147 835332462
Via
1.1 varnish-v4
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Type
image/svg+xml
app.b73fa3ff43ac.js
www.slovenskenovice.si/static/sn/js/ 		516 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
950ebeff5f79c79d6af5b6a56d7bf6dee00ec8a3ad108f8d0f5856f9a8107ead

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:00 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
14
grace
none
Last-Modified
Fri, 12 Feb 2021 14:08:20 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
155545
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60268bd4-8117f"
Vary
Accept-Encoding
X-Varnish
835792815 835432420
Via
1.1 varnish-v4
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
app.c964ee3b2eaf.js
www.slovenskenovice.si/static/sn_react/js/ 		152 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/static/sn_react/js/app.c964ee3b2eaf.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
8fb5a5b8900ae2d32ee29fc6d5f5986a76f8ad0bd4e7e48ed18b855531308c49

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:59 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
16
grace
none
Last-Modified
Fri, 12 Feb 2021 13:15:39 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
48506
Service-Worker-Allowed
/
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60267f7b-260d5"
Vary
Accept-Encoding
X-Varnish
833058985 836701612
Via
1.1 varnish-v4
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
cTfMp56HGo9e
cdn.onthe.io/io.js/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/cTfMp56HGo9e
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.93.164.116 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
51901a44bc1a1b57010901fbcb2a0ca19dc5263af88bce9c3eb5d0fee25fae84

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Dec 2020 07:21:56 GMT
Server
nginx
ETag
W/"5fc5ef14-f527"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sun, 21 Mar 2021 15:39:15 GMT
tracker.js
si.contentexchange.me/static/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://si.contentexchange.me/static/tracker.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
trafex.serv.si
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0a8f64e5bc7ec05c3e1f8c976195ac635ead062e60578f9dc865520601199374
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
etag
W/"new"
strict-transport-security
max-age=15768000
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
hit.gif
script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://script.dotmetrics.net/hit.gif?id=2763&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&dom=www.slovenskenovice.si&r=1616254755246&pvs=1&pvid=kmhwcmnij9jzfdz5y2&c=true
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
dotmetrics-hit-status
01 OK
server
Kestrel
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
image/gif
x-amz-cf-id
NWXWhi4pllw7wbdeKLurdk1eKE4XwJ4e-ohBEAW0PL-oCq2cWk9YhA==
app.min.js
services.delo.si/delostat/bar24/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.delo.si/delostat/bar24/app.min.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
XYZ via Varnish /
Resource Hash
4e91846150e0b9867d96a521f884e960db5efe5bcbe138d902cf47d89d7956d6

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:48 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
27
grace
none
Last-Modified
Fri, 01 Mar 2019 08:32:14 GMT
Connection
keep-alive
Content-Length
18192
X-DELO-Cache
varnish4a-HIT
Server
XYZ via Varnish
ETag
W/"d1d0-1693861e74b"
Vary
Accept-Encoding
X-Varnish
835954575 832697104
Via
1.1 varnish-v4
Cache-Control
public, max-age=60
Accept-Ranges
bytes
Content-Type
application/javascript
/
tt.onthe.io/uniques/ 		33 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/uniques/?current=20&holding=cf58600e5c33239b9c76dc4a979575b9&hash_user=1ff7ab560.0e7e6086f_1616254755356&1616254755356
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/cTfMp56HGo9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.118.40.188.clients.your-server.de
Software
nginx /
Resource Hash
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:15 GMT
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
33
Expires
Thu, 01 Jan 1970 00:00:01 GMT
script.js
script.dotmetrics.net/Scripts/ 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.dotmetrics.net/Scripts/script.js?v=176
Requested by
Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/door.js?id=2763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
fa92512bfdaeac894f6a39dc3900f5d160fd109f67604e6c6e87136b5fbb485e

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
br
last-modified
Wed, 23 Dec 2020 10:33:50 GMT
server
Kestrel
x-amz-cf-pop
FRA56-C1
etag
"1d6d9171a220aad"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
-2fUEKNWk8NaYVjog8F375ghKaHmTs1v_ZeGoNbJCHX_G9BfuIyK-w==
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43080:uniques_instantly[url:%2F,domain:www.slovenskenovice.si,page:Slovenske%20novice%20-%2024%20ur%20na%20dan,language:si,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36,device:desktop,browser_version:Other%2089,browser:Other,depth:1,user_type:new,user_id:1ff7ab560.0e7e6086f_1616254755356,session_id:950778a05.ec31eca87_1616254755479,cdn_version:7]&s=27f853c1546333f5801c5f74c6a89d7d&1616254755488
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/cTfMp56HGo9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.118.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:15 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43080:visits_instantly[url:%2F,domain:www.slovenskenovice.si,page:Slovenske%20novice%20-%2024%20ur%20na%20dan,language:si,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36,device:desktop,browser_version:Other%2089,browser:Other,depth:1,user_type:new,user_id:1ff7ab560.0e7e6086f_1616254755356,session_id:950778a05.ec31eca87_1616254755479,cdn_version:7]&s=27f853c1546333f5801c5f74c6a89d7d&__io=1ff7ab560.0e7e6086f_1616254755356&1616254755492
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/cTfMp56HGo9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.118.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:15 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43080:pageviews[url:%2F,domain:www.slovenskenovice.si,page:Slovenske%20novice%20-%2024%20ur%20na%20dan,language:si,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36,device:desktop,browser_version:Other%2089,browser:Other,depth:1,user_type:new,user_id:1ff7ab560.0e7e6086f_1616254755356,session_id:950778a05.ec31eca87_1616254755479,cdn_version:7]&s=27f853c1546333f5801c5f74c6a89d7d&1616254755496
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/cTfMp56HGo9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.118.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:15 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
ipromNS.js
cdn.ipromcloud.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/ipromNS.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa93c61a37dd7a7e2f2e8617dbc89af90c85605900bff24cab715315e6c075b

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
3022
cf-polished
origSize=44979
cf-request-id
08f1e37ae1000016eee107c000000001
referrer-policy
no-referrer
last-modified
Mon, 08 Mar 2021 13:17:05 GMT
server
cloudflare
etag
W/"604623d1-afb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
6330083e3ea616ee-FRA
cf-bgj
minify
Home
www.slovenskenovice.si/common/zones/ 		2 KB
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.slovenskenovice.si/common/zones/Home
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
65261401cd73e387d8d3e0d7e75dd0dc5a46af038d2c1911ceb3bb81225f4ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
45
grace
none
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
415
Service-Worker-Allowed
/
Referrer-Policy
no-referrer-when-downgrade
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
X-Frame-Options
DENY
Vary
Accept-Encoding
X-Varnish
836440777 836636438
Via
1.1 varnish-v4
Accept-Ranges
bytes
Content-Type
application/json
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5800
date
Sat, 20 Mar 2021 14:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 20 Mar 2021 16:02:35 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8B8B 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&co=aHR0cHM6Ly93d3cuc2xvdmVuc2tlbm92aWNlLnNpOjQ0Mw..&hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=hkjfm783n070
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__sl.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
61732e3676d9caa0e934664af03c802988e616dfa673db233946e0a6a93aabe8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mLcdt8nJ3kvomhvbHbYBJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&co=aHR0cHM6Ly93d3cuc2xvdmVuc2tlbm92aWNlLnNpOjQ0Mw..&hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=hkjfm783n070
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 20 Mar 2021 15:39:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-mLcdt8nJ3kvomhvbHbYBJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10921
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
bin.livenetlife.com/ 		429 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bin.livenetlife.com/?CodeId=7db57aad-0cc3-46d4-9e68-c19e88bf8255&LNLReferer=https%3A%2F%2Fwww.slovenskenovice.si%2F&cb=44146585703743724
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.44.251.148.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c6b1310b9c8cddf8cfc3eb13fd083d86929e9dd81032277b2768cd46c5ad6acf

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:15 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-length
429
expires
-1
3
services.delo.si/delostat/api/bar24/3600/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.delo.si/delostat/api/bar24/3600/3
Protocol
HTTP/1.1
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
XYZ via Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.slovenskenovice.si
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Vary
Access-Control-Request-Headers
Access-Control-Allow-Headers
content-type
Date
Sat, 20 Mar 2021 15:39:15 GMT
X-Varnish
832363025
Age
0
Via
1.1 varnish-v4
grace
none
X-DELO-Cache
varnish4a-MISS
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Server
XYZ via Varnish
Connection
keep-alive
3
services.delo.si/delostat/api/bar24/3600/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.delo.si/delostat/api/bar24/3600/3
Requested by
Host: services.delo.si
URL: https://services.delo.si/delostat/bar24/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
XYZ via Varnish /
Resource Hash
390d3fc65ac7fb91d5c79823bee0984654113adf3d8519354b118243b02ab498

Request headers

Accept
application/json
Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 20 Mar 2021 15:38:58 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
17
grace
none
Connection
keep-alive
Content-Length
2219
Access-Control-Allow-Origin
*
X-DELO-Cache
varnish4a-HIT
Server
XYZ via Varnish
ETag
W/"1ae2-pS1M80D8mp55YKVnpwxrv7flgq0"
Vary
Accept-Encoding
X-Varnish
832363027 832986014
Via
1.1 varnish-v4
Cache-Control
public, max-age=60
Accept-Ranges
bytes
Content-Type
application/json; charset=utf-8
collect
www.google-analytics.com/j/ 		4 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=729294634&t=pageview&_s=1&dl=https%3A%2F%2Fwww.slovenskenovice.si%2F&ul=en-us&de=UTF-8&dt=Slovenske%20novice%20-%2024%20ur%20na%20dan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=163822434&gjid=307544418&cid=660902750.1616254756&tid=UA-17154848-1&_gid=422902610.1616254756&_r=1&_slc=1&z=30093507
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=729294634&t=event&_s=2&dl=https%3A%2F%2Fwww.slovenskenovice.si%2F&ul=en-us&de=UTF-8&dt=Slovenske%20novice%20-%2024%20ur%20na%20dan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adblocker&ea=No&el=https%3A%2F%2Fwww.slovenskenovice.si%2F&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=660902750.1616254756&tid=UA-17154848-1&_gid=422902610.1616254756&z=1309466785
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 04:37:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39682
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Utils.js
cdn.ipromcloud.com/script/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/Utils.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f6a7aca8287c91000ba19cb004208deb2707f4df981731371ef9d1ce93bd75

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
3023
cf-polished
origSize=75655
cf-request-id
08f1e37b03000016ee3894a000000001
referrer-policy
no-referrer
last-modified
Thu, 04 Mar 2021 08:13:15 GMT
server
cloudflare
etag
W/"6040969b-12787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
6330083e6efb16ee-FRA
cf-bgj
minify
collect
stats.g.doubleclick.net/j/ 		4 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-17154848-1&cid=660902750.1616254756&jid=163822434&gjid=307544418&_gid=422902610.1616254756&_u=IEBAAEAAAAAAAC~&z=975683139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 20 Mar 2021 15:39:15 GMT
content-type
text/plain
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-17154848-1&cid=660902750.1616254756&jid=163822434&_u=IEBAAEAAAAAAAC~&z=171826245
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-17154848-1&cid=660902750.1616254756&jid=163822434&_u=IEBAAEAAAAAAAC~&z=171826245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 8B8B 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&co=aHR0cHM6Ly93d3cuc2xvdmVuc2tlbm92aWNlLnNpOjQ0Mw..&hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=hkjfm783n070
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 09:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
age
21139
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Sun, 20 Mar 2022 09:46:56 GMT
recaptcha__sl.js
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 8B8B 		333 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__sl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&co=aHR0cHM6Ly93d3cuc2xvdmVuc2tlbm92aWNlLnNpOjQ0Mw..&hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=hkjfm783n070
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b6534892fcdfa6dd275dd8600e81e7a2cb82d8eee3b9842b73be4e001b0b91c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 16:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430146
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133769
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Mar 2022 16:10:09 GMT
slovenskenovice.js
cdn.ipromcloud.com/site/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/site/slovenskenovice.js?cb=20210320
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
febfeb086079964a2f08b3c275f2b35669e3c3b20ff459dc0d59dc3834574389

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
2994
cf-polished
origSize=4867
cf-request-id
08f1e37b19000016ee3098e000000001
referrer-policy
no-referrer
last-modified
Thu, 04 Mar 2021 08:12:37 GMT
server
cloudflare
etag
W/"60409675-1303"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
6330083e8f3016ee-FRA
cf-bgj
minify
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42900:uniques_holding&s=27f853c1546333f5801c5f74c6a89d7d&__io=1ff7ab560.0e7e6086f_1616254755356&1616254755609
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/cTfMp56HGo9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.118.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:15 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
SiteEvent.dotmetrics
script.dotmetrics.net/ 		316 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6Mjc2MywiZmwiOnRydWUsImRvbSI6Ind3dy5zbG92ZW5za2Vub3ZpY2Uuc2kiLCJmc28iOm51bGwsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuc2xvdmVuc2tlbm92aWNlLnNpLyIsInJ1cmwiOiIiLCJwdnMiOjEsInB2aWQiOiJrbWh3Y21uaWo5anpmZHo1eTIiLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1616254755614
Requested by
Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/Scripts/script.js?v=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
be4003e425250aa444ac148f67b886ccba9205c3e939b8a470061b9211132033

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
FRA56-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
application/javascript
x-amz-cf-id
H70M25wbczx9rZ9cIhp8mLIk7iXFF7-q4I5VOt4y8VP7m-dHg0LcWw==
loader.js
cdn.taboola.com/libtrc/iprom-slovenskenovice/ 		78 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/iprom-slovenskenovice/loader.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/site/slovenskenovice.js?cb=20210320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.33.7 /
Resource Hash
916d3bceff420084aa790b79bdd4032d90f5b73bb2e957c7baab89683de368eb

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2.kUpVnl8TKaFI1M7hV57r3ep277vv8X
content-encoding
gzip
etag
"aa7d44dfb70f79b41dec619610f74493f9822792"
age
1656
via
1.1 varnish
x-cache
HIT
x-from-cache
1
content-length
19947
x-amz-id-2
BwJA0vfP1FQtZznL9beRumOFvTcvoxjUCnQpbUXOvGZ9vp7gUTiuM67eK4Qs8ekvvK1tiON6u7E=
x-served-by
cache-hhn11551-HHN
last-modified
Sat, 20 Mar 2021 14:11:12 UTC
server
obaker.93.1.2-11.33.7
x-timer
S1616254756.731978,VS0,VE0
date
Sat, 20 Mar 2021 15:39:15 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
H7J853XG0B545R79
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
5
x-cache-hits
2
getFilter
core.iprom.net/site/ 		48 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/site/getFilter?callback=ipromNS.loadSiteFilters&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F&cookieConsent=false&cookieEnabled=true&tcf2=false&sitePath=%5B%22slovenskenovice%22%2C%22naslovnica%22%2C%22%22%5D
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
a79a3ccb691f88c66e176df1d1d1bf854bb60ae1845f762c393c5a117ecc2614

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:15 GMT
Content-Encoding
gzip
X-core-time
46ms
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
X-server-arch
v2
Transfer-Encoding
chunked
Connection
close
X-adserver-worker
avatar-1b0a71123bec@version_1.265v2
zfNYw6aEUKinKD6R_krurCbR1XjodxrQWHYuXACoA4s.js
www.google.com/js/bg/ Frame 8B8B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/zfNYw6aEUKinKD6R_krurCbR1XjodxrQWHYuXACoA4s.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__sl.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdf358c3a68450a8a7283e91fe4aeeac26d1d578e8771ad058762e5c00a8038b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&co=aHR0cHM6Ly93d3cuc2xvdmVuc2tlbm92aWNlLnNpOjQ0Mw..&hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=hkjfm783n070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 18:00:00 GMT
server
sffe
age
87770
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5755
x-xss-protection
0
expires
Sat, 19 Mar 2022 15:16:25 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 8B8B 		102 B
240 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&co=aHR0cHM6Ly93d3cuc2xvdmVuc2tlbm92aWNlLnNpOjQ0Mw..&hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=hkjfm783n070
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de99d2f0b9808baf9f33babc83d47755e072cf4cf767b83be95815c2c358212d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&co=aHR0cHM6Ly93d3cuc2xvdmVuc2tlbm92aWNlLnNpOjQ0Mw..&hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&size=normal&cb=hkjfm783n070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 20 Mar 2021 15:39:15 GMT
/
services.delo.si/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://www.slovenskenovice.si/media/images/20210320/904510.1e813868.fill-1200x630.jpg?rev=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
e24bf9323421c2b11b7a89a8f42e60a3235a37cd0aace40274802259a3871335

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:14 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
1
grace
none
Last-Modified
Sat, 20 Mar 2021 09:00:59 +0000
Connection
keep-alive
Content-Length
3154
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
835142571 834293931
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=502 microseconds
/
services.delo.si/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://www.delo.si/media/images/20210319/903080.2e16d0ba.fill-1200x630.jpg?rev=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
db6bb051e2aac4e3e37259c67d5daa302dc4c5fc0b093183939e9f07507abc58

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:55 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp2
Age
20
grace
none
Last-Modified
Sat, 20 Mar 2021 12:36:24 +0000
Connection
keep-alive
Content-Length
3026
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
833348954 832269704
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=693 microseconds
/
services.delo.si/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://www.delo.si/media/images/20210317/902779.2e16d0ba.fill-1200x630.jpg?rev=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
42f4b1578b2879e2841eea548f50e44fa91d27cd28f26362b18552617cc16720

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:56 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
18
grace
none
Last-Modified
Thu, 18 Mar 2021 06:03:43 +0000
Connection
keep-alive
Content-Length
2392
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
835142573 834781156
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=341 microseconds
/
services.delo.si/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85854/kruh-beljakovine-semena-recept-mascobe-micna_large.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
bcd9af3e1932795db7aba0b0f0c9337ec0b9528fb40fe3f68cd0c89b20f7cc05

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:58 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
17
grace
none
Last-Modified
Thu, 11 Mar 2021 09:16:50 +0000
Connection
keep-alive
Content-Length
4473
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
836440784 833090019
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=540 microseconds
/
services.delo.si/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://svetkapitala.delo.si/media/images/20210319/904086.2e16d0ba.fill-1200x630.jpg?rev=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
78c7015ec74697a95138d01c5374a3e70e12e49b303301b1061e15bc2b2e88ab

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:47 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
28
grace
none
Last-Modified
Fri, 19 Mar 2021 15:52:21 +0000
Connection
keep-alive
Content-Length
4119
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
833832556 830668566
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=679 microseconds
/
services.delo.si/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://odprtakuhinja.delo.si/wp-content/uploads/2021/03/Odprtakuhinja-kruh-volnena-preja.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
8279c9b8af14e35af6b55b8b40552358fc5a50fe20e61e2b1b72fa5a2496ef99

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:14 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp2
Age
1
grace
none
Last-Modified
Fri, 19 Mar 2021 05:46:41 +0000
Connection
keep-alive
Content-Length
5140
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
836183916 835826407
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=535 microseconds
/
services.delo.si/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://www.slovenskenovice.si/media/images/20210320/904887.0550b3e4.fill-1200x630.jpg?rev=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
daedb0cc7f4c099993b09c71abc4438883410c58ad857b8a9b67d72ae67243d5

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:03 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
12
grace
none
Last-Modified
Sat, 20 Mar 2021 13:33:44 +0000
Connection
keep-alive
Content-Length
3734
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
835142572 836961147
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=497 microseconds
/
services.delo.si/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://deloindom.delo.si/uploads/thumbnails/52917/1200/foto-1-hisa-m-1.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
03596d2bacff0c8ea5313508d0a86ba76c28594890d5162e6f1da596f6c65c93

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:14 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
1
grace
none
Last-Modified
Wed, 17 Mar 2021 09:10:01 +0000
Connection
keep-alive
Content-Length
4063
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
836183915 835173466
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=479 microseconds
/
services.delo.si/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://services.delo.si/tvspored-service/img/1200x630/data/images/lamp1/2021-03-03/6eadc1b1993cc66ce9ec654a51e51eb3.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
d48b87ba8e7642c658bb96fb3bca5b64573e1f991215d9615d6fa5c2e5c6cc62

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:09 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
6
grace
none
Last-Modified
Mon, 15 Mar 2021 14:41:49 +0000
Connection
keep-alive
Content-Length
3585
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
834748712 836637131
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=273 microseconds
/
services.delo.si/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://onaplus.delo.si/uploads/85169/oriana-girotto-foto-natasa-kralj_large.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
d7bf1261e672c5afc37b74ac6c95aced2f2cbdea540dde4ebd3e3de1e7f8239f

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:56 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
18
grace
none
Last-Modified
Thu, 18 Mar 2021 03:47:47 +0000
Connection
keep-alive
Content-Length
2956
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
833832555 834385846
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=540 microseconds
bframe
www.google.com/recaptcha/api2/ Frame 573C 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&cb=i1arjmbxlj6m
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__sl.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a831e08e76d19dc76fccfff3002ae0dfef9db10631b75c4bad58516d5d41281
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hldFf4r3iaNaf/87zXflVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&cb=i1arjmbxlj6m
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 20 Mar 2021 15:39:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-hldFf4r3iaNaf/87zXflVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GetBaseScript.aspx
bin.livenetlife.com/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bin.livenetlife.com/GetBaseScript.aspx?ETag=1322391849&CodeId=7db57aad-0cc3-46d4-9e68-c19e88bf8255
Requested by
Host: bin.livenetlife.com
URL: https://bin.livenetlife.com/?CodeId=7db57aad-0cc3-46d4-9e68-c19e88bf8255&LNLReferer=https%3A%2F%2Fwww.slovenskenovice.si%2F&cb=44146585703743724
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.44.251.148.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8adbd6accc5869225f9f6a12000e75881c423ee7a5d99e111a74b30510a2a59b

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
1322391849
content-type
application/x-javascript
cache-control
public, max-age=86400, s-maxage=86400
content-length
11061
expires
Sun, 21 Mar 2021 15:39:15 GMT
impl.20210315-9-RELEASE.js
cdn.taboola.com/libtrc/ 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210315-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iprom-slovenskenovice/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ba5a2163e85179a25680ed144a7be87bda09be67c0116593ebcd327f5bfa655f

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
aQEgNdEAnWF7hU0hXzE_qBLtLWpCEMgH
content-encoding
br
etag
"92f7fe97957aed89e69b8f84a5e9f3f4"
age
18801
x-cache
HIT
content-length
110454
x-amz-id-2
+Z239bqIXkad12kzGVm/HkHGq9wBOPeXCLoP2zY5+hv9reGCZA7Sf7a3k8oxkG0zn0O3ziR+/WM=
x-served-by
cache-hhn11551-HHN
last-modified
Mon, 15 Mar 2021 10:17:43 GMT
server
AmazonS3-br
x-timer
S1616254756.821135,VS0,VE0
date
Sat, 20 Mar 2021 15:39:15 GMT
vary
Accept-Encoding
x-amz-request-id
207QBC9SK6K2EQX3
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
106867
tr5
cdn.taboola.com/libtrc/ 		3 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=img_snap_var
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616254756.821566,VS0,VE0
x-served-by
cache-hhn11551-HHN
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 573C 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&cb=i1arjmbxlj6m
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 09:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
age
21139
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Sun, 20 Mar 2022 09:46:56 GMT
recaptcha__sl.js
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 573C 		333 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__sl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=sl&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ldh3QwTAAAAALxNTS2jOZhNTHLMFJTHJGhHm487&cb=i1arjmbxlj6m
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b6534892fcdfa6dd275dd8600e81e7a2cb82d8eee3b9842b73be4e001b0b91c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 16:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430146
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133769
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Mar 2022 16:10:09 GMT
CB6E4634080751447D32F34BE548F44F.cache.js
bin.livenetlife.com/ 		314 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bin.livenetlife.com/CB6E4634080751447D32F34BE548F44F.cache.js
Requested by
Host: bin.livenetlife.com
URL: https://bin.livenetlife.com/GetBaseScript.aspx?ETag=1322391849&CodeId=7db57aad-0cc3-46d4-9e68-c19e88bf8255
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.44.251.148.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4db9385bafc92f99a780ce93e27e30ecbbf421516059b48cc7e4de35d9a75126

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 13:20:55 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"80154491f8fad61:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
103470
Prebid.js
cdn.ipromcloud.com/script/ 		365 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/Prebid.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354a1fe53d41be06ea5fbce6e43e5260aeed8dcbcb394137fe204f3cb136e1ba

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
2441
cf-polished
origSize=374541
cf-request-id
08f1e37c70000016eec32a5000000001
referrer-policy
no-referrer
last-modified
Wed, 17 Mar 2021 12:23:56 GMT
server
cloudflare
etag
W/"6051f4dc-5b70d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
63300840ba1916ee-FRA
cf-bgj
minify
impression
core.iprom.net/ 		22 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/impression?time=1616254755951&callback=ipromNS.loadAds&zones=%5B299%2C30%2C31%2C1379%2C1380%2C440%2C25%2C219%2C220%2C221%2C32%2C236%2C237%2C239%2C33%2C464%2C1227%2C37%2C725%2C1397%5D&resolution=1600x1200&rsu=&RID=161625475589384519&noAds=%5B%5D&skipAds=%5B%5D&sitePath=%5B%22slovenskenovice%22%2C%22naslovnica%22%2C%22%22%5D&keywords=%5B%5D&channels=%5B%5D&blocked=false&server=core.iprom.net&port=null&debug=false&prebid=null&cookieConsent=false&cookieEnabled=true&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&siteSettingsPath=null&zone=%7B%22querySelector%22%3Anull%7D
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
501fcb2fbbc30593935a06d08e2751293d2f144e28ab19d4cc4295f841c185f7

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:16 GMT
Content-Encoding
gzip
X-core-time
582ms
X-server-arch
v2
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
X-RID
161625475589384519
Transfer-Encoding
chunked
Connection
close
X-adserver-worker
avatar-7e6c0d0e7ae4@version_1.265v2
log
core.iprom.net/ 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/log?type=s&e=PageView&sitePath=%5B%22slovenskenovice%22%2C%22naslovnica%22%2C%22%22%5D&debug=false&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F&keywords=null&channels=null&callback=ipromNS.debug&time=1616254755951&top_referer=&RID=161625475589384519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:16 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
docker9-6041bbf58217@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.slovenskenovice.si%2F&domain=www.slovenskenovice.si&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.slovenskenovice.si
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.slovenskenovice.si
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1652
date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210320
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae9ae3dfd2efbb210fb9ebb54bcafead289c060ed4d30fb85b1a81276ce5733e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
16575
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
753
etag
W/"540-ZaS91eJ0HUS+kx4hWrT6uaEArO8"
x-served-by
cache-fra19148-FRA
date
Sat, 20 Mar 2021 15:39:16 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.slovenskenovice.si%2F&domain=www.slovenskenovice.si&cw=1
  • https://mug.criteo.com/sid?cpp=Cn55HnxxNXVrWmpOQlc2SmlIaVJGYXpxcjhGMlVxSlM5eUZCWm4wRXhiWWlBTS8wcTBIOEJjYkNxeWxVTnlEVVFkV0FxZVplUUVOMFRjSnkrRXU0cTU5SXRselBvZTk4NkR6cXpLYmVoTUgxdlV1ZzhQdWU3ZWR1dTFKcU...
366 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Cn55HnxxNXVrWmpOQlc2SmlIaVJGYXpxcjhGMlVxSlM5eUZCWm4wRXhiWWlBTS8wcTBIOEJjYkNxeWxVTnlEVVFkV0FxZVplUUVOMFRjSnkrRXU0cTU5SXRselBvZTk4NkR6cXpLYmVoTUgxdlV1ZzhQdWU3ZWR1dTFKcUljNlFKVjBvNHRmbFhLUWg2NjRPZFROSkV3LzdieXFoMEVXMXQxbDZnNWZjNkdxNzNERXJzUHZaNGJnNmpoRzIxY2F2L0dic1dlUVpFT3BoZXprRXpxdkNTYXo2NzBvNHhEN1F0ME9FVm44WUJxYWQrWjBvPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d60251a1010fea87c831bd4a1f8fb6f5dde2e10a66e74ae6a7dbd912dbcc7b9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 20 Mar 2021 15:39:16 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2497
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 Mar 2021 15:39:15 GMT
location
https://mug.criteo.com/sid?cpp=Cn55HnxxNXVrWmpOQlc2SmlIaVJGYXpxcjhGMlVxSlM5eUZCWm4wRXhiWWlBTS8wcTBIOEJjYkNxeWxVTnlEVVFkV0FxZVplUUVOMFRjSnkrRXU0cTU5SXRselBvZTk4NkR6cXpLYmVoTUgxdlV1ZzhQdWU3ZWR1dTFKcUljNlFKVjBvNHRmbFhLUWg2NjRPZFROSkV3LzdieXFoMEVXMXQxbDZnNWZjNkdxNzNERXJzUHZaNGJnNmpoRzIxY2F2L0dic1dlUVpFT3BoZXprRXpxdkNTYXo2NzBvNHhEN1F0ME9FVm44WUJxYWQrWjBvPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1783
content-length
482
expires
0
v1
prg.smartadserver.com/prebid/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:15 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:15 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:16 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:16 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
adx.adform.net/adx/ 		30 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTUzMDQzNiZ0cmFuc2FjdGlvbklkPTVjODFiYTY4LTExOTctNDlhNy1iOGIwLTQ0ZGQxMDU5ZWQzMiZyY3VyPUVVUg%3D%3D&bWlkPTUzMDExOSZ0cmFuc2FjdGlvbklkPTVjODFiYTY4LTExOTctNDlhNy1iOGIwLTQ0ZGQxMDU5ZWQzMiZyY3VyPUVVUg%3D%3D&bWlkPTUzMDQzMSZ0cmFuc2FjdGlvbklkPTM3MWMxMWRhLWRkNTgtNGUyZS1hN2IzLTE2OTg1YjkxOGY1OSZyY3VyPUVVUg%3D%3D&bWlkPTUzMDEyMCZ0cmFuc2FjdGlvbklkPTM3MWMxMWRhLWRkNTgtNGUyZS1hN2IzLTE2OTg1YjkxOGY1OSZyY3VyPUVVUg%3D%3D&bWlkPTUzMDEyMiZ0cmFuc2FjdGlvbklkPWQ0NmRiNDE1LTZmM2ItNGMzNy1hZWNiLWRlYmQ0ZTQ5OTNiZSZyY3VyPUVVUg%3D%3D&bWlkPTUzMDEyMyZ0cmFuc2FjdGlvbklkPTY2MGYyZDAzLWE0YTMtNDIyZi04NmJmLWNiYWRlMzgwMGQ1ZCZyY3VyPUVVUg%3D%3D&pt=gross&stid=7b23a558-23c8-408c-a511-ce79f4144da6&fd=1&eids=eyJwdWJjaWQub3JnIjp7ImE5NTFmMmQyLTJhOWUtNGU0YS04MWMxLWZmNGIzZjJmYTFkNCI6WzFdfX0%3D
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d28d3a79049e41b15c46b44756d8702c2206a4b3ef4a1aaa82a82d0534155246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
30
expires
-1
bid
ap.lijit.com/rtb/ 		24 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.30.0
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
297747d34d9f435ec4ff5831a17b50aaa541eea588604f4844f7af51f8684a01

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 Mar 2021 15:39:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.slovenskenovice.si
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
translator
hbopenbid.pubmatic.com/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2046faf6be34865da7d3077fc70e8b978841eebdb16eb2f6e7242595637b5114

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.slovenskenovice.si
date
Sat, 20 Mar 2021 15:39:15 GMT
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
content-type
application/json
v2
i.connectad.io/api/ 		0
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
633008419c244a97-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f1e37cfb00004a978c87b000000001
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.slovenskenovice.si
date
Sat, 20 Mar 2021 15:39:16 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		19 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:16 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80
AN-X-Request-Uuid
780a0d45-1bb9-4cbc-9f93-d8ee71a84711
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.slovenskenovice.si
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.30.0&cb=95701536286
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.slovenskenovice.si
date
Sat, 20 Mar 2021 15:39:16 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
auction
rtb.adxpremium.services/openrtb2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cb5419dbb11cc600ed85167196454af7f17b2510bcd788e900fd0afa70b61c7

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f1e37d0200004eeb521e9000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xlppFG6XicJUHW%2BZelOo8698xiFP8huDQpndqMmbgGeo8kPkv7UfNZ3PVXVRxOtWwNePAaSELwn4myvHWBTrGoKEGGReW7KPo6tMB%2FeaJfvoqYsysMPM2Dl8fnCRp1Jfsf8lzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
633008419fb94eeb-FRA
expires
0
/
ssp-nj.webtradehub.com/ 		0
0
cdb
bidder.criteo.com/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=65&profileId=184&cb=1616254756147
Requested by
Host:
URL: 0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.slovenskenovice.si
date
Sat, 20 Mar 2021 15:39:15 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
clear.cache.gif
bin.livenetlife.com/ 		43 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bin.livenetlife.com/clear.cache.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.44.251.148.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
last-modified
Thu, 20 Feb 2020 07:52:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e85e3a3c2e7d51:0"
content-type
image/gif
accept-ranges
bytes
content-length
43
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Cn55HnxxNXVrWmpOQlc2SmlIaVJGYXpxcjhGMlVxSlM5eUZCWm4wRXhiWWlBTS8wcTBIOEJjYkNxeWxVTnlEVVFkV0FxZVplUUVOMFRjSnkrRXU0cTU5SXRselBvZTk4NkR6cXpLYmVoTUgxdlV1ZzhQdWU3ZWR1dTFKcUljNlFKVjBvNHRmbFhLUWg2NjRPZFROSkV3LzdieXFoMEVXMXQxbDZnNWZjNkdxNzNERXJzUHZaNGJnNmpoRzIxY2F2L0dic1dlUVpFT3BoZXprRXpxdkNTYXo2NzBvNHhEN1F0ME9FVm44WUJxYWQrWjBvPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1137
date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
vary
Accept-Encoding
StoreTextContent.aspx
engine4.livenetlife.com/ 		36 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://engine4.livenetlife.com/StoreTextContent.aspx
Requested by
Host:
URL: 0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.148.163 Ljubljana, Slovenia, ASN12778 (NETSI NETSI.NET AS, SI),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3698b294291c7b5ae94762e1b73855214e4c27c5e440a564d44c93e8bfbc33b0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain; charset=UTF-8

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
/
adserver.livenetlife.com/ 		0
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver.livenetlife.com/?LNLReferrer=https%3A%2F%2Fwww.slovenskenovice.si%2F&LNLUser=13f6dd57dd0e94731c7c12fab230d9c4e08873a3_b44e53e337b40694b114710e35d35063dcece45d&widget=original%2Csecond%2Cmicna&cb=1616254756269
Requested by
Host:
URL: 0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.70.89 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.89.70.9.176.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
*
cache-control
private
content-length
0
Ping.aspx
engine4.livenetlife.com/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://engine4.livenetlife.com/Ping.aspx
Requested by
Host:
URL: 0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.148.163 Ljubljana, Slovenia, ASN12778 (NETSI NETSI.NET AS, SI),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
private
Classic.js
cdn.ipromcloud.com/script/format/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/format/Classic.js?cb=20210320
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee038399ef018218ca4c7675eecd9fcd407cea41dd3999aa047cf912a856146d

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
3023
cf-polished
origSize=4220
cf-request-id
08f1e37f7d000016ee3f30b000000001
referrer-policy
no-referrer
last-modified
Mon, 16 Dec 2019 13:14:49 GMT
server
cloudflare
etag
W/"5df78349-107c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
6330084598e816ee-FRA
cf-bgj
minify
InlineProgrammatic.js
cdn.ipromcloud.com/script/format/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/format/InlineProgrammatic.js?cb=20210320
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fe0c902ca8e8dd8172363c372774e72cd185a43fae05933b7c7ead2c7383ef

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
2984
cf-polished
origSize=1641
cf-request-id
08f1e37f7f000016eedfb9f000000001
referrer-policy
no-referrer
last-modified
Fri, 20 Nov 2020 12:22:26 GMT
server
cloudflare
etag
W/"5fb7b502-669"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
6330084598eb16ee-FRA
cf-bgj
minify
OutlineExternal.js
cdn.ipromcloud.com/script/format/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/format/OutlineExternal.js?cb=20210320
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3677bbf1b5ed2484d1f87e96f48ff60588c6f08dfa09e3899e0706d95817ccd0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
3011
cf-polished
origSize=2678
cf-request-id
08f1e37f7f000016ee45306000000001
referrer-policy
no-referrer
last-modified
Thu, 19 Nov 2020 12:51:47 GMT
server
cloudflare
etag
W/"5fb66a63-a76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
6330084598ec16ee-FRA
cf-bgj
minify
InlineExternal.js
cdn.ipromcloud.com/script/format/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/format/InlineExternal.js?cb=20210320
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7482409e7a199ef6d62842b9f343b06983943f7d6a5d98db8ad06d9400fbe0d

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
3020
cf-polished
origSize=3448
cf-request-id
08f1e37f80000016ee1218b000000001
referrer-policy
no-referrer
last-modified
Thu, 19 Nov 2020 12:51:36 GMT
server
cloudflare
etag
W/"5fb66a58-d78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
6330084598ef16ee-FRA
cf-bgj
minify
Video.js
cdn.ipromcloud.com/script/format/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/format/Video.js?cb=20210320
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c698d485be7c94c54fd3ac70d785ee25434943949049330ab1b32a94dca6d336

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
2913
cf-polished
origSize=3300
cf-request-id
08f1e37f83000016eed0917000000001
referrer-policy
no-referrer
last-modified
Wed, 21 Oct 2020 13:40:08 GMT
server
cloudflare
etag
W/"5f903a38-ce4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
6330084598f516ee-FRA
cf-bgj
minify
Native-article.source.js
cdn.core.iprom.si/script/format/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.core.iprom.si/script/format/Native-article.source.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.21 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
9d1783882336150ddeb0d05ee2eea2f34c56ae057e75749c11ea7e595d311cf8

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Dec 2020 09:01:28 GMT
Server
nginx/1.6.2
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
close
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=11&siteID=3142&adID=206637&zoneID=32&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:16 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-7276bc52d184@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=10&siteID=3142&adID=704286&zoneID=221&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:16 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-43d8dc0a058b@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
/
adx.adform.net/adx/
Redirect Chain
  • https://adx.adform.net/adx/?mid=116897
  • https://adx.adform.net/adx/?CC=1&mid=116897
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?CC=1&mid=116897
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e6abe0c7f422cdd6dafa8a0cc156eac2aa2086a4fac4c29d9a9583148092b91e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
876
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:16 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&mid=116897
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=15&siteID=3142&adID=54326&zoneID=33&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:16 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-dfba38fac745@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=1&siteID=3142&adID=182084&zoneID=299&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:16 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
docker9-e6c06bd57cbc@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5E9A 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
32ad455327c7bec355729c1ed154965631a509bc811be679407cd455e8548213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 423 of 1000 / last-modified: 1616192151"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19812
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7202 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
6859411dac097535162bc2a50816e97f07c981366a2bd2615ea1f75531fb2777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 424 of 1000 / last-modified: 1616192151"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19837
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AB82 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
818a0d78e6ded09d23a415354ed7f322684692f6bf99e46ec192449a04a9fe4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 124 of 1000 / last-modified: 1616192151"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19837
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:16 GMT
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=8&siteID=3142&adID=572345&zoneID=219&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:16 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-a24d6a2640a2@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=12&siteID=3142&adID=572340&zoneID=236&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:16 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
docker9-decd0a1f3f6f@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=6&siteID=3142&adID=572338&zoneID=440&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
docker9-6041bbf58217@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
VideoPlayer.js
cdn.ipromcloud.com/script/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipromcloud.com/script/VideoPlayer.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cb9cb5cc62ae184168b8552565561ae129f4b5d0f32785560ecc29a116b20b4

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
3015
cf-polished
origSize=31513
cf-request-id
08f1e37fc1000016eec81cf000000001
referrer-policy
no-referrer
last-modified
Mon, 18 Jan 2021 12:01:29 GMT
server
cloudflare
etag
W/"60057899-7b19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
63300846098e16ee-FRA
cf-bgj
minify
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
get.ad
central.iprom.net/adserver/ 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://central.iprom.net/adserver/get.ad?vlog=73d60b1a486a8b895b5b892ae90a79df&js=1&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.160 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
central.iprom.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-iprom-bcluster
ciback2
Date
Sat, 20 Mar 2021 15:39:17 GMT
Server
nginx/1.16.1
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript
Log
core.iprom.net/ 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=13&siteID=3142&adID=728820&zoneID=237&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
docker9-e6c06bd57cbc@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=13&siteID=3142&adID=677088&zoneID=237&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
avatar-1b0a71123bec@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
index.html
a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/ Frame E979 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a818d86ec7cfb1a650a673d07b4b21ea0e5fe4f62d513bc393f56ba60b85c18

Request headers

:method
GET
:authority
a.ipromcloud.com
:scheme
https
:path
/2021/125878/825b992a746df53894cbdb5c3fa334c4/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-type
text/html
set-cookie
__cfduid=d1eaa5c61168ce6e61f6ef0608fbbf1211616254756; expires=Mon, 19-Apr-21 15:39:16 GMT; path=/; domain=.ipromcloud.com; HttpOnly; SameSite=Lax; Secure
last-modified
Thu, 11 Mar 2021 12:23:18 GMT
x-cdn
cdn2
access-control-allow-origin
*
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
cf-request-id
08f1e37fd3000016ee16a03000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6330084619b316ee-FRA
content-encoding
gzip
597061673bfa49ede90102661d07946c_728.png
a.ipromcloud.com/2021/126734/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/126734/597061673bfa49ede90102661d07946c_728.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa0d96baff449a5185c7ed9bca394a2b5913fe72e309af7793325a6199bd068

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
93
content-length
38480
cf-request-id
08f1e38066000016eec81d7000000001
referrer-policy
no-referrer
last-modified
Fri, 19 Mar 2021 13:20:35 GMT
server
cloudflare
etag
"6054a523-9650"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
633008470ac016ee-FRA
get.ad
central.iprom.net/adserver/ 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://central.iprom.net/adserver/get.ad?vlog=9aab49d4b86cc7e15549efe4de4defa4&js=1&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.160 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
central.iprom.net
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-iprom-bcluster
ciback4
Date
Sat, 20 Mar 2021 15:39:17 GMT
Server
nginx/1.16.0
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript
Log
core.iprom.net/ 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=7&siteID=3142&adID=739110&zoneID=25&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
docker9-40da5e79e663@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=7&siteID=3142&adID=677028&zoneID=25&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
avatar-eb875201f422@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
get.ad
central.iprom.net/adserver/ 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://central.iprom.net/adserver/get.ad?vlog=958451d954dfd7185c1a561a3c71db8f&js=1&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.160 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
central.iprom.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-iprom-bcluster
ciback2
Date
Sat, 20 Mar 2021 15:39:17 GMT
Server
nginx/1.16.1
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=9&siteID=3142&adID=733502&zoneID=220&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-a24d6a2640a2@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=9&siteID=3142&adID=677068&zoneID=220&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-dfba38fac745@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
b006e805cb7b466419afa1679b26e604_300.jpg
a.ipromcloud.com/2021/127015/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/127015/b006e805cb7b466419afa1679b26e604_300.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c915e862cdfc1fa39894f26158dc759319af56703b281f37586a6841631a65bd

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
4783
content-length
68749
cf-request-id
08f1e380bb000016ee1f918000000001
referrer-policy
no-referrer
last-modified
Fri, 19 Mar 2021 12:18:51 GMT
server
cloudflare
etag
"605496ab-10c8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
633008479b6316ee-FRA
cf-bgj
h2pri
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=14&siteID=3142&adID=740818&zoneID=239&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-520c6aeb521f@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
4f86da664647f2ac25d8af61c6581b81_220.jpg
a.ipromcloud.com/2020/100594/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2020/100594/4f86da664647f2ac25d8af61c6581b81_220.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e8634a9ef8ef5609497d5ff52548c9bd94499c7bcd7291beb3475617b5e7b49

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
2932
content-length
25544
cf-request-id
08f1e37fe0000016eef12c5000000001
referrer-policy
no-referrer
last-modified
Mon, 29 Jun 2020 11:45:51 GMT
server
cloudflare
etag
"5ef9d46f-63c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084639c716ee-FRA
cf-bgj
h2pri
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=4&siteID=3142&adID=584722&zoneID=1379&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-520c6aeb521f@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
db637366874cef43241b05226befca72_100.jpg
a.ipromcloud.com/2020/100594/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2020/100594/db637366874cef43241b05226befca72_100.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe4cd7d1cb2b0ec01c9a9ae9ad91da6b4abff345aa4860b579204167a7b296a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
3008
content-length
18424
cf-request-id
08f1e37fe2000016ee3f310000000001
referrer-policy
no-referrer
last-modified
Mon, 29 Jun 2020 11:55:03 GMT
server
cloudflare
etag
"5ef9d697-47f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084639c916ee-FRA
cf-bgj
h2pri
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=5&siteID=3142&adID=584721&zoneID=1380&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-7276bc52d184@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
3652b98f1d8da954580518d84b8f3349_336.jpg
a.ipromcloud.com/2021/124834/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/124834/3652b98f1d8da954580518d84b8f3349_336.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01059b5e09c2c119fc487416325cb2744b9455867336ae1f900a2f080c5d56cf

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
7075
content-length
15127
cf-request-id
08f1e380c8000016ee1219b000000001
referrer-policy
no-referrer
last-modified
Mon, 08 Mar 2021 11:46:16 GMT
server
cloudflare
etag
"60460e88-3b17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
63300847ab8a16ee-FRA
cf-bgj
h2pri
6e8411b61da9438778e66f5aedf41d94_336.mp4
a.ipromcloud.com/2021/124834/ 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/2021/124834/6e8411b61da9438778e66f5aedf41d94_336.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
348648
Content-Range
bytes 0-2642001/2642002
Content-Length
2642002
cf-request-id
08f1e380d5000016eef8a04000000001
referrer-policy
no-referrer
last-modified
Mon, 08 Mar 2021 11:46:16 GMT
server
cloudflare
etag
"60460e88-285052"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
63300847bbad16ee-FRA
createjs.min.js
code.createjs.com/1.0.0/ Frame E979 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: a.ipromcloud.com
URL: https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 20 Mar 2021 15:54:16 GMT
2021-03-GOODYEAR-728x90.js
a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/ Frame E979 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/2021-03-GOODYEAR-728x90.js
Requested by
Host: a.ipromcloud.com
URL: https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045edb6d91a5fdcfe490438cedad98dda05afd2310fa82c763ac4bce06b06866

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
1301
cf-polished
origSize=74962
cf-request-id
08f1e38010000016eec3b63000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 12:23:17 GMT
server
cloudflare
etag
W/"604a0bb5-124d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
633008468a2b16ee-FRA
cf-bgj
minify
targets.js
a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/ Frame E979 		178 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/targets.js
Requested by
Host: a.ipromcloud.com
URL: https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3931c9f4baf1ce9207d8b664dcccd3cc746c1f56c3c0c92089db91684e25113d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
1083
cf-polished
origSize=180
cf-request-id
08f1e38011000016eef58e8000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 12:23:18 GMT
server
cloudflare
etag
W/"604a0bb6-b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
633008468a2c16ee-FRA
cf-bgj
minify
htmlSDK.js
a.ipromcloud.com/js/ Frame E979 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/js/htmlSDK.js
Requested by
Host: a.ipromcloud.com
URL: https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C728x90%2C66355%2C1616254756%2Chttps%253A%252F%252Fwww.goodyear.eu%252Fsl_si%252Fconsumer%252Foffers-hub%252Fpomladna-akcija.html%253Futm_source%253DiPROM_Programmatic%2526utm_medium%253Dbanner%2526utm_campaign%253Dpomladna_akcija-SI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb5a72788789a4ff6bf456538e306c510058038769dcf490ffc1a1cd04cc2ae6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
3011
cf-polished
origSize=26272
cf-request-id
08f1e38011000016eeec2ad000000001
referrer-policy
no-referrer
last-modified
Thu, 04 Feb 2021 14:50:10 GMT
server
cloudflare
etag
W/"601c09a2-66a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
633008468a2d16ee-FRA
cf-bgj
minify
Ping.aspx
engine4.livenetlife.com/ 		13 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://engine4.livenetlife.com/Ping.aspx
Requested by
Host:
URL: 0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.148.163 Ljubljana, Slovenia, ASN12778 (NETSI NETSI.NET AS, SI),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a6d0f2453cebee6688a661e52432b77db542b6667c01a8035f360bdc5c1b3693

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 20 Mar 2021 15:39:15 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
_728x90.jpg
a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/ Frame E979 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/_728x90.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5887a042f550e1cb989e1da2752b2c8f833545aea584625966b83eab853296

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
1301
content-length
190778
cf-request-id
08f1e38053000016eed19ea000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 12:23:18 GMT
server
cloudflare
etag
"604a0bb6-2e93a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
63300846ea9916ee-FRA
cf-bgj
h2pri
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ Frame AB82 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
gumapngcopy.png
a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/ Frame E979 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/gumapngcopy.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5daa7d5093ceee109a73a48a4d2b4abc8f5979dad8de977c1707563dfaf820d8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
1127
content-length
19225
cf-request-id
08f1e38067000016eee8bfb000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 12:23:18 GMT
server
cloudflare
etag
"604a0bb6-4b19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
633008470ac316ee-FRA
clear.cache.gif
bin.livenetlife.com/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bin.livenetlife.com/clear.cache.gif
Requested by
Host:
URL: 0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.44.251.148.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:16 GMT
last-modified
Thu, 20 Feb 2020 07:52:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e85e3a3c2e7d51:0"
content-type
image/gif
accept-ranges
bytes
content-length
43
904888.7f80302f.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904888.7f80302f.fill-800x450.jpg?rev=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
a030f8ca7f67cffb7bc76517dbe1c5f891a2cbe70894ca81f4453f914fbca07c

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:57 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
20
grace
none
Last-Modified
Sat, 20 Mar 2021 14:09:24 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
48783
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60560214-bf0c"
Vary
Accept-Encoding
X-Varnish
836312127 835851045
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
whiteUserIconBig.png
d1vbprrijiwq7d.cloudfront.net/images/ 		456 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vbprrijiwq7d.cloudfront.net/images/whiteUserIconBig.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5dfa0879cfb7a74ee21462e4868365dd0b8b6c0b2048ae6fd71ce92ceee869d3

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 04:40:52 GMT
Via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Feb 2020 07:51:57 GMT
Server
Microsoft-IIS/10.0
Age
40198
X-Powered-By
ASP.NET
ETag
"281b55a0c2e7d51:0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
456
X-Amz-Cf-Id
oRl0PHNM2IGPQ3SFF3ZDxAghyyDJZIEQu5KgDoQDvw78HxCkppvK3Q==
904510.1e813868.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904510.1e813868.fill-800x450.jpg?rev=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
12fb384c8de21010a8e83f8bfcc904b28f046c89f24d95d60f875c020209d9a6

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:28 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
48
grace
none
Last-Modified
Sat, 20 Mar 2021 08:20:03 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
75666
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055b033-12869"
Vary
Accept-Encoding
X-Varnish
834781475 832710394
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904887.0550b3e4.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904887.0550b3e4.fill-800x450.jpg?rev=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
1eecc69e4faa700fdf450c642ca47fb79d989655f4f93d0c0128c6980e1e46b0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:20 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
57
grace
none
Last-Modified
Sat, 20 Mar 2021 13:42:04 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
68220
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055fbac-10add"
Vary
Accept-Encoding
X-Varnish
835851384 836020685
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904852.2e16d0ba.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904852.2e16d0ba.fill-800x450.jpg?rev=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
5156ec2e1059a39bfd21028baddac3fa062754b708e7c9aca1f1ffea9094f6d6

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:11 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
5
grace
none
Last-Modified
Sat, 20 Mar 2021 08:52:14 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
61074
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055b7be-eef0"
Vary
Accept-Encoding
X-Varnish
832697605 834881481
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904003.4b5be46a.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904003.4b5be46a.fill-800x450.jpg?rev=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
cc2e0d435e43e42de2de4baf2b50193d407a20e500b937018eb858b66756ca33

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:37 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
100
grace
none
Last-Modified
Sat, 20 Mar 2021 12:22:18 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
65988
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055e8fa-101d5"
Vary
Accept-Encoding
X-Varnish
836183943 834033711
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904884.ada5af4a.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904884.ada5af4a.fill-800x450.jpg?rev=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
43110a3ba3281f0ae2b3d59f92b6b7061794d7b32aaca51869b423e3a99fe39b

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:36 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
41
grace
none
Last-Modified
Sat, 20 Mar 2021 13:08:31 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
53265
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055f3cf-d1f3"
Vary
Accept-Encoding
X-Varnish
827520547 827519879
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904076.2e16d0ba.fill-800x450.png
www.slovenskenovice.si/media/images/20210319/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210319/904076.2e16d0ba.fill-800x450.png?rev=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
c8bedb722c1f159a5cc9dc38888e303c86bffeb09761a6c7e0b754601c84bfc2

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:02 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
134
grace
none
Last-Modified
Fri, 19 Mar 2021 09:13:42 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
166059
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60546b46-28856"
Vary
Accept-Encoding
X-Varnish
832697606 833404800
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/png
s_1898799_480.jpg
www.slovenskenovice.si/images/slike/2020/01/16/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/01/16/s_1898799_480.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
51661b5f29bb08761ea0c2bb48188d675a4692d82d5ea011273fac9e719fae20

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:44 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
33
grace
none
Last-Modified
Fri, 17 Jan 2020 08:09:26 GMT
Connection
keep-alive
X-Backend-Server
sn-s1
Content-Length
18523
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5e216bb6-4918"
Vary
Accept-Encoding
X-Varnish
835954636 836798777
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_1853616_480.jpg
www.slovenskenovice.si/images/slike/2019/12/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2019/12/10/s_1853616_480.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
93c59cb89743de68fcff795f287fb78af69cdcba38929c71c57af3962300160a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:52 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
84
grace
none
Last-Modified
Wed, 11 Dec 2019 13:26:57 GMT
Connection
keep-alive
X-Backend-Server
sn-s2
Content-Length
17292
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5df0eea1-4407"
Vary
Accept-Encoding
X-Varnish
831614039 835890376
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_5377533_480.jpg
www.slovenskenovice.si/images/slike/2020/12/06/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/12/06/s_5377533_480.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
93a80b3a020cac043c4ec8f051cd262bba0c8ea050c1b6a39dc840928aab79c6

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:07 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
69
grace
none
Last-Modified
Sun, 06 Dec 2020 16:31:54 GMT
Connection
keep-alive
X-Backend-Server
sn-s2
Content-Length
22481
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fcd077a-583c"
Vary
Accept-Encoding
X-Varnish
829910082 834717701
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_4483321_480.jpg
www.slovenskenovice.si/images/slike/2020/07/24/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/07/24/s_4483321_480.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
f43f849d129139e7cdd7ad315cb09d7cfaff8e05b528d2f1568fccd984c82ca9

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:56 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
20
grace
none
Last-Modified
Fri, 24 Jul 2020 06:17:18 GMT
Connection
keep-alive
X-Backend-Server
sn-s1
Content-Length
15080
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5f1a7cee-3b63"
Vary
Accept-Encoding
X-Varnish
835954637 833381231
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_5425425_480.jpg
www.slovenskenovice.si/images/slike/2020/12/31/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/12/31/s_5425425_480.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
4289906ac1b3f74fa8f178010d483bcd5eba7c21de8a8fde5098266ae2225a48

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:14 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
62
grace
none
Last-Modified
Thu, 31 Dec 2020 15:38:55 GMT
Connection
keep-alive
X-Backend-Server
sn-s1
Content-Length
16639
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fedf08f-43a2"
Vary
Accept-Encoding
X-Varnish
835142600 830731312
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_365306_480.jpg
www.slovenskenovice.si/images/slike/2020/10/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/10/05/s_365306_480.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
f636aefad2c70674b7de1837ac69eb7caaccd67b7ac38998db45d9f654c438a2

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:14 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
63
grace
none
Last-Modified
Wed, 07 Oct 2020 06:21:19 GMT
Connection
keep-alive
X-Backend-Server
sn-s1
Content-Length
27096
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5f7d5e5f-6a4c"
Vary
Accept-Encoding
X-Varnish
831614040 836082351
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_5588641_480.jpg
www.slovenskenovice.si/images/slike/2021/01/04/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2021/01/04/s_5588641_480.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
04cd22d3cff30bd8f8813ffd1e9dac9429f49869ece4f843916d72d23d27c672

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:45 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
91
grace
none
Last-Modified
Wed, 06 Jan 2021 19:30:09 GMT
Connection
keep-alive
X-Backend-Server
sn-s2
Content-Length
28889
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5ff60fc1-7147"
Vary
Accept-Encoding
X-Varnish
832697607 835690269
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
/
services.delo.si/img/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85986/kobarid-ideja-izlet-micna_large.jpg&size=680
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
2414f57c4290f7dab6977eee2199bcf8e052f9f1d0fe7557e2c5f3673a7b3b6f

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:49 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
28
grace
none
Last-Modified
Fri, 19 Mar 2021 13:31:32 +0000
Connection
keep-alive
Content-Length
61456
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
832168268 834849557
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=515 microseconds
/
services.delo.si/img/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85854/kruh-beljakovine-semena-recept-mascobe-micna_large.jpg&size=680
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
12e03c10e20dd31b7370e90c0c21d13d6a9556e3af1727e57bbca44cd19da455

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:58 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp2
Age
19
grace
none
Last-Modified
Tue, 16 Mar 2021 04:41:09 +0000
Connection
keep-alive
Content-Length
54255
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
832792529 833381271
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=443 microseconds
/
services.delo.si/img/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/39612/rolada-jagode-recept-micna_large_1.jpg&size=680
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
1418073ebb44bab9ede0a52fff8543509fbc66fb6d726e8af4c7722fdb76aa51

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:44 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp2
Age
33
grace
normal(limited)
Last-Modified
Fri, 22 Jan 2021 15:16:09 +0000
Connection
keep-alive
Content-Length
62605
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
836312132 836733074
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=509 microseconds
/
services.delo.si/img/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85936/meghan-markle-knjiga-nagradna-igra_large.jpg&size=680
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
ef9221eb1c975251bc16c32e59a127389cdddd98b9bdb64d053ce6a0ffc1cd95

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:53 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
23
grace
none
Last-Modified
Mon, 15 Mar 2021 14:18:30 +0000
Connection
keep-alive
Content-Length
49591
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
834386142 835464458
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=501 microseconds
/
services.delo.si/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85911/neromaticna-horoskop-znamenja-romantika-micna_large.jpg&size=680
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
050d76d309454ba53bcb2345629adc03d961427214d779c045a53b049f030cf5

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:53 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
23
grace
none
Last-Modified
Wed, 17 Mar 2021 04:52:23 +0000
Connection
keep-alive
Content-Length
39236
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
836668806 836440486
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=566 microseconds
/
services.delo.si/img/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/86009/angelina-jolie-brad-pitt-locitev-nasilje-dokazi-otroci-micna_large.jpg&size=680
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
d7f44b4d408c7bccfe295eb4232dd969c1c3b55ed98c45e3d31957eadb3b6891

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:51 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
25
grace
none
Last-Modified
Fri, 19 Mar 2021 06:54:19 +0000
Connection
keep-alive
Content-Length
35647
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
835464766 833544076
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=411 microseconds
/
services.delo.si/img/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85920/meghan-markle-princ-harry-kate-middleton-proka-blog-micna_large.jpg&size=680
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
e5ba36a730fd970bbeab751c8abcc96efb872eb67fc617f55f290027a93b5921

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:50 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
27
grace
none
Last-Modified
Mon, 15 Mar 2021 06:26:14 +0000
Connection
keep-alive
Content-Length
44353
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
836668807 833544054
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=669 microseconds
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c059812d3e35848abe7f09f6dc9e0e4d808ec13e9c33408ea912de84169d4666

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jaknapngcopy.png
a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/ Frame E979 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/jaknapngcopy.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058dd5c817c3b80a6ad299a3287a9093845945e508ddc02bd759e2ba7a2823eb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
1128
content-length
28807
cf-request-id
08f1e380bb000016eefd2b6000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 12:23:18 GMT
server
cloudflare
etag
"604a0bb6-7087"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
633008479b6516ee-FRA
pubads_impl_2021031801.js
securepubads.g.doubleclick.net/gpt/ Frame 5E9A 		286 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Mar 2021 08:39:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102478
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
pubads_impl_2021031701.js
securepubads.g.doubleclick.net/gpt/ Frame 7202 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 08:39:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102424
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
tracker.js
tracker.contentexchange.me/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.contentexchange.me/tracker.js?tag=sn
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
trafex.serv.si
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
3b0595920069ec490b2dbf1da61fc2bc01060ef06053cdc7373629e9defe7880
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
etag
W/"new"
strict-transport-security
max-age=15768000
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
palcepngcopy.png
a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/ Frame E979 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/palcepngcopy.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe8bda3545bb8e198cb07f49b2b797bd552081b3d2274aadba860a8add92475

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
1115
content-length
7191
cf-request-id
08f1e380da000016ee0bb80000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 12:23:18 GMT
server
cloudflare
etag
"604a0bb6-1c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
63300847cbbd16ee-FRA
senca.png
a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/ Frame E979 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/125878/825b992a746df53894cbdb5c3fa334c4/images/senca.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d51848dfe30e981f74071a5695b66f8c8fb0457d8ad79029c1ff10868613d380

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
1115
content-length
14492
cf-request-id
08f1e380f5000016eec3b74000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 12:23:18 GMT
server
cloudflare
etag
"604a0bb6-389c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
63300847ec0a16ee-FRA
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=13&siteID=3142&adID=728820&zoneID=237&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=e&e=start&c=vid&referer=https://www.slovenskenovice.si/&cb=1616254757110
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-ac151b5037f7@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
impression
core.iprom.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/impression?time=1616254757158&sitePath=%5B%22vandraj%22%2C%22naslovnica%22%5D&zones=%5B709%2C709%5D&callback=_loadIpromNativemOeAs9D5EjCDmoySfZ46&referer=https%253A%252F%252Fwww.slovenskenovice.si%252F&uniqueAds=true
Requested by
Host: cdn.core.iprom.si
URL: https://cdn.core.iprom.si/script/format/Native-article.source.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
5dcd34e64114317fa741e1e53d0971d4c03f05e156e5b5abdc042af6ba9dbdaa

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Content-Encoding
gzip
X-core-time
13ms
X-server-arch
v2
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
X-RID
11
Transfer-Encoding
chunked
Connection
close
X-adserver-worker
docker9-6caf9365fde1@version_1.265v2
impression
core.iprom.net/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/impression?time=1616254757159&sitePath=%5B%22vandraj%22%2C%22naslovnica%22%5D&zones=%5B709%2C709%2C709%2C709%5D&callback=_loadIpromNative4fPYpEeDFerVTCfG9tfQ&referer=https%253A%252F%252Fwww.slovenskenovice.si%252F&uniqueAds=true
Requested by
Host: cdn.core.iprom.si
URL: https://cdn.core.iprom.si/script/format/Native-article.source.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
1d56d4da3c4a6711d2066289c78d94183c788e8284ecce2193c27ea0fbcb372f

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Content-Encoding
gzip
X-core-time
42ms
X-server-arch
v2
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
X-RID
11
Transfer-Encoding
chunked
Connection
close
X-adserver-worker
leviathan-0f622e53a8df@version_1.265v2
integrator.js
adservice.google.pl/adsid/ Frame AB82 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.slovenskenovice.si&meb=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AB82 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.slovenskenovice.si&meb=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame AB82 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1654443201664573&correlator=3833616221874497&output=ldjh&impl=fif&eid=31060473%2C31060495%2C31060501%2C31060367%2C31060493%2C44739387%2C21069711&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210320&iu_parts=53015287%2Cslovenskenovice.si_d_970x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&cookie_enabled=1&cdm=www.slovenskenovice.si&bc=31&abxe=1&lmt=1616254757&dt=1616254757199&dlt=1616254756793&idt=386&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=409&adks=3357874142&ucis=ez6iicdqvgjo&ifi=1&ifk=539598778&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&top=https%3A%2F%2Fwww.slovenskenovice.si%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=660902750.1616254756&ga_sid=1616254757&ga_hid=1013508616&ga_fc=true&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a051637b7b87936b23acaa0a6e2bbfed758a4bc38b8fc6db906960d6b8c8b9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2781
x-xss-protection
0
google-lineitem-id
122729607
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303514837
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fe172631fc8977665e845de572a97e91.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame AB82 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://fe172631fc8977665e845de572a97e91.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame AB82 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.pl/adsid/ Frame 5E9A 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5E9A 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5E9A 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3123492478155547&correlator=1483274315722645&output=ldjh&impl=fif&eid=31060473%2C31060522%2C31060343%2C31060367%2C31060506%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-37&ecs=20210320&iu_parts=53015287%2Cslovenskenovice.si_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&cdm=www.slovenskenovice.si&bc=31&abxe=1&lmt=1616254757&dt=1616254757259&dlt=1616254756778&idt=465&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=2146&adks=2768976756&ucis=6bd3a6ubj9xf&ifi=1&ifk=349035394&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&top=https%3A%2F%2Fwww.slovenskenovice.si%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=660902750.1616254756&ga_sid=1616254757&ga_hid=1687756620&ga_fc=true&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
862365d3fea82c70020cbe200d25d4b4f8e9872354afb9f2c52f5074a890d8d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2794
x-xss-protection
0
google-lineitem-id
122727567
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303164357
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4126a4335856b675d6eadb810e718850.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5E9A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://4126a4335856b675d6eadb810e718850.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?v=1-0-38&n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5E9A 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?v=1-0-38&n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.pl/adsid/ Frame 7202 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7202 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7202 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=745823534574309&correlator=1684708415084823&output=ldjh&impl=fif&eid=31060521%2C31060367%2C31060494%2C44739387%2C21065725&vrg=2021031701&ptt=17&sc=1&sfv=1-0-37&ecs=20210320&iu_parts=53015287%2Cslovenskenovice.si_d_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&cdm=www.slovenskenovice.si&bc=31&abxe=1&lmt=1616254757&dt=1616254757286&dlt=1616254756787&idt=483&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1124&adys=3222&adks=1561486246&ucis=u48gmw4p9p7z&ifi=1&ifk=2348892956&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&top=https%3A%2F%2Fwww.slovenskenovice.si%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=660902750.1616254756&ga_sid=1616254757&ga_hid=1918835347&ga_fc=true&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f741381fc4ac623c2033b6fecc170ad9c6883e7448083ee157a2449e9d6b85e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2720
x-xss-protection
0
google-lineitem-id
122724327
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303512611
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3847535e915d11cfbd378958276f815a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7202 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://3847535e915d11cfbd378958276f815a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7202 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
904888.7f80302f.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904888.7f80302f.fill-800x450.jpg?rev=0
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
a030f8ca7f67cffb7bc76517dbe1c5f891a2cbe70894ca81f4453f914fbca07c

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:57 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
20
grace
none
Last-Modified
Sat, 20 Mar 2021 14:09:24 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
48783
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60560214-bf0c"
Vary
Accept-Encoding
X-Varnish
835792874 835851045
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904852.2e16d0ba.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904852.2e16d0ba.fill-800x450.jpg?rev=1
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
5156ec2e1059a39bfd21028baddac3fa062754b708e7c9aca1f1ffea9094f6d6

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:11 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
5
grace
none
Last-Modified
Sat, 20 Mar 2021 08:52:14 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
61074
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055b7be-eef0"
Vary
Accept-Encoding
X-Varnish
833832592 834881481
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904510.1e813868.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904510.1e813868.fill-800x450.jpg?rev=0
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
12fb384c8de21010a8e83f8bfcc904b28f046c89f24d95d60f875c020209d9a6

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:28 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
48
grace
none
Last-Modified
Sat, 20 Mar 2021 08:20:03 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
75666
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055b033-12869"
Vary
Accept-Encoding
X-Varnish
834386143 832710394
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904887.0550b3e4.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904887.0550b3e4.fill-800x450.jpg?rev=0
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
1eecc69e4faa700fdf450c642ca47fb79d989655f4f93d0c0128c6980e1e46b0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:20 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
57
grace
none
Last-Modified
Sat, 20 Mar 2021 13:42:04 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
68220
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055fbac-10add"
Vary
Accept-Encoding
X-Varnish
835036818 836020685
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904003.4b5be46a.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904003.4b5be46a.fill-800x450.jpg?rev=0
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
cc2e0d435e43e42de2de4baf2b50193d407a20e500b937018eb858b66756ca33

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:37 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
100
grace
none
Last-Modified
Sat, 20 Mar 2021 12:22:18 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
65988
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055e8fa-101d5"
Vary
Accept-Encoding
X-Varnish
836572078 834033711
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_1898799_480.jpg
www.slovenskenovice.si/images/slike/2020/01/16/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/01/16/s_1898799_480.jpg
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
51661b5f29bb08761ea0c2bb48188d675a4692d82d5ea011273fac9e719fae20

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:44 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
33
grace
none
Last-Modified
Fri, 17 Jan 2020 08:09:26 GMT
Connection
keep-alive
X-Backend-Server
sn-s1
Content-Length
18523
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5e216bb6-4918"
Vary
Accept-Encoding
X-Varnish
832926762 836798777
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_1853616_480.jpg
www.slovenskenovice.si/images/slike/2019/12/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2019/12/10/s_1853616_480.jpg
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
93c59cb89743de68fcff795f287fb78af69cdcba38929c71c57af3962300160a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:52 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
84
grace
none
Last-Modified
Wed, 11 Dec 2019 13:26:57 GMT
Connection
keep-alive
X-Backend-Server
sn-s2
Content-Length
17292
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5df0eea1-4407"
Vary
Accept-Encoding
X-Varnish
835792875 835890376
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904076.2e16d0ba.fill-800x450.png
www.slovenskenovice.si/media/images/20210319/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210319/904076.2e16d0ba.fill-800x450.png?rev=1
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
c8bedb722c1f159a5cc9dc38888e303c86bffeb09761a6c7e0b754601c84bfc2

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:02 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
134
grace
none
Last-Modified
Fri, 19 Mar 2021 09:13:42 GMT
Connection
keep-alive
X-Backend-Server
sn-app0
Content-Length
166059
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"60546b46-28856"
Vary
Accept-Encoding
X-Varnish
835036819 833404800
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/png
s_5425425_480.jpg
www.slovenskenovice.si/images/slike/2020/12/31/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/12/31/s_5425425_480.jpg
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
4289906ac1b3f74fa8f178010d483bcd5eba7c21de8a8fde5098266ae2225a48

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:14 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
62
grace
none
Last-Modified
Thu, 31 Dec 2020 15:38:55 GMT
Connection
keep-alive
X-Backend-Server
sn-s1
Content-Length
16639
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fedf08f-43a2"
Vary
Accept-Encoding
X-Varnish
836572079 830731312
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_4483321_480.jpg
www.slovenskenovice.si/images/slike/2020/07/24/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/07/24/s_4483321_480.jpg
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
f43f849d129139e7cdd7ad315cb09d7cfaff8e05b528d2f1568fccd984c82ca9

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:56 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
20
grace
none
Last-Modified
Fri, 24 Jul 2020 06:17:18 GMT
Connection
keep-alive
X-Backend-Server
sn-s1
Content-Length
15080
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5f1a7cee-3b63"
Vary
Accept-Encoding
X-Varnish
832926763 833381231
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_365306_480.jpg
www.slovenskenovice.si/images/slike/2020/10/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/10/05/s_365306_480.jpg
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
f636aefad2c70674b7de1837ac69eb7caaccd67b7ac38998db45d9f654c438a2

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:14 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
63
grace
none
Last-Modified
Wed, 07 Oct 2020 06:21:19 GMT
Connection
keep-alive
X-Backend-Server
sn-s1
Content-Length
27096
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5f7d5e5f-6a4c"
Vary
Accept-Encoding
X-Varnish
833832593 836082351
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
904884.ada5af4a.fill-800x450.jpg
www.slovenskenovice.si/media/images/20210320/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/media/images/20210320/904884.ada5af4a.fill-800x450.jpg?rev=0
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
43110a3ba3281f0ae2b3d59f92b6b7061794d7b32aaca51869b423e3a99fe39b

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:36 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
41
grace
none
Last-Modified
Sat, 20 Mar 2021 13:08:31 GMT
Connection
keep-alive
X-Backend-Server
sn-app1
Content-Length
53265
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"6055f3cf-d1f3"
Vary
Accept-Encoding
X-Varnish
835792876 827519879
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_5377533_480.jpg
www.slovenskenovice.si/images/slike/2020/12/06/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2020/12/06/s_5377533_480.jpg
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
93a80b3a020cac043c4ec8f051cd262bba0c8ea050c1b6a39dc840928aab79c6

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:07 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
70
grace
none
Last-Modified
Sun, 06 Dec 2020 16:31:54 GMT
Connection
keep-alive
X-Backend-Server
sn-s2
Content-Length
22481
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5fcd077a-583c"
Vary
Accept-Encoding
X-Varnish
834386144 834717701
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
s_5588641_480.jpg
www.slovenskenovice.si/images/slike/2021/01/04/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slovenskenovice.si/images/slike/2021/01/04/s_5588641_480.jpg
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
nginx via Varnish /
Resource Hash
04cd22d3cff30bd8f8813ffd1e9dac9429f49869ece4f843916d72d23d27c672

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:37:45 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
Age
92
grace
none
Last-Modified
Wed, 06 Jan 2021 19:30:09 GMT
Connection
keep-alive
X-Backend-Server
sn-s2
Content-Length
28889
X-DELO-Cache
varnish4a-HIT
Server
nginx via Varnish
ETag
W/"5ff60fc1-7147"
Vary
Accept-Encoding
X-Varnish
836572080 835690269
Via
1.1 varnish-v4
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Type
image/jpeg
view
securepubads.g.doubleclick.net/pcs/ Frame 714D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHWpYOgSwGUZJsvgkcdRIvYqSbhPAlsNFdRd84n49lT5L6NZacqKIwSKqpMncqZ753bYtfPooCocaQXuLacALQp4xBmjY1WJxKmLz3e36N4Pxa8PI-BH4ovqbHvObhkTEfRUOK5nJIeIiJNIAGcfT6mqw2iWy3C-mcm6f206Fbr3h-s0k-daJtFaFOqeD65cPRp3mKybIkzRekFFhU0pqS23sb_4kz2hvWI8SBJu8-u0qIJXBT-f9SUb7JZI3gNx8ejVGr4ppArqA0QiwVuOggAGAQ11vNb1lYwStK-D7jaNiLY59WXWgIMPXMDzdv3bQVEFA8pDSfoTQgyg&sai=AMfl-YREzzcqtyf3eqa9cdeFOGPZdrYPv1vTEGB74cf0EDg0KiKLl_DETiYmqzNbRW4mtIURkZA5jeh1W0_sJkEZ2nFLvl-ze4vk-_Dgq-266TM3EuODRa5dFmNvvY5riE7I&sig=Cg0ArKJSzJS4XBSJcedaEAE&urlfix=1&adurl=
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 15:39:17 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 714D 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 978 of 1000 / last-modified: 1616191964"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19836
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 714D 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame AB82 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AB82 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0654d396dba1a2d513db8e001f68f0e1a6029ed6266c3606a3a514227532c9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6565
x-xss-protection
0
/
services.delo.si/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85911/neromaticna-horoskop-znamenja-romantika-micna_large.jpg&size=680
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
050d76d309454ba53bcb2345629adc03d961427214d779c045a53b049f030cf5

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:53 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
24
grace
none
Last-Modified
Wed, 17 Mar 2021 04:52:23 +0000
Connection
keep-alive
Content-Length
39236
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
836083153 836440486
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=566 microseconds
/
services.delo.si/img/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/86009/angelina-jolie-brad-pitt-locitev-nasilje-dokazi-otroci-micna_large.jpg&size=680
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
d7f44b4d408c7bccfe295eb4232dd969c1c3b55ed98c45e3d31957eadb3b6891

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:51 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
26
grace
none
Last-Modified
Fri, 19 Mar 2021 06:54:19 +0000
Connection
keep-alive
Content-Length
35647
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
831614044 833544076
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=411 microseconds
/
services.delo.si/img/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85854/kruh-beljakovine-semena-recept-mascobe-micna_large.jpg&size=680
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
12e03c10e20dd31b7370e90c0c21d13d6a9556e3af1727e57bbca44cd19da455

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:58 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp2
Age
19
grace
none
Last-Modified
Tue, 16 Mar 2021 04:41:09 +0000
Connection
keep-alive
Content-Length
54255
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
833025443 833381271
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=443 microseconds
/
services.delo.si/img/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85986/kobarid-ideja-izlet-micna_large.jpg&size=680
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
2414f57c4290f7dab6977eee2199bcf8e052f9f1d0fe7557e2c5f3673a7b3b6f

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:49 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
28
grace
none
Last-Modified
Fri, 19 Mar 2021 13:31:32 +0000
Connection
keep-alive
Content-Length
61456
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
835333315 834849557
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=515 microseconds
view
securepubads.g.doubleclick.net/pcs/ Frame 640E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4NZ62oiXVw7feRwenFgaAzvjj50ZqCDTUC8bPU4fUP8m5zmzL9t8xslIXsEXCvzhKFxI7h3GQ9qhYuSLmFDn36VYr-yXFPkgMs62dARP49aQhRkxxaoqQ9Fznq6Zh1uUz7RqiOSaFhhFEp-OeinuCbIIM3o6Z8FLM1CGVUttzO8jPsiVN1gc8SfZdTDIQf5wQW8c-pxPAUaQQfScSsp9K_OAi1Jj-jaAWkKJv3CELGxvRTwB7zJmctSYbPbixZRTaxCI4RPXM75EyTOvv-lSkeuaMIEgcYG32bZE9aTvlhiqCDXvfOKIdgv3_k9a-jbkr7NBYrLtsTsb-&sai=AMfl-YR-1zFxxg6GRClHnMzW_o_33Y00xdT-3p9CKrm-LzO6yWPvm0-EJU8OuIqft7yKNEZPvFJvlr_xEiXq7vsry8ppEWcXpxH2i443FBmgMC80o5KNpN5XJ5VPY65tbfw&sig=Cg0ArKJSzEf2rd1So5mIEAE&urlfix=1&adurl=
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 15:39:17 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 640E 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 670 of 1000 / last-modified: 1616191964"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19836
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 640E 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5E9A 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5E9A 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c62f1184b1f0b5c608acb8dc4dac436bf7e0bb608d309c58c531169a679a3279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6589
x-xss-protection
0
fallback.js
a.ipromcloud.com/script/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/script/fallback.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca1b9f2f35c7cc3801123ed4970d3dfc4b75525a3b9fde41dd6bfbe0e4d67e2d

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
2947
cf-polished
origSize=11401
cf-request-id
08f1e382a2000016ee0bba1000000001
referrer-policy
no-referrer
last-modified
Mon, 23 Mar 2020 13:44:23 GMT
server
cloudflare
etag
W/"5e78bd37-2c89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
6330084a9fe516ee-FRA
cf-bgj
minify
n6QTbNx47jZ6TPSEj-in8h3zfxyli
tracker_si.contentexchange.me/widget/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker_si.contentexchange.me/widget/n6QTbNx47jZ6TPSEj-in8h3zfxyli
Requested by
Host: si.contentexchange.me
URL: https://si.contentexchange.me/static/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
trafex.serv.si
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
08e33f10d74b4877f2cee5db5ccc0a7c66a0d6222fbb20f0c1086305bd4ac270
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
referrer-policy
unsafe-url
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf8
access-control-allow-origin
*
cache-control
private, max-age=0, must-revalidate, no-store, no-cache
/
services.delo.si/img/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85936/meghan-markle-knjiga-nagradna-igra_large.jpg&size=680
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
ef9221eb1c975251bc16c32e59a127389cdddd98b9bdb64d053ce6a0ffc1cd95

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:53 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
24
grace
none
Last-Modified
Mon, 15 Mar 2021 14:18:30 +0000
Connection
keep-alive
Content-Length
49591
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
835333316 835464458
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=501 microseconds
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AB82 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
/
services.delo.si/img/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/85920/meghan-markle-princ-harry-kate-middleton-proka-blog-micna_large.jpg&size=680
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
e5ba36a730fd970bbeab751c8abcc96efb872eb67fc617f55f290027a93b5921

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:38:50 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
27
grace
none
Last-Modified
Mon, 15 Mar 2021 06:26:14 +0000
Connection
keep-alive
Content-Length
44353
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
831614045 833544054
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=669 microseconds
/
services.delo.si/img/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.delo.si/img/?img=https://micna.slovenskenovice.si/uploads/39612/rolada-jagode-recept-micna_large_1.jpg&size=680
Requested by
Host:
URL: 0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:67c:300:de10::100 Bruckneudorf, Austria, ASN39387 (DELO-AS, SI),
Reverse DNS
Software
Apache via Varnish /
Resource Hash
1418073ebb44bab9ede0a52fff8543509fbc66fb6d726e8af4c7722fdb76aa51

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Content-Encoding
gzip
X-DELO-JOB
Ce to beres in ti razvijanje v opensource okolju ni tuje, se javi na razvoj@delo.si
X-Backend
lamp1
Age
0
grace
none
Last-Modified
Fri, 22 Jan 2021 14:07:19 +0000
Connection
keep-alive
Content-Length
62605
X-DELO-Cache
varnish4a-HIT
Server
Apache via Varnish
Vary
Accept-Encoding
X-Varnish
836083154 836312133
Via
1.1 varnish-v4
Cache-Control
max-age=17200
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Time
D=513 microseconds
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ Frame 714D 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5E9A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ Frame 640E 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E3F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxRvPZCYbSrsh4Z1b5ToYKwhlQvDQXLHCUAFNTD1aIH4UFoLIaB_s4AkfU9kqn9JHon6syov0Q9oyD7_KV4gukPFl_6SFVb2X2iHalTb75IBGe-q1PEB0ffxiDenrdd09weTov9RBJGCJHCqh7blCDm33dZw6c25X5Ch2-CfRGnqpCTuJK6xd2vK5HPwYps5BNhbn9quE05cNfEVxJtRlymCvA1vGeEZb0MU70p69fSp52LKUmcX3jU2XezuzkbJ57wGXQJpL0KeQkCl4osZExuDKGR8gajt2FnvUfEaet3N-2Zoq-tjivwIgqEjJozcqvrrRxQYBvBHzJuA&sai=AMfl-YS77aUWps5ztZGDRh35eZHw_LH7ofQlshG0JOaUg2uMkUfsAZDFvlbuIlF6vrXiXiCMpPiQKCUuEKEjsp0_ujfE-FXsQQIXFSM1_Vw4585fnvpM4JYpQ2OPyBT9Gzlj&sig=Cg0ArKJSzO4hSXO9XsVbEAE&urlfix=1&adurl=
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
www.googletagservices.com/tag/js/ Frame E3F9 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb0d29a0e37e475f9a96298f57393125f1b909871e800c36d4b6e8cb8bcfe776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 183 of 1000 / last-modified: 1616192151"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19837
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E3F9 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 7202 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7202 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b49ff1e834c5636820386a75fc0622da8e51ef724a2e3c124aab439419f7d380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6633
x-xss-protection
0
impression
core.iprom.net/ 		49 B
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/impression?time=1616254757591&callback=ipromNS.loadAdTagAds&zones=%5B%2233%22%5D&sitePath=%5B%22slovenskenovice%22%2C%22naslovnica%22%2C%22%22%5D&containerId=fallback-iprom_holder_3&resolution=1600x1200&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F&keywords=%5B%5D&channels=%5B%5D&rsu=&RID=161625475589384519_1&noAds=%5B%2254326%22%5D&skipAds=%5B%2254326%22%5D
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
a26a3296e5bc5cfdef4a954bc895272bda0f8f9012353577a3e33d9bdad22503

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
X-core-time
5ms
X-server-arch
v2
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
X-RID
161625475589384519_1
Connection
close
Content-Length
49
X-adserver-worker
avatar-eb875201f422@version_1.265v2
/
core.iprom.net/log/event/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/log/event/?time=1616254757590&m=slovenskenovice&sid=naslovnica&ssid=&adid=54326&z=33&ch=&kw=&sct=&resx=1600&resy=1200&RID=161625475589384519&iid=&v=&c=&rdr=&e=fallback&c=&referer=https://www.slovenskenovice.si/&cb=1616254757590
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
avatar-702f7f345b84@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
adx.js
s1.adform.net/banners/scripts/ 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7392d5fb5a93e6ebeb34ef8d792c05f4a31aa159c710fa438a2c3fc4d27654f3

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 15:50:37 GMT
server
nginx
etag
W/"604f824d-e6cb"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
integrator.js
adservice.google.de/adsid/ Frame 714D 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 714D 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 714D 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2506633016641460&correlator=1797691862341872&output=ldjh&impl=fif&eid=31060311%2C31060367%2C31060494%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210320&iu_parts=53015287%2Cslovenskenovice.si_d_970x250_1a&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&eri=2&cookie=ID%3D96509a5de27ec800-22b90542d5ba0050%3AT%3D1616254757%3AS%3DALNI_MZuWyTblptAcUVAQtF-Epz2e_H8nw&cdm=www.slovenskenovice.si&bc=31&abxe=1&lmt=1616254757&dt=1616254757617&dlt=1616254757427&idt=172&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=409&adks=2255646814&ucis=k5qxg9s4yz2x&ifi=1&ifk=2030815143&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&top=https%3A%2F%2Fwww.slovenskenovice.si%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=660902750.1616254756&ga_sid=1616254758&ga_hid=2140796341&ga_fc=true&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a51c1b5473154fdf404dfa5ca8a8e95e4f702619ad005ee84d2bd21b25b65b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2464
x-xss-protection
0
google-lineitem-id
122730087
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303514684
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d1be26bb51e36bd074dcb3fb2dcb6748.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 714D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d1be26bb51e36bd074dcb3fb2dcb6748.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 714D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 714D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b3f3dfa4667bf347635a7342afb2db3ea9857055b06f22e14725ef88de5551d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2021031701.js
securepubads.g.doubleclick.net/gpt/ Frame E3F9 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 08:39:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102424
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
integrator.js
adservice.google.de/adsid/ Frame 640E 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 640E 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 640E 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4111008315436986&correlator=4336307554491712&output=ldjh&impl=fif&eid=31060468%2C31060343%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210320&iu_parts=53015287%2Cslovenskenovice.si_d_728x90_1a&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3D96509a5de27ec800-22b90542d5ba0050%3AT%3D1616254757%3AS%3DALNI_MZuWyTblptAcUVAQtF-Epz2e_H8nw&cdm=www.slovenskenovice.si&bc=31&abxe=1&lmt=1616254757&dt=1616254757690&dlt=1616254757462&idt=219&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=2146&adks=1642876628&ucis=yawg2hi01bz9&ifi=1&ifk=365222685&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&top=https%3A%2F%2Fwww.slovenskenovice.si%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=660902750.1616254756&ga_sid=1616254758&ga_hid=1001587751&ga_fc=true&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4cd09fcf75879b117291808b0326ba49b96720807cdb1525d2a776b357c69d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2458
x-xss-protection
0
google-lineitem-id
122728527
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303514105
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e061cb84236a64447e157dac6ff50d86.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 640E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://e061cb84236a64447e157dac6ff50d86.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?v=1-0-38&n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 640E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?v=1-0-38&n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 640E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
432dce5d0ff9e2712fc79004df4e5c30074021bcc8cb0c06cba72dc25f60f9df

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7202 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060521
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3A5B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 20 Mar 2021 14:45:18 GMT
expires
Sun, 20 Mar 2022 14:45:18 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3239
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 8101 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 20 Mar 2021 14:45:18 GMT
expires
Sun, 20 Mar 2022 14:45:18 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3239
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600&display=swap
Requested by
Host: si.contentexchange.me
URL: https://si.contentexchange.me/static/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06e91132c5bb3e51eb2d05f289f8c5cb539384ddc4cb5bca6958dcd8868cbf2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 20 Mar 2021 14:08:11 GMT
server
ESF
date
Sat, 20 Mar 2021 15:39:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Mar 2021 15:39:17 GMT
/
images4.contentexchange.me/fit/magic/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnova24tv.si%2Fwp-content%2Fuploads%2F2021%2F03%2FPosnetek-zaslona-2021-03-19-115518-400x93.jpg&size=400x209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
05109f8e3cc557d861aeb4a28df5e3de87490edbfd305ea820a293dba49ff101

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
cache-control
max-age=31536000
server
nginx/1.16.1
content-type
image/jpeg; charset=utf-8
x-cache-status
HIT
expires
Sun, 20 Mar 2022 15:39:17 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
/
images4.contentexchange.me/fit/magic/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fmoski.hudo.com%2Fwp-content%2Fuploads%2F2021%2F01%2Fprofimedia-0586195471-660x320.jpg&size=400x209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
55a6bb96fd8a9ad2c95d0c430636b4e4ed6525827a883cb1f856f25273faeb67

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
cache-control
max-age=31536000
server
nginx/1.16.1
content-type
image/jpeg; charset=utf-8
x-cache-status
HIT
expires
Sun, 20 Mar 2022 15:39:17 GMT
/
images4.contentexchange.me/fit/magic/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fmodna.si%2Fwp-content%2Fuploads%2F2021%2F03%2F11032021-justin-bieber-Billboard-Instagram_.jpg&size=400x209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
610ef377d771100e2a62981804d224e96cc2eaabf40d0260f7e3cf2b6e7dfbb2

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
cache-control
max-age=31536000
server
nginx/1.16.1
content-type
image/jpeg; charset=utf-8
x-cache-status
HIT
expires
Sun, 20 Mar 2022 15:39:17 GMT
/
images4.contentexchange.me/fit/magic/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fstatic.primorske.si%2Ffoto%2Fhighres%2Fpolitika%2F779114_065--portoroz-7.jpg&size=400x209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
503d8b8f099473e703a158e1d2ab33671a0fedf8459bd2174869173a26776448

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
cache-control
max-age=31536000
server
nginx/1.16.1
content-type
image/jpeg; charset=utf-8
x-cache-status
HIT
expires
Sun, 20 Mar 2022 15:39:17 GMT
/
images4.contentexchange.me/fit/magic/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fwww.zaupokojence.si%2Fwp-content%2Fuploads%2F2021%2F03%2Fnespecnost-spanje-moski.jpg&size=400x209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
4f5e2c4ed4480f957b98d77529ffc593d348748da4038cbac377846ce0fbf919

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
cache-control
max-age=31536000
server
nginx/1.16.1
content-type
image/jpeg; charset=utf-8
x-cache-status
HIT
expires
Sun, 20 Mar 2022 15:39:17 GMT
/
images4.contentexchange.me/fit/magic/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=http%3A%2F%2Fwww.sloski.si%2Fresources%2Ffiles%2Fnovice%2Fsmucarski-skoki%2Fzima21%2Fskakalke%2FGEPA300-20210303-101-103-0323.jpg&size=400x209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
0ed0c62199a317ce5e6469bf0e6c473999fc9660e77662180465d90be98585a0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
cache-control
max-age=31536000
server
nginx/1.16.1
content-type
image/jpeg; charset=utf-8
x-cache-status
HIT
expires
Sun, 20 Mar 2022 15:39:17 GMT
/
images4.contentexchange.me/fit/magic/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnova24tv.si%2Fwp-content%2Fuploads%2F2021%2F03%2Fdiploma-225x300.jpg&size=400x209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
43455f4ee053ee308849504f00fd2db2911eef4c6a54cdffc0fe1b82fa930a07

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
cache-control
max-age=31536000
server
nginx/1.16.1
content-type
image/jpeg; charset=utf-8
x-cache-status
HIT
expires
Sun, 20 Mar 2022 15:39:17 GMT
/
images4.contentexchange.me/fit/magic/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fzenska.hudo.com%2Ffiles%2F2019%2F11%2Fprofimedia-0344114936-660x320.jpg&size=400x209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
cex1.vsn.serv.si
Software
nginx/1.16.1 /
Resource Hash
eb2616e0c123e90ba1d656898ada1eacc807062d23866d4dbf250df7838c23cc

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
cache-control
max-age=31536000
server
nginx/1.16.1
content-type
image/jpeg; charset=utf-8
x-cache-status
HIT
expires
Sun, 20 Mar 2022 15:39:17 GMT
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=6&siteID=3142&adID=572338&zoneID=440&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=v&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-ac151b5037f7@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
click.png
cdn.ipromcloud.com/custom/resources/ Frame B606 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ipromcloud.com/custom/resources/click.png
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5fa7e4fe6389bc1ecb71003ef097887e31841a4b05a59956581a34b16284e8

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
2988
content-length
1320
cf-request-id
08f1e383cb000016ee45341000000001
referrer-policy
no-referrer
last-modified
Tue, 03 Nov 2020 11:59:13 GMT
server
cloudflare
etag
"5fa14611-528"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084c7a5216ee-FRA
0f51317d21c39919a499509879aef81a_480.png
a.ipromcloud.com/2020/113157/ Frame B606 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2020/113157/0f51317d21c39919a499509879aef81a_480.png
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
778a75f574d4ac82244806e85dde44bb61eb23b52781053f396fbd73ce1e3f4d

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
2893
content-length
107401
cf-request-id
08f1e383cc000016eef8a30000000001
referrer-policy
no-referrer
last-modified
Thu, 18 Mar 2021 08:02:18 GMT
server
cloudflare
etag
"6053090a-1a389"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084c7a5316ee-FRA
307ba1d7591444443149beac3b11b8ac_480.jpg
a.ipromcloud.com/2020/113157/ Frame B606 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2020/113157/307ba1d7591444443149beac3b11b8ac_480.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511a96bb5f05d8d909c0d11e898a8131c944d8aed75cd044c00db0b95e09dd4b

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
5325
content-length
46263
cf-request-id
08f1e383cc000016eee1106000000001
referrer-policy
no-referrer
last-modified
Fri, 19 Mar 2021 08:09:53 GMT
server
cloudflare
etag
"60545c51-b4b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084c7a5416ee-FRA
cf-bgj
h2pri
Log
core.iprom.net/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=405&codeNum=1&siteID=35353&adID=735530&zoneID=709&RID=11&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
avatar-102dc255bfdd@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=405&codeNum=2&siteID=35353&adID=737399&zoneID=709&RID=11&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
docker9-6caf9365fde1@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
307ba1d7591444443149beac3b11b8ac_480.jpg
a.ipromcloud.com/2020/113157/ 		0
0
307ba1d7591444443149beac3b11b8ac_480.jpg
a.ipromcloud.com/2020/113157/ Frame B3D7 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2020/113157/307ba1d7591444443149beac3b11b8ac_480.jpg
Requested by
Host: cdn.core.iprom.si
URL: https://cdn.core.iprom.si/script/format/Native-article.source.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511a96bb5f05d8d909c0d11e898a8131c944d8aed75cd044c00db0b95e09dd4b

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
5325
content-length
46263
cf-request-id
08f1e383ea000016eee882f000000001
referrer-policy
no-referrer
last-modified
Fri, 19 Mar 2021 08:09:53 GMT
server
cloudflare
etag
"60545c51-b4b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084caa9816ee-FRA
cf-bgj
h2pri
click.png
cdn.ipromcloud.com/custom/resources/ Frame B3D7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ipromcloud.com/custom/resources/click.png
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5fa7e4fe6389bc1ecb71003ef097887e31841a4b05a59956581a34b16284e8

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
2988
content-length
1320
cf-request-id
08f1e383d4000016ee1f94d000000001
referrer-policy
no-referrer
last-modified
Tue, 03 Nov 2020 11:59:13 GMT
server
cloudflare
etag
"5fa14611-528"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084c8a6116ee-FRA
66d26fd7b52872351f0bf215c6751f06_480.jpg
a.ipromcloud.com/2020/113157/ Frame B3D7 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2020/113157/66d26fd7b52872351f0bf215c6751f06_480.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd6c8069b0345a5c70e53d00ad7be4d18bd0db39bbf8299dacd619885fefd39

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
5245
content-length
35095
cf-request-id
08f1e383ea000016ee389c2000000001
referrer-policy
no-referrer
last-modified
Fri, 19 Mar 2021 08:10:22 GMT
server
cloudflare
etag
"60545c6e-8917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084caa9a16ee-FRA
cf-bgj
h2pri
59c1af6c4c887148bae900efcc23e6f9_480.jpg
a.ipromcloud.com/2020/113157/ Frame B3D7 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2020/113157/59c1af6c4c887148bae900efcc23e6f9_480.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af20cdd6b10d5f9fe83f433abff99500d8fa28be52633469cbfa89a945cde8b

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
164
content-length
56189
cf-request-id
08f1e383ea000016ee3f343000000001
referrer-policy
no-referrer
last-modified
Wed, 17 Mar 2021 07:46:33 GMT
server
cloudflare
etag
"6051b3d9-db7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084caa9916ee-FRA
cf-bgj
h2pri
8c9960ef92b6d257be59f365851bedc6_480.jpg
a.ipromcloud.com/2020/113157/ Frame B3D7 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2020/113157/8c9960ef92b6d257be59f365851bedc6_480.jpg
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62c17644e34636470fbe88d3b3fa39aa7854df73aefa6014d603e65fd3ab5e67

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
5517
content-length
139411
cf-request-id
08f1e383ea000016eed8099000000001
referrer-policy
no-referrer
last-modified
Wed, 17 Mar 2021 07:46:37 GMT
server
cloudflare
etag
"6051b3dd-22093"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330084caa9616ee-FRA
cf-bgj
h2pri
Log
core.iprom.net/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=405&codeNum=1&siteID=35353&adID=735018&zoneID=709&RID=11&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
avatar-702f7f345b84@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=405&codeNum=2&siteID=35353&adID=732598&zoneID=709&RID=11&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-ac151b5037f7@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=405&codeNum=3&siteID=35353&adID=737399&zoneID=709&RID=11&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-7276bc52d184@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=405&codeNum=4&siteID=35353&adID=734790&zoneID=709&RID=11&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-a24d6a2640a2@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ Frame E3F9 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E3F9 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E3F9 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2814334454933864&correlator=3166405825117199&output=ldjh&impl=fif&eid=31060495%2C31060502%2C31060367%2C44739387&vrg=2021031701&ptt=17&sc=1&sfv=1-0-37&ecs=20210320&iu_parts=53015287%2Cslovenskenovice.si_d_300x250_1a&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3D96509a5de27ec800-22b90542d5ba0050%3AT%3D1616254757%3AS%3DALNI_MZuWyTblptAcUVAQtF-Epz2e_H8nw&cdm=www.slovenskenovice.si&bc=31&abxe=1&lmt=1616254757&dt=1616254757870&dlt=1616254757553&idt=292&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1124&adys=3222&adks=3314009714&ucis=ko46l3klzfgd&ifi=1&ifk=4062253604&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&top=https%3A%2F%2Fwww.slovenskenovice.si%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=660902750.1616254756&ga_sid=1616254758&ga_hid=1142804909&ga_fc=true&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2247c9172c52c7d1982d386b9c38071c69405c34ddfe86cbda0c156b47326910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2467
x-xss-protection
0
google-lineitem-id
122724807
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303512398
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
34b1a43e04de86d119a72ac91d576ebf.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E3F9 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://34b1a43e04de86d119a72ac91d576ebf.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E3F9 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame E3F9 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f357b94ac5523cd92dc0a806279fd9341de3a48c5eb50fac4edf44fe85882c73

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 714D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7CvQjX5ZWwFJftv2F9gZaQVkUCSRxCGGP6PzNvb7ipxhYSyXVQlxyiZ5MC72OjNxDMO3LyAp5T4kl5byKu6weqBBDqtsex91BsXbSlP-ftCsyIEq5EUOCCdvc-RQuwytrDk8CDkH7COYIfv8ZfI8L6Z_545YjdNOk_Wz6k1PBLfYLz90xgSzSccFpwtczfYBdjuseywP_O4n9vFWUKgWaZ-GbzyvN2SlTF1gAfNdtVVq-zptj7ipG9_JbONQr8WsmFvfaK2qhKXvTOkJaxsofgL_MH0DJQt692XYHdFQX8pn_NjdzACe2Nz1MCj_MlTjU9FL29IR5X-jG5511&sai=AMfl-YQ0PsWz5BCZCYqaJ7Ch1OLxwkvQa8eoNqzj2_gx1P11OkZruIP5kRzgz28CdBvT8DUDvOdnOtYZNOMwrlyN8wx5MOVGWjJe7EENlibxIW_89OmFL7PWJEo1jl85ulPt&sig=Cg0ArKJSzE2kHA05-uzLEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 15:39:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E2A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstU-hDEXnrH9AS7PjpmHy0ffesPwIYnNDr0PQGOErNh9C5Ei4Avh4Q_IwUaeU1-KOwlRJTE4CSu2nNwrqIdlDZqqgxRhB9idWvsHpqKxnfRMS8hkbWxFSQ1J_7w5oYoQbtbQrtWXYknDrziuyyR9iBcRqA0FgC8xDqUGnwnJ78fgbO6C9HXM2hwnPfmITW2sXhBGqGJC_SHVTMRwe5KzDh65G9z1ifRhDR6k7iReWcaU9zdd_jVBW7D5f-gBuzs_d6qfNT6WxP9oNIKF_py91z9HMfkR-nqY4TCaBTW0jHe5mLMx7g_pRlIaueuV2SrljSFMqQNT8BcHcjr9w&sig=Cg0ArKJSzMY9VWgxfdCPEAE&urlfix=1&adurl=
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2A4 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 714D 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 714D 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
865537e14bcb78bcee40f11f9e39426192a3311330af2bddf99a61c1313ce3ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6513
x-xss-protection
0
nativehb
hb.contentexchange.me/ Frame 381C 		1 KB
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.contentexchange.me/nativehb?domain=www.slovenskenovice.si
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
919bdbce970f9a971e812cb5f5c0e48dc582c51a283248ee2fb2a383c99a07dc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
server
nginx/1.16.1
vary
Origin
content-type
text/plain; charset=utf-8
Log
core.iprom.net/ 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=4&siteID=3142&adID=584722&zoneID=1379&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=v&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
docker9-6041bbf58217@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 2415 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 20 Mar 2021 14:45:18 GMT
expires
Sun, 20 Mar 2022 14:45:18 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3239
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adx.js
s1.adform.net/banners/scripts/ 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7392d5fb5a93e6ebeb34ef8d792c05f4a31aa159c710fa438a2c3fc4d27654f3

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:17 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 15:50:37 GMT
server
nginx
etag
W/"604f824d-e6cb"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 640E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssg9wJUXPLb88zpf4jcJ1PBoO_6hUOO1GbP8LMUpsXyb16cn9B8ZZRPcr9aC9r98L8WrgryWTOR50lqFTvXG15hmigzQbSb33pcOou_dTXZ18AaxRO7z_RULvtxkQCEXHKF1DijlsKTK1byVa9fNTvkOd7j6XSVHe9AhtCQjZwdDLp2k-Py-DUmg7_qCjEy4_eCKW8TUfAJ6cgBagH_tzC9cUazpBQl-GO-IVhD72d_Ep7ex5q4xwwKUTXF7Kc6KZhZwnR1Yodyr5YcvdlS-vy3r4hRy8ReqBtwqjNnbOrxe_uwvTJw99RC6R57xEPK3c5S547TtTxpCGpBWSQ&sai=AMfl-YToA5fjfdHJdJylDX8uj1gQRWY47e8m_smcKNMH7VfYg8HLkr7w5j8t2jCg6T93GyHI8o6AkytuHTRzPgitql-dH2faziMmLqFGcTT6aEk1PV4NAg1AODBho1O-d-E&sig=Cg0ArKJSzCvAv95r_do2EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 15:39:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A508 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5Fa4FUf-kpqTgX3Xu37vhE6kUEu_i-7MxleHx7e3eg3sTjY7P3tetiR5LTqkZGDFWi8b7obFTIq_9Diyhk9i2bhPdm54dQzxlOJCY1KGHdUHpsYuGQf7n1NxcqQzAMao21qcjzOqRhm9WMFG4uvaODWUCqeKVIo7AXUlc6afx7I8x0-hNcEPYiN-74zsucadQe8f_DDFTeAwpyGIrrsB-7i5fIC8kpMG-hzkW1_lptnS-SGV_Ge84jXGfsmqJT0_afXDx0dCKH0fWonPUq-eZwAFAGAtV3HBwm2cyDADJHFLkzG7oFuSw1nG9xpJgF3a2oDFTVCgSw5Xj&sig=Cg0ArKJSzJ8jt4m9B-4kEAE&urlfix=1&adurl=
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A508 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:18 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 640E 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 640E 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad87a49a715d6c67ddbe7b2d1f22a7e157a63c4b534c1337cf96475bcad44fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6565
x-xss-protection
0
impression
core.iprom.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/impression?time=1616254758014&callback=ipromNS.loadAdTagAds&zones=%5B%22440%22%5D&sitePath=%5B%22slovenskenovice%22%2C%22naslovnica%22%2C%22%22%5D&containerId=fallback-iprom_holder_7&resolution=1600x1200&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F&keywords=%5B%5D&channels=%5B%5D&rsu=&RID=161625475589384519_2&noAds=%5B%2254326%22%2C%22572338%22%5D&skipAds=%5B%2254326%22%2C%22572338%22%5D
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
f67a652c0bfce9ea8481b3b820bb1b41aea7790a61b9ae97cfea762a516ce233

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Content-Encoding
gzip
X-core-time
169ms
X-server-arch
v2
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
X-RID
161625475589384519_2
Transfer-Encoding
chunked
Connection
close
X-adserver-worker
ragnarok-35d0d209da95@version_1.265v2
/
core.iprom.net/log/event/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/log/event/?time=1616254758014&m=slovenskenovice&sid=naslovnica&ssid=&adid=572338&z=440&ch=&kw=&sct=&resx=1600&resy=1200&RID=161625475589384519&iid=&v=&c=&rdr=&e=fallback&c=&referer=https://www.slovenskenovice.si/&cb=1616254758014
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
avatar-102dc255bfdd@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 714D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:18 GMT
impression
core.iprom.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/impression?time=1616254758052&callback=ipromNS.loadAdTagAds&zones=%5B%22219%22%5D&sitePath=%5B%22slovenskenovice%22%2C%22naslovnica%22%2C%22%22%5D&containerId=fallback-iprom_holder_5&resolution=1600x1200&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F&keywords=%5B%5D&channels=%5B%5D&rsu=&RID=161625475589384519_3&noAds=%5B%2254326%22%2C%22572338%22%2C%22572345%22%5D&skipAds=%5B%2254326%22%2C%22572338%22%2C%22572345%22%5D
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
39c4f227fe120cc7eb6389f9d7205d584c0dbe9fafc7cd0d0860a9fdad78b9e2

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Content-Encoding
gzip
X-core-time
40ms
X-server-arch
v2
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
X-RID
161625475589384519_3
Transfer-Encoding
chunked
Connection
close
X-adserver-worker
ragnarok-eb188a36023e@version_1.265v2
/
core.iprom.net/log/event/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/log/event/?time=1616254758052&m=slovenskenovice&sid=naslovnica&ssid=&adid=572345&z=219&ch=&kw=&sct=&resx=1600&resy=1200&RID=161625475589384519&iid=&v=&c=&rdr=&e=fallback&c=&referer=https://www.slovenskenovice.si/&cb=1616254758052
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-35d0d209da95@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Ping.aspx
engine4.livenetlife.com/ 		535 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://engine4.livenetlife.com/Ping.aspx
Requested by
Host:
URL: 0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.148.163 Ljubljana, Slovenia, ASN12778 (NETSI NETSI.NET AS, SI),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
edc4fc19380a0605e9eabe99eebc54e641f87c98f34f141be16b404a5cf03238

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
view
securepubads.g.doubleclick.net/pcs/ Frame E2A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseV5dtuRAS_SnDDW3WdEpPoDmPDFmDQLKNUgSykFcOO8JFn_uGdndyETrv6luKxruPv7NYh36svsiX4nBuKjDbnv4p7uhiIMLXVQyBaPk0wuMEJMW2P89pr4Y3cXZdNFsyydKOp5WaI1BJhYTUYEbvSZlSGNtWK0hyLrLBTT8a3afJCj0jzhHQVwMYabDdxJSL3tJKpbtxjCfybbQrk4Fi2foxRwX12k_uFtfBJesGq4NglIg-GMtiNQ9SUU84q9cfnqet4jLG6ghBx_ih_Riqu-zPM1ocORLhd2U1llZYfKP5gt_18tDpFgFSXrzdL3KusEuVi7w-i8Zb1Gyl&sig=Cg0ArKJSzB7ns20Qy_MQEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 15:39:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 640E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:18 GMT
/
adx.adform.net/adx/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTY0NzAxMyZybmQ9PHJhbmRvbV9udW1iZXI-&bWlkPTY0NzAxMyZybmQ9PHJhbmRvbV9udW1iZXI-&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&callback=_adform_cb_1616254758111_46479266175014033
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
770bc7e3f89c29f64fcc3b9550d726090a2c3b962cddadcca3a0e916c633ded8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1384
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame A508 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssugd7i-xDhu4vSIdsZ6IgkY3H4uF8SSdTtY5C3Ul0iBmSDaoFOP6D1wVpCsbygP08t3o0oTHbg-VVQnM263OQUblzIKDkLeIuX35RZOpopnfVze4qX29_AbKBhO2rNYnQx1_mCFISscuPT7nJSDQcGJXSv5j94b_JUOkHxJ02X9xoYENRYjMyz3I6pqMU3654MGFRVWs34Hil46BjmYlm5RApFYVzgt17TKzgks2RRLNlbjHuHSYRjyabRlslVMHpN6rYmLFMX6Z3PJw4bz0G2xhrriLSQCrvZRo4WGBjutNVVwGQF-vtHzDUiDMlnWU0FJEAZvYU4uAP4bIA&sig=Cg0ArKJSzAGoWu0yIT61EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 15:39:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E3F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQKejifD3jDNw8BCOCpXo8vnwwM4aWj6wLdJ8h2sGThi9Q05m2QE8tCVGwy172bORfa4rYMwj3D3jnlAGGp3e_UF7k77UEapsWn2Zni8TugZhhDav5rrUMQqQY1hy4gRFeoiEyXf6RGdYZGnpTB3jBJN9MQi4kkfoO-NCNuV8OFK5dNw-XfYACMgZp3Lu4el5FxUPAGrjhF8wEp1YruN-E3_pNyt3S7z5nTmUvhl-2DxCXSeIhyNi6izPEW3P-y9KEBtZ6RWY5JNESO1K6fKtqfcsBltdEqOrAo5PJL3QIBGw-4EjpIm7SonOKbmjvg2KgTM5luJ3nxlBZHRzs&sai=AMfl-YTGPGrj7lH4vMJnzgSwOcEjPxrVc7ESzjLAtI0s5QxKGyMcMo7ffylcL2UMs0C0LRivXvgKSHUmAsF8Xq3DFgnd2-c0z7SInJteSDHP3x9-XegmiiGfKuNqlSkGCZf6&sig=Cg0ArKJSzNk3MgMNI_r2EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 15:39:18 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 21 Mar 2021 15:39:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 82BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSOvBzRbGSif_0qCPHkTEXmCT1c_D_bNDCIYNENua-HSbIri16LE5nFXxA5uoXmEICneBDj8Jq7IC88fhxnG8lTRnvoIdIAxl3TXz7HNCS9lBqEloP66F6G1NM_W73jF-XrJVR7-CSk89om8wztIfrxpZF4-KCLAyZY7H4G-CeK6iizjTsI6ZJkuhPBPrqBAV4VUSCeWIGZzbL5q0VOEqiWh_QqT8xr2cNHxxWW0ILgJOedRXVn-JqhyEkWbxARFPPL9SQ_9mU_RUiM8XETJ5d91jr8NwMV1wEiGlvnHjkkks03kQaKx_j-tNdvjWzFanOVAky_19JGNqb2Q&sig=Cg0ArKJSzMKMdK_hDd8_EAE&urlfix=1&adurl=
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 82BB 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:18 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame E3F9 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E3F9 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18a0c13457d9aee26881fb2286cd0b954795d04654ba530969a131f86ac442ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6475
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 0337 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 20 Mar 2021 14:45:18 GMT
expires
Sun, 20 Mar 2022 14:45:18 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3240
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
impression
core.iprom.net/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/impression?time=1616254758214&callback=ipromNS.loadAdTagAds&zones=%5B%22236%22%5D&sitePath=%5B%22slovenskenovice%22%2C%22naslovnica%22%2C%22%22%5D&containerId=fallback-iprom_holder_6&resolution=1600x1200&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F&keywords=%5B%5D&channels=%5B%5D&rsu=&RID=161625475589384519_4&noAds=%5B%2254326%22%2C%22572338%22%2C%22572345%22%2C%22572340%22%5D&skipAds=%5B%2254326%22%2C%22572338%22%2C%22572345%22%2C%22572340%22%5D
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
2506838b22a95da7ddb580c8f3410be423c4b84c9997badd8fc8e06fe31dbce4

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
X-core-time
349ms
X-server-arch
v2
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
X-RID
161625475589384519_4
Connection
close
Content-Length
1966
X-adserver-worker
avatar-102dc255bfdd@version_1.265v2
/
core.iprom.net/log/event/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/log/event/?time=1616254758214&m=slovenskenovice&sid=naslovnica&ssid=&adid=572340&z=236&ch=&kw=&sct=&resx=1600&resy=1200&RID=161625475589384519&iid=&v=&c=&rdr=&e=fallback&c=&referer=https://www.slovenskenovice.si/&cb=1616254758214
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:18 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
avatar-4370615461d3@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E3F9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:18 GMT
/
adx.adform.net/adx/ 		721 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTQ1NDcyNSZybmQ9PHJhbmRvbV9udW1iZXI-&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&callback=_adform_cb_1616254758237_4925882056731936
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fcc998a1ff603a695df3744087b54d390c3213b8a56c8e4f5548a8d6c2caee65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
739
expires
-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 4A26 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 20 Mar 2021 14:45:18 GMT
expires
Sun, 20 Mar 2022 14:45:18 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3240
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 82BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxfFQB60cNWkxNgwsHzMnLacMoom5c8_644g1vKBD08l0Jcojc_2h6e3tWbKW_dmiGJYulZ_XRD6W0Hm6tlbJxJX8wrVQaTprgQ76btx8CrorJgQPMYfPIdSTSYR1JVDMH6FhYO8MW4vnMTEc9VXgpe1tQmLqiTGyLktjWp_OmAkY_48tVsDvg3GEOGnswUJO0UBO89XycVcmqXAs2Po4zp7AAR4j3hGoUCqeBAX5E1_Ao96bMy3X7XDs7CO_kFywwN42jJ6-1sMO_NAYzFI61uarkhQ-EVJP6S4TwDpPxIHdpCf1xnF19e3DAxVUEnGpBbcg998tTybVdI70P&sig=Cg0ArKJSzF3sIB8qDHFqEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 15:39:18 GMT
syncframe
gum.criteo.com/ Frame 4BE0 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.slovenskenovice.si
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.slovenskenovice.si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1228
date
Sat, 20 Mar 2021 15:39:17 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 21 Mar 2021 15:39:18 GMT
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 3A5B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
95658
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 8101 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
95658
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3032 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 20 Mar 2021 14:45:18 GMT
expires
Sun, 20 Mar 2022 14:45:18 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3240
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 2415 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
95658
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 0337 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
95658
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 4A26 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
95658
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
graphql
s2.adxpremium.services/ 		84 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2.adxpremium.services/graphql
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0368283c4da773f9d46ab430144d565bfb656f3e70b4ac7ee37d43d0169815a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
x-graphql-event-stream
/graphql/stream
access-control-allow-methods
HEAD, GET, POST
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f1e386ba00004a85120a8000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V%2BCvZr6wGnt63G3rs86Exf7M1hHvTgee4Msk%2FLlGwskyoNQD0uHHkRcQwCqi4G3zhyOVz%2B12cU8OH%2FwItnWGF0CPaKvwcAxKbqdm%2BkaN1s4azPPXo4Gt%2B4PXUnfDQkEpuNtA"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
cf-ray
633008512bc74a85-FRA
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length
graphql
s2.adxpremium.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s2.adxpremium.services/graphql
Protocol
H2
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.slovenskenovice.si
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-length
0
access-control-allow-origin
*
access-control-allow-methods
HEAD, GET, POST
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
cf-cache-status
DYNAMIC
cf-request-id
08f1e3868000004a85461cc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FMMgMy7TpcRW8mWKUdzaU%2BkyQK6j4HILplDkq0o2d0i1jrK3hEWn2nacDoEFIzdvf2lbDYva6pmbpKU3NMSelUy5OcqVzUzG97wFN4DukreU3z3j%2BDTkcuf7SxnLH9tTjWUr"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
63300850cb3e4a85-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
fallback.js
a.ipromcloud.com/script/ Frame 9BC1 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/script/fallback.js
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca1b9f2f35c7cc3801123ed4970d3dfc4b75525a3b9fde41dd6bfbe0e4d67e2d

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
2948
cf-polished
origSize=11401
cf-request-id
08f1e386a4000016ee3a033000000001
referrer-policy
no-referrer
last-modified
Mon, 23 Mar 2020 13:44:23 GMT
server
cloudflare
etag
W/"5e78bd37-2c89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
63300851084516ee-FRA
cf-bgj
minify
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 3032 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
95658
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
impression
core.iprom.net/ 		50 B
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/impression?time=1616254758662&callback=ipromNS.loadAdTagAds&zones=%5B%22299%22%5D&sitePath=%5B%22slovenskenovice%22%2C%22naslovnica%22%2C%22%22%5D&containerId=fallback-iprom_holder_4&resolution=1600x1200&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F&keywords=%5B%5D&channels=%5B%5D&rsu=&RID=161625475589384519_5&noAds=%5B%2254326%22%2C%22572338%22%2C%22572345%22%2C%22572340%22%2C%22182084%22%5D&skipAds=%5B%2254326%22%2C%22572338%22%2C%22572345%22%2C%22572340%22%2C%22182084%22%5D
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/ipromNS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
9e2d2386381aa28c25f50c7ffde0e1fa4f700d097ae055df4648183d0ec774ec

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
X-core-time
10ms
X-server-arch
v2
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
X-RID
161625475589384519_5
Connection
close
Content-Length
50
X-adserver-worker
docker9-decd0a1f3f6f@version_1.265v2
/
core.iprom.net/log/event/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/log/event/?time=1616254758662&m=slovenskenovice&sid=naslovnica&ssid=&adid=182084&z=299&ch=&kw=&sct=&resx=1600&resy=1200&RID=161625475589384519&iid=&v=&c=&rdr=&e=fallback&c=&referer=https://www.slovenskenovice.si/&cb=1616254758662
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-8a3a6b21afe2@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 380E 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
3f58d950120274e9c45118873465c45611b885ed6c1388aee5038bb17731e6cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 796 of 1000 / last-modified: 1616191964"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19836
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:18 GMT
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=1&siteID=3142&adID=572349&zoneID=219&RID=161625475589384519_3&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-412a9afec6f3@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
90be2027fe9b38bfbd9e20b99d36d6ca_970.png
a.ipromcloud.com/2021/126734/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/126734/90be2027fe9b38bfbd9e20b99d36d6ca_970.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e9453ca396772386d8faeea64c76d87b081368bf9ac7c80b225363af63ca32

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
cf-cache-status
HIT
x-cdn
cdn2
age
1534
content-length
81309
cf-request-id
08f1e38755000016ee0c8ad000000001
referrer-policy
no-referrer
last-modified
Fri, 19 Mar 2021 13:20:35 GMT
server
cloudflare
etag
"6054a523-13d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
6330085229ce16ee-FRA
get.ad
central.iprom.net/adserver/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://central.iprom.net/adserver/get.ad?vlog=8fa4fd46b12b3b1cc8dc0768ccc8ec8a&js=1&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.160 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
central.iprom.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-iprom-bcluster
ciback17
Date
Sat, 20 Mar 2021 15:39:18 GMT
Server
nginx/1.16.1
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=1&siteID=3142&adID=739118&zoneID=440&RID=161625475589384519_2&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-eb188a36023e@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=1&siteID=3142&adID=716566&zoneID=440&RID=161625475589384519_2&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
avatar-1b0a71123bec@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ Frame 380E 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:18 GMT
integrator.js
adservice.google.pl/adsid/ Frame 380E 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 380E 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 380E 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=667478174397225&correlator=2866750987289692&output=ldjh&impl=fif&eid=31060496%2C31060520%2C21064365%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210320&iu_parts=53015287%2Cslovenskenovice.si_d_970x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&cookie=ID%3D96509a5de27ec800%3AT%3D1616254757%3AS%3DALNI_MZNaxDXB9t_lt68PMJ2eJP4Mwyjmw&cdm=www.slovenskenovice.si&bc=31&abxe=1&lmt=1616254759&dt=1616254759090&dlt=1616254758731&idt=351&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=2130&adks=3238640858&ucis=e84sysrowojo&ifi=1&ifk=539598778&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&top=https%3A%2F%2Fwww.slovenskenovice.si%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=660902750.1616254756&ga_sid=1616254759&ga_hid=645014556&ga_fc=true&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
409f105735d580558a63ee4c527b8823695eee63a0abd9cf0a0b72eeed5a0a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2413
x-xss-protection
0
google-lineitem-id
122729607
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303514837
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
526dff8e19425ce178237e40692ba742.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 380E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://526dff8e19425ce178237e40692ba742.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 380E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E9A 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031801&jk=3123492478155547&bg=!4OOl46fNAAbUo7L91KM7ACkAdvg8WnX1QbCRL18KaAYNm0xKBSRmGCAPkLOSiU0P1qCrIZN6jIq0GAIAAAIDUgAAAE9oAQcKAPIceP2KFIh-pkLXxCNK7W25P9tEQJ4A6aBJNCwYfrg2y9QztxywMpVVTzGRm2xr2H0mWIcPBy1cYlhOq-aULKbiobEzfpPgyQaf155y28513su1_oSi_ucpYZFqxrRe1nBiabK-SAUFedR3I7JiMzqw6Pc0vwguBeNoniGqjJcftKOlf52wyD2ad3g5dnUaAOUj7xYLFjTZQYtJYR00nozS7Sorfnv1cDOJHkzxnabd0jwgxao_LGoFHeQxMmYEVbiwyRzsyyz6HBJIS_cA6vY2PJkAVKw_7llPB04ntNLCjL_d3jBdz9H531n3yJuRQ6L2MZkCENyCXU8skCiFDioAVcsWt5RAujWmKGmQlet-YQtnbHG_JBXf8H18KFVsK0sNA7tVMmLclpX-yqQpvtLpkFehYaa5Fw20lped9gurxaOIAGSO2GJzVrAsUYRDyNGQY36HM21R9YErWITKGm6zCdxbc6kpUJjS-1-PAmZ5ErmxxfIx1ZXCR8smNV4X5ureBH97sGVBsJ2ZEyLBC_4qmZjhbG5Zj-ISmQtsCcrSfxRZVnboy2U6sGlTEUJQq5LPPc8rA1UsKHnCaabNef50spZBmqGhlOzKrJxf5GpSq9eh4kaPR3Q-3Zyb1R6fo9ifJSAYyy9HwSftF2CI2v3rhc3DHoyKdWiJc_pfXxqZtEKLmrWu2iWOhTekY5YpUx3Xc3kCFIxXTMIPQQ6ucT5Si4uTRpDsSc3a-2ey8hisYFAu_8AVOOwXM7vyIJx0fBZu4wfsHTyMUfuSJS98CG0AqwScjPRWRqgpiYwikPMo3LydIb7g4GqCeBWoJqjaFEsOerDxP2sq_v7B-DZphTfc3xBpV0h4jzv9vccvO5r-cBMnOadTPUEU5BsWQWtKGrYaQrS0L7RKyGV8HneMUh-AR_gqqOVIMNSZhj-kkkzFXbiBXKCBK1qZXUAFFBPTPJh3U4d-VQxTwgZjqZRjM6qAjWHiyJpTE7-HIVoJgRVV_l5EO-MzD1ktGZQAF_ZFjiiAQCm3BQ
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB82 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=1654443201664573&bg=!GxilGFzNAAbUo7L91KM7ACkAdvg8WrBAzYvkiqXXL269wsCJJguhGWisMgbTmjhfqwsnV24vnTMxlQIAAAIAUgAAAE5oAQcKARqXpNj9pzonbcqtyakyqmfAhSBOgw_WaEnM4_0oZmEaGTLRXxif9pKPzis0HbC6qTtb6hJz37oyoR_S72s2UkUlnXNXEMy5ecVLAoae6vQUN9NxtQ9OlPy9VHIJGLFEZcR4je27g_29HIHa-wrxLfalb0IT5nELCeey8Bpm80Qc2-uY1FIL0HQub0dSbXe4I_A_75NAPfXDCNG6lAgE-LD2rIlYo0KLQmobfjrqcs5YNYO1UcDgNjwjdVKtjS_uwW3nvQ_PUCwJNmEhl1YbbCmF5H2Zh9ClVslyTbWamICm0xWofKXuseuFbzeAWIbJMHBn8NgpC5sslHWA2ZRfZy4A2RGcXfWPUU46uxaO9O2uru1NvgO8iNFjAXCZAfhpYzXtpcS1w0C8zepGlxVCKNXUhRz_JWxBnKaQ_NxVZoLsyRObQiouixK27-Tje-M2HNbQ9SiLExtf_Uzh1nGSGBlXG-JlwtpWZrdQRlb2z7e6y3P37nqAMDWK9JdwnxLS3UXBUy7GAmQbQVjBHr8qpSJXVIjPrEhWQZtFIiFLG-DZr6_ky7kKnkQ5fLNGh3aAIXabmcBa72bLg2MqyPbfVgGUjpJZkustDDkZM3wpQzfqFF891iCuIz2eYhZrYBzRwz0Os0F3qAhel8l6ezAEmtTaI5rEidfTmSFJgUg7JPqjlD4b7zVx8w8Pz0VYQL28Hf1W9QICE0NbdIt-47hNPYPpLMOhflu8vegEygWb3OvlQZK15Hri4Y4H_2dZYDvPXc3e7qCnPR577TzgSnvdgq_4JGy4xHNhY5rvCf8yuufAz22P9dRE9EaLzt-G2NFtwxEK2EDaGiOf8K2QPsbKcu1rbZ1-OLB0goh6rqu8vKXmaty085O8NLZvvvtYFUw2nAmZexstDZzmrw3FxAVtIP9Y4qx7frD3826scFA0y2kI2AsXZaT_5gFJEaxOYmdmg6PR32DOIwySgg_Hl2DorP082ISjkZm1Ac_IWFn6attVKBnU8JPX2kq7K-XP3PzV15gi0HD9gfKFPcixR2ckB_iSjquI7OE
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7202 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031701&jk=745823534574309&bg=!PzylPHjNAAbUo7L91KM7ACkAdvg8WkwHQkdHkbhF_v822bUu4aMS_3QZ5tprT37hq9LlCDWaAAH7hwIAAAJAUgAAAEJoAQcKAU71eLZl_DMF1qrqA7XVY1hA16RExSrdUp9eZHI49cR2xHdAIi5W4kwtBQiEYjW6j9DmC6rW_tRe96_NDp37N1at7SpNVFGWv8dVcC32dzL8oMOcOoo1ySSttwpR9XZdGjo1b26mdV3bLLpuG6ugT4sBahBK5S7isw80RPIynpO1ViRcoYx9e1F9v0f-vWus9sA3hQ_8ESPrklYrHKy_ffDfoETvtj7Ehjrgod48dPu1JwTFahOjMBFXhQX9oF32P0Bc0yyQ3NgrnnALIk6QkQVk00MKQmlxOfOgvL3ZTgmwu1Sh7jDy3jjCT4pnzhTx7_zAJr-NZQsHc3aFBV6M00QEXkjoRzZwwEN3rZL09JCjakTDwHEkplz7FAxWIHcTD6ZmyDM5zxEZss5p5eyJ_ahDQUIlpuQNefUdySXGPm5VAY-loqf3zykKCJFcVkk0mQH6mA044hRylRVMJVZwvlpI0EGhwPnUPbEt6hEVWLeX3Uae7ZJ__C8PqNg00OJtunKz-e6VM2QnWhbzFGpgS5UZNxm7RvYMQjV1X70DtD3UT8H4f5MKHN4eNGCOA_Dyv3AXXfQcKSS4lXjgxbo_GRonvgDuYBF6AgFPKQXtj4hxIMyr0I22Djj6WL2rKeHhybPNqX2l9sfpiZlXHSoOMU_ndNiNInS4yshoq5J75C10QhRph4xqLipNgx5ppk9zfek9TSvdppbz3WwfiwnzUBeFwo4HnA8K7p2SdNodlgnHGqd-MfRgQuaga3At10s0WQJggcSVri58makb8pJiW2UK4jahXipTxIMAw72g6612MSumNim8sWlY73S05IJtIeSqc50YgMNRo2wwAljtaO95wXOUzcXo_Qab6qS4tMXIK4IZhnjcuShyzTX4aDo-Q1IGOoFZHKKsKlT7iO23QVmU_a2DsH2gVWS8PA0QqqbWLV0On4mfHMWT8JEn8i8XGFNTQQRc8wIcJYjeG9urN3zzh-k4xGdg0d-8IgL6OkxX9vpRkqtl5XsEqjFc16dsLpujj_vryZ2omls6duK1fsK2DHyySiNUXHtkY4jTkyPDYpHSsQXWvLC-ptsFbJ6VZVj2tgwNpbThrtUycdTcbY8gHhvwsd00sDXu7Nk
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 714D 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=2506633016641460&bg=!4uGl4aXNAAbUo7L91KM7ACkAdvg8WgHw9wumpJmpLSFl6CbRL1GeGouayFxlV5cj1zJ4Ow2IhW_OewIAAAIHUgAAAGRoAQcKACVkDYiDF1IxS3JsivPPUsQoOqWrBEVZ_HwpS3WaeHZmUPeyHThdmQIURN7Rb09vmYMq0HeI3572I2y-QiUfX-7b4OshH6q_7igLt08oAf3FStVcSgC_vWPm_ksjbnlCiYMH98IVGS8c3GwYKmQIjw9nHJNucRuOFyLuYYMHKwpc34etjVuH1AiOgRdxUHGC_rUfGMev3tBVCzdO719Rnr7u8sgENyQfteYEgODUv9pQuY8SFHwe72-NCJzDjX38M4HsHpH3UuI5u0KZ2Bub8jwfar3kF5_YNZ_NpI4lbD23HFNH1OHCzK5iCS0ykDcn8wM8Jf91Y_lCj9ggGZpH7BXurkju_KYVn4vxeLNYNX83NWLQgYxswmt-OfNI5BjGO5Z2xdE2MTiGU1fudEzdyiJ_YD7U2qkKdgYG_slh4IHARkyd4aRQXBvfR_OPfja13Mior8mmObR39usVVFX5bWu9y4Tc3kkH2oK-CH0VCfbutIR2oaoOL6rnZhYRQa7nRiF9O5ZhFLyc3cUwpqjXwklIhqXBKZc1KmnO0GH0mpPs3aib0svXhopq5z48d-COi2zNTEoyWS_8-q1DAzzrT2islDre3NyZ0mIQyWcuFNLwuJ07Z9L5vXAVozDqYWcB79PSnLFYoymHpYZzxPhf56jmupHPgFt3mIH0Mrod6dJVEiZr_bvpkrhu4ntNaRiswBbAVZCv2chvebEJojP88H34XMtPAY78Y5MfKVDYzFleBBOoHgVd48Qad74pvA
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/ Frame 5218 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442f2d67d6721fe8cc0ab941dde312830919c4b7e7e3e56c95b0304480ba87b8

Request headers

:method
GET
:authority
a.ipromcloud.com
:scheme
https
:path
/2021/125831/f5fab82e6ded3a92fb381b61638029f7/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-type
text/html
set-cookie
__cfduid=d529680069f527c6cd0f1054f9cb84abb1616254759; expires=Mon, 19-Apr-21 15:39:19 GMT; path=/; domain=.ipromcloud.com; HttpOnly; SameSite=Lax; Secure
last-modified
Thu, 11 Mar 2021 10:15:35 GMT
vary
Accept-Encoding
x-cdn
cdn1
access-control-allow-origin
*
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
cf-request-id
08f1e3898c000016eef5965000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63300855adbc16ee-FRA
content-encoding
gzip
get.ad
central.iprom.net/adserver/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://central.iprom.net/adserver/get.ad?vlog=67c4da40951b22ad547bc1d81470a4fe&js=1&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.160 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
central.iprom.net
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-iprom-bcluster
zver
Date
Sat, 20 Mar 2021 15:39:19 GMT
Server
nginx/1.16.0
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=1&siteID=3142&adID=733331&zoneID=236&RID=161625475589384519_4&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-a24d6a2640a2@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=1&siteID=3142&adID=677044&zoneID=236&RID=161625475589384519_4&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-35d0d209da95@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 640E 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=4111008315436986&bg=!oaKloubNAAbUo7L91KM7ACkAdvg8WnljaNC7UpTVO-kGGhyLa64dh7-SpZTmGajNgk0M9Frv2oCk0gIAAAHlUgAAAGFoAQcKAJGCQk-v2locwsGrmGLIn3E7GqJGvlOKGk6536qoezjxxjbbDNEd6zKxJTRU5hEartLt2P2D5x8fFNiWX5tWUtUXEr7qW4uwzZydolBfYAh5fETGGiJjJhSZGE716Vf6SCMtopFl6Piy3k0HoyySU5ISXWeI1vgRU7pZouJrfP2nX97Et8sunjOCEuC0hkQgMLn6mQIcvKnfcN8irca8l5n7PNC22BfompWsEEg8NayoDHgcIATyAwhpthRSUGC_obZLMmAHQiSFaDvXhHhO-EZMYPpfJ9O59FDuY9IM5SjpjDvf7bqIRi_YwADadorpzeVf8AI7y3BdBAVX2JMaf6VcdWrWFE6G144TE7oTBcwlWhERxo9QzvuTEvkM0yFpsYBwifdz__fYumzkgdsmN6uwI44AHA8Tc822rX9tFbTJ9jgfr-MK9bSH5ViupzjgMVZUw-8jVgttrexK88tnfIQORLciPf8mrJfB3JIypF5O42ia-UJQ68WjEP6CKCvRaGp0cKCAdT-eRLeJ7e8AW1RqBhKXbaJB1NqUXdIbGcFx_V_0d8UKZ8lToI_mnP0E6RtX_u2iSmg8QKuM0dhNrTEfv0uf04g8CzMHfwYjbJRELOYgcPeQo9VMqdFWzdDBPyUbTQMKrx9ko6GPGjT_LC4S-e1CPEzy9CpifzGjrxeZA6-8JyBsIVwMIb0FkiMqqxldzTd0qryGyiqskCH2xfRcvqmzXPPtzY5WX6ctGm_MIcd4XuPRknNVbcib5LiXQSiAqdFZsVRIc1bIZq_SrTftTRMLww6z_n-wEi2ogKtqsGoZcscl0sfgsyMrLqwUFPD9fh4iPS3mpEt8tizrZm5syZ4bUReDpM_OeHXzMyBy1BRB7YInMx_AqUW_tQg7MmrdkjoC3bgVLLghJ5AMi5OS
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1C77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY2tvCuu8Jl9GQKnVe1MjF2VU6GvNiFmbw3JjSO9H5uoDl0jETxIufjo5ZYsIl1hypaaverUpbT5X8wCnUBmWWqROkAlQmwmq5GRFpkGO9r1L0oxkfmZ1iI06uWNIIQxxgpn3PQL1q3Cs6cmYZt-c6tP7TEWB_qgm62Xq6baczKKPfnaj8rUQri30pdLif8SmomhvuXL1XbxDymXZm8tdgdajfbnUBYZqxZL6x-jFOcbIQSY-sbgA2Q4DrAuvmmEf1XUabvNoNw1sj3VkRW9DiOY8L5cZJH-R8WNTy8mnws5I7KdgkiPAzwh6ktgIYiBN2JipVj6RSEQjvOw&sig=Cg0ArKJSzE1k5wmTs-CXEAE&urlfix=1&adurl=
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
www.googletagservices.com/tag/js/ Frame 1C77 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
707089c9677a5eb7c4f3d8a16b02ec9dc546df8a0149f70500eb4b243f91eca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 188 of 1000 / last-modified: 1616192151"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19836
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C77 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:19 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 380E 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:19 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 380E 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f63ed25bf42f8dd42cf3bf798a5a6f59a4ade035885440658177e490eebfdbe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6533
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 380E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:19 GMT
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ Frame 1C77 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3F9 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031701&jk=2814334454933864&bg=!V1SlVBDNAAbUo7L91KM7ACkAdvg8WoeQEoXkns8sF71en4mINn_mf-n1WXTYHXNfOJou7x4Q4RKqMgIAAAG0UgAAAGloAQcKAGw8SaT5pXF8qvgs7mBXMYDY2s_Z3L70J0mo9hZsZX-VdDPIJ719jtcmq4iSdZl6FawtIBE54iEzdV1Rnkjjhnel8X0k9mqGBA9tBvO1fEV7UiDNFIqQsxbJ1DROKTCDOOnYq5G93a9EYWCmXquZAhZFXOMF3k8VUdilXqBLdkSKsM21hxd99EHu0yhP8EkgXVWGB1m3z0mfnHMRo4cEZ0sCzQlgkYEaq0G6D-TA8ep8GHG3LrpaA_VA1595QIb3uvwyA7UsNcd5UXhFD3eh9EYra-wQ-GI_QCaTv6ZbdSUW-HhM0MK---wPpt0HgUq7GSXfjFp42A7mnoyVfcWLi6J6ObeJQB2RLNKnwhi3iCt3V13CQJiTfSkyZQv765kCQLgDlRrC2hsMRoVGSfqkp2A1IXrqFA-6n-UuPnn1cTEa-ZwfWHs-GSWm216bS89ngCAIt0WPUg9KW9IO3yPontEjp8k8h8wcFVZz-URQjO3IwISyq79cpQriFVZtaE84Ew8jSGTsj4AWCs_BNL5mOdyQSyQBAt4Ss4VNOrDyiLwiYLLLAwWfSH90sX7c-OAKZSOwNxMkqaadgWseEH1IzmfY2NMV-dpW5MRhWo9SMAzi12qrPYegYR44Nmos5qno1PTTfYXW90ZoYOh5qksmmwfTgqRPLZVfix5pfbvqF_dfsm88l3RHaavjSQvA0APSo6D_l8HSnQ12s3oS4IU8WjeADZoWgnRujldTwg6X2vZpLyu0Y0TlArtNc9U-cdYu_SDAlC4NE9yYE-tfj0_PcpxRubIldpdFS--yb1NH3rYmBC1nZDBKQteAKE1TMuVX58E7nblkQbZXiG-qff2l1HovBKC2398
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame C683 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.slovenskenovice.si/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 20 Mar 2021 15:39:19 GMT
Age
35286
X-Served-By
cache-lga21965-LGA, cache-hhn4076-HHN
X-Cache
HIT, HIT
X-Cache-Hits
3, 464629
X-Timer
S1616254760.616507,VS0,VE0
Vary
Accept-Encoding
load-cookie.html
user-sync.adxpremium.services/ Frame E0A4 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

:method
GET
:authority
user-sync.adxpremium.services
:scheme
https
:path
/load-cookie.html?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d04774e09b3df7422250272ccc52834f81616254759; expires=Mon, 19-Apr-21 15:39:19 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax
cache-control
no-cache, no-store, must-revalidate
expires
0
last-modified
Fri, 26 Feb 2021 09:17:16 GMT
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
08f1e38a5b00004eeb7bab3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=17AggtYQrTKVU9H51JmLvoaGqhlp%2BhlSsp1KdDyKNaO7Rb%2Fo8wm5ksk1qXLOxjTqYIF0gfRiQiaNZYx0Ijzjb64eO%2BNnb9PGRORD0LB48gtAApIuFmryBnxoOZcJJFKxzf3bUqRHUQRQJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
63300856fc9e4eeb-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
showad.js
ads.pubmatic.com/AdServer/js/ Frame 06EF 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.155 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-155.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.slovenskenovice.si/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=128426
Expires
Mon, 22 Mar 2021 03:19:45 GMT
Date
Sat, 20 Mar 2021 15:39:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame A0BA 		1 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: cdn.ipromcloud.com
URL: https://cdn.ipromcloud.com/script/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8143d2ce4883c14ad30cc19e04d311470c3d54b5ba49ddfba2e337947888efb

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d928a03379667aca25171e9f0d8c9c9071616254759; expires=Mon, 19-Apr-21 15:39:19 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
08f1e38a5600004a977b95f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63300856eccf4a97-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
/
ssp-nj.webtradehub.com/ 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-nj.webtradehub.com/?c=o&m=cookie
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.193.146 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:41:44 GMT
Connection
close
Content-Length
0
Content-Type
text/plain
createjs-2015.11.26.min.js
a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/libs/ Frame 5218 		186 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/libs/createjs-2015.11.26.min.js
Requested by
Host: a.ipromcloud.com
URL: https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
1575
cf-request-id
08f1e38a5c000016eee8866000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 10:15:34 GMT
server
cloudflare
etag
W/"6049edc6-2e8b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
63300856ff4516ee-FRA
banner.js
a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/ Frame 5218 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/banner.js
Requested by
Host: a.ipromcloud.com
URL: https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0918dd8774012da2219657e1412143f0bc6d068a581c74a9353d298bd7734d25

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
1575
cf-polished
origSize=41506
cf-request-id
08f1e38a5c000016ee492f3000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 10:15:34 GMT
server
cloudflare
etag
W/"6049edc6-a222"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
63300856ff4616ee-FRA
cf-bgj
minify
targets.js
a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/ Frame 5218 		224 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/targets.js
Requested by
Host: a.ipromcloud.com
URL: https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4bf45630ec0760aa8823551c7db71ed218faf7d177a01f24a653486b356dbe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn2
age
1658
cf-polished
origSize=226
cf-request-id
08f1e38a60000016ee492f4000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 10:15:34 GMT
server
cloudflare
etag
W/"6049edc6-e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
63300856ff4716ee-FRA
cf-bgj
minify
htmlSDK.js
a.ipromcloud.com/js/ Frame 5218 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ipromcloud.com/js/htmlSDK.js
Requested by
Host: a.ipromcloud.com
URL: https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/index.html?clickthru=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTag=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331&clickTAG=https%3A%2F%2Fcentral.iprom.net%2Fadserver%2Fclick.ad%2Fapiclick%2Fqziuac9f21m90h73%2C300x250%2C66342%2C1616254759%2Chttps%253A%252F%252Fwww.sparkasse.si%252Fsl%252Fprebivalstvo%252Fkrediti%252Fstanovanjski-kredit%253Futm_campaign%253Dstanovanjski-krediti%2526utm_medium%253Dbanner%2526utm_source%253DiPROM_Programmatic%2526utm_content%253Dk21-03-0209_l1_f300250_c1_a733331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb5a72788789a4ff6bf456538e306c510058038769dcf490ffc1a1cd04cc2ae6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
3014
cf-polished
origSize=26272
cf-request-id
08f1e38a5c000016eec6a44000000001
referrer-policy
no-referrer
last-modified
Thu, 04 Feb 2021 14:50:10 GMT
server
cloudflare
etag
W/"601c09a2-66a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
63300856ff4916ee-FRA
cf-bgj
minify
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DCC0 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 20 Mar 2021 14:45:18 GMT
expires
Sun, 20 Mar 2022 14:45:18 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3241
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 1C77 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1C77 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.slovenskenovice.si
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1C77 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=311568240916124&correlator=2732109342265302&output=ldjh&impl=fif&eid=31060317%2C31060501%2C21068031%2C31060367%2C31060398%2C44733567%2C31060505%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210320&iu_parts=53015287%2Cslovenskenovice.si_d_970x250_1a&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&eri=2&cookie_enabled=1&cdm=www.slovenskenovice.si&bc=31&abxe=1&lmt=1616254759&dt=1616254759601&dlt=1616254759324&idt=261&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=2130&adks=2255646814&ucis=in0zzasvolen&ifi=1&ifk=2030815143&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.slovenskenovice.si%2F&top=https%3A%2F%2Fwww.slovenskenovice.si%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=1122427887.1616254760&ga_sid=1616254760&ga_hid=1609645903&ga_fc=false&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c9d1f6dcdd5f0bf2d10af5387b2daba6bbd9889723a8b1ff9f4f7b4e101cec6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
222286
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3910
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
334971
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.slovenskenovice.si
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1C77 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 1C77 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 1C77 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8ce3bee6cddb292b9da13b4738dbf153da752851dec30d1b3dbb870a495af82

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ozadje.jpg
a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/images/ Frame 5218 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ipromcloud.com/2021/125831/f5fab82e6ded3a92fb381b61638029f7/images/ozadje.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01abac27bd4a33fcfc21f720a2164ea25386019613f36cd085347389a21571e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
1659
content-length
38115
cf-request-id
08f1e38b07000016eef135f000000001
referrer-policy
no-referrer
last-modified
Thu, 11 Mar 2021 10:15:35 GMT
server
cloudflare
etag
"6049edc7-94e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
63300858088116ee-FRA
cf-bgj
h2pri
cookie_sync
user-sync.adxpremium.services/ Frame E0A4 		2 KB
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/cookie_sync
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d

Request headers

Referer
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08f1e38b1600004eeb8a076000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rjGkTqc%2FYzCZiKdniiiNbbd%2BiEgxLIpOL6xq0xzUcUqNaEUd7W1sbLkfyM2817e4AMc8kovmLSB4OE%2F47%2FOpry%2FhNcu3U1Yha0KDGkh%2BY6KmNLg0R7%2FM0ZGk3bvryeXWX22vq4ZDs9EZKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://user-sync.adxpremium.services
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
633008582ef24eeb-FRA
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1C77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjzI6a9XLFhGCohiGLVhnZFM4UyPYKSQHTcs7CNJ8h8I7evnNqyejS7bcd_uuGn49qJSyG40oV5VVGAQeVL2EGSGTSsLDr4497DIUNEoRvaq88xtSFX5UAeCabJpFDM0exztx36t9QBXiH-vNavBYdwLtZkA4JfpG1Ky9Jlz8SEw3ZC30sFJvPxxputZu3KbLgoRVeg4nykZObfXJ7dthD0b5zSNYv88QWx2OcQyzIvBTNypUATYtdXD8WwCMjFmLsOc4EAG9HkLQhnxvOhRBJXe8TF8wh6WHonPrzKbHAEPe4CA3nXExKMbXRzJtVKds-Kz4e0HTbva_3wN-9&sig=Cg0ArKJSzGl83i8fUA2nEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 20 Mar 2021 15:39:19 GMT
bounce
ib.adnxs.com/ Frame C683
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.49:80
AN-X-Request-Uuid
84ba1480-486e-4839-9777-71525dd0a2ba
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.151:80
AN-X-Request-Uuid
8cbf41aa-3123-4f3e-a510-e4c34a14d015
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 06EF 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=68990490&p=156308&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4b7b9919de6f7348b90f9697aa6afe82a1f2311ad8c0de2ddb48dc08cffae5be

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:17 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
sync.html
s.adtelligent.com/ Frame 3B13 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=601760
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5161::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
VertaMedia 1.0
Date
Sat, 20 Mar 2021 15:39:19 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
736
Access-Control-Allow-Origin
https://user-sync.adxpremium.services
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
1
sync-eu.connectad.io/syncer/ Frame 52DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
sync-eu.connectad.io
:scheme
https
:path
/syncer/1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.connectad.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.connectad.io/

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
set-cookie
__cfduid=d65497238fd0a17c8597a516a8c3ab95b1616254759; expires=Mon, 19-Apr-21 15:39:19 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control
no-cache, private
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08f1e38b4500004a9759a58000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
633008586f274a97-FRA
Log
core.iprom.net/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=1&siteID=3142&adID=739118&zoneID=440&RID=161625475589384519_2&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=v&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
avatar-102dc255bfdd@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=1&siteID=3142&adID=716566&zoneID=440&RID=161625475589384519_2&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=v&referer=https%3A%2F%2Fwww.slovenskenovice.si%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-43d8dc0a058b@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame DCC0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
95659
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
container.html
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D733 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sat, 20 Mar 2021 15:39:19 GMT
expires
Sun, 20 Mar 2022 15:39:19 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 1C77 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:19 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1C77 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53ae84037babcb13a86711579b3ec1314e22e7e6d9a157d90b9307be9a000198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1C77 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:19 GMT
csync
sync.adtelligent.com/ Frame 3B13
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6a9ef610-faef-44ee-9727-6a529ba83978
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6a9ef610-faef-44ee-9727-6a529ba83978
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6a9ef610-faef-44ee-9727-6a529ba83978
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
u50dj3vkh4b8087jabss86fb99a8a9mi
csync
sync.adtelligent.com/ Frame 3B13
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2843067914202549357
86 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2843067914202549357
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.9:80
AN-X-Request-Uuid
02970ce4-d4f5-40b1-b426-66bbc8508b7f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2843067914202549357
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
rtb.adxpremium.services/ Frame 3B13
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=d9f2faffbdb02c46
0
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=d9f2faffbdb02c46
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FmKqVNQIfk5sbH5v%2BJb3%2FaZzo8jDQETGVOPNJ%2B20sLk4ik%2BO66PVE%2Bunsklrhp02RiFE9cJ%2FyXKvNGq2pGfhMTK2iAONUE0XdYqVkVOLpyuZeT6FTcnkhaGSQZyj3sC1H%2F7sCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
6330085cbe2a4eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
08f1e38df600004eeb52315000000001
expires
0

Redirect headers

Location
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=d9f2faffbdb02c46
Date
Sat, 20 Mar 2021 15:39:19 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame A956 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.slovenskenovice.si/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.slovenskenovice.si/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 20 Mar 2021 14:45:18 GMT
expires
Sun, 20 Mar 2022 14:45:18 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3242
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 380E 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=667478174397225&bg=!FRalFlLNAAbUo7L91KM7ACkAdvg8Ws_ZF-wopp-Sp-Y0KgCWrdkiaAL_LItcLE_vy5Q5zuu_l7GjoQIAAACSUgAAADhoAQcKAPP75-8YvICs1jTHi9w80OTxtbG3HgQJr3xGFPwwiBnMT0wNGqpNK1Tx_kgSiHX-RjhmJ41V8eQSSWB_RG-s1wLX3m_wFQ2cW6mZ-I5sMZ7NIP3on5vH1bcWDFWVJuZCCWK3piTeEC5sTgXiWgRwb5CPAQSSOc-TNE0xu8ldyuRiW0WVBhmLblgo_SGtqvkqIRWcKvDbccGI3InSeM4eZpjhtZlOORTz28oQPAtaaPVnDpIus4r4Y_3CRRcQ7eMwSCwj8QRkqwHKlQWrpW1niaw5gtH7f2rtIWeU9sFMOWfdzNXEZEBPq2tdPvEQ1aG3oxB2wG6ZAgGPpNvgJ-vBPkx7X7B5FaRLsXFsmTJr61_ZGjBmdA5OuIUVVTPHuOyREDyySEoPhgP32f5acpxg6XJnww-XAAZpDng4jfqmdlq7f_PHTq6G_jGfBL7VcV8XIHbx4JwKsaaTyOCwg8YO82UVx4iDS9LwZVNdCHLlZ88tye5n762SfC9a1lbQU3Y6zxWjdomcHsQXE1MZcdAP1TrBtrJ9_i4soHiSVAtfetbD0ASMdYx45R8aiaAVBK-4w4tSkR0fgnJBYW_M-703PFf3HNAnPm8oOTKqqESfpy9IS4YYvIY803uTgIh6ErR7AgU4zAo8uDo2k5l_i1JAAKz0JdemCr21Zg2y0SNep_sYmFJIT3593312IoeBAbPfHcuY1NoR3GwTEj7yOgbp08C8usVosM9fb6d0wu8guhgw6tTemTMC9iq5mf18TVLVHfixn0S6k5wur4uFYri30BJWLi8tZiJF_GslBFoMxBKE5F9RKJWtNpKYucrQM9NpQAJhVNbV0vcNfb7Byq93ugw8vrw8iW_-DKUxV5H1nhNLhSA58RgtCdZk--udhSHFc0QhzVSBj1aPe4HznU3nG1OWcHiSoT4_pUodPUloWM4a5O7eIjoTFmSuMjN4LF3JtDgt_gCuwFtevd4myvmIP-DdFgNkBvlImdHWUc-hw3Ue-BbTpEzXG1w
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D733 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuoWZJxdWYOCTKIvx3wOJwqXwDIbK5Z5chIHg9s4CwI23ARABIABg6eTJhdgaggEXY2EtcHViLTEyNzQ0MTYzNTM2OTM1OTjIAQngAgCoAwGqBP0BT9A6LIaY5Jr1l5ZT5xMbNv-zlWvlA4jAHIagbJqOkj2Paw2kmetCBPGlXs0NWG55fI_gx69GwFXHqwyNCtpTG4JkKcNVhWB9qKN-4EGB-eValFgkE3nbSgu1MWUw67rptF3Jn-w1l58rp3A460QOEEQyuvQqB_Ahn1VK0K8AZthYYQuzjR_asHoc1M35xaBUcvLwU9NbpPnCKsU7RrHE3GGE2CKpxpqCbj3flrhs0FqgbfOD-JGVjuCTtAhaPiQ0IYtHmUNLccUojFAj9OM6DJpz6YHbK-JOPGRkht_YYAg2M3Vs1tJc1B968X5M9umsAB_CRHThDuCv51OemOAEAYAGz4fr3pONsJICoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YBQEAHyCBthZHgtc3Vic3luLTM5OTc5NTMyNTUyOTc5MDiACgP6CwIIAYAMAbIXGAoWEhRwdWItMTI3NDQxNjM1MzY5MzU5OA&sigh=Ie2893W4TiI&tpd=AGWhJmvO4qI2wW3VwLzCjkF9QnCqqDHL35TlE-fGHN05ukSjQV3a8NMr7DrjWSiTvqrB8Mtb03rWa-SNCxii9P6vQRRsGpK7pBC6B7vkGaxNY9ICe-Ujwj2dF8JBuTTM2rxLHqwtpXfx2fGPTdODiNGCUENoeQ3DUMD_i4N5htwz0YtH6D-4In48OtvROCBknjJ1LJyJTbv4xLcLQJcZAVOwSWSb_R3BuA5PIpDq_YSJ2AXSCoKdnq2csnTaMcKhLqoM9PblnYUIwL8U9TbQ6MWzQMcFqwGG4oHlGvzn9TCMH8w2FVLoZYZkPfzJOev8KabDLpGZnU6lYsLDMhBRttTL4HFUE2UB0lWTKJW6POdMrdSFROPOG6uQFbAtdOBhNkJBk1JrDouyFtqb3Db43D7asuXIElWwUpXgSRoEpRqUargpMZbJ8JMgUXS1vCoO2GjmeVpyj2NJRXz19bVuDw2D5fUGKodbeyWmQBQmbPgLfq780yMiBpe2Pyi1TdiaH5n4NT32l5_e18eYx-N80Y3W77yjgbmYyDFo8cFoO5Z_aSsCsopCkceP9XSbkzoMwXIMle2UOueAjbSzVDBxeUnzon7-z-vUL8qttgDqGJTf2zZZYNQHDVN0Tm9QLz8RGzgySsWTPDwKXtJGJ2eHT6HHzeed2YMm4Cz0KMcBLbPC6S81aDhtbNkOfZALv7bGuMWkn3yLmQAa556vR6rH9juvhvSnU9mI4kcxX9TF_YRLD-8pVoM7IR6pcU5wJg6hdLywaPF2eJZ3KFUDBrt72w65oUlf1pyq5NL1YcbAFUlfZtueORxLXenviFsbLLHPUwjgDCWM04BGbyRQ5XTGZHkg5pn7mE2R3JM45eZh2Kj5F3OEseyBR9OH8uHIRxjRES1WcDOB0N1ioLnHj_TSajjIgUCme1B1325BqDvPhTsJnIpGKGWGaZkNxVm-riJ9NNfXoB4Nlh4xmEoJMm2axNkG0B39Cz2Xnkgi8ltuz4HvrVVto5nr1EvKzNMRL9A6aOoqKZYVKEh9dWyhGnNuw4wAFgPIkNcIlyeELA
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame D733 		1019 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=43991442;rtbwp=AAABeFBKc1lK669vrXTd6PXVbV4bq1Iq5JWZeg-eyMhVfmw60Hqy1X_Rg_1JwGAC0-z9se30;rtbdata=4KraxiC3ARtPa4jDgw9AaoPRV26ZdGsdPDBUZKk5DxawgJVZwTBtYp_8OnJ9y6cmbs_y4F3FakeQPrGnUOMDHJrpkRgTR6SDdIsNlk-9j3K8krUCz8sNYt4704e-bYUxSy2XKghcUmQHy-WQ82gtE5OWcp24izMTBGradKHP7Z3VXFHw3ZvDPXC6TMr2FG5WVi7VyznwOE-RV-QcE45NG08BsFdQCnhE4UFuhV40q881
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7251ca7331baeeed7a01d64a83576009be8f8725fe8fb9623e15fd6cb81c4fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
884
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame D733 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 15:37:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D733 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sat, 20 Mar 2021 15:39:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame D733 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 15:37:43 GMT
l
www.google.com/ads/measurement/ Frame D733 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2C7r3bToWL9Bjk_y229yOaSUvO5nybq_kFqIfIDHyaqPS4PgwOBt_28eGI4P_Ot6u5S78
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame D733 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85282
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7485
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 15:57:58 GMT
pubmatic
d5p.de17a.com/getuid/ Frame EFDA 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=68990490&p=156308&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.168 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-168.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 1237 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=68990490&p=156308&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 20 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1399
x-powered-by
ASP.NET
date
Sat, 20 Mar 2021 15:39:19 GMT
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 06EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MK0CcYRRdWBhd9bX7umDA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.155 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-155.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=133732
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Mon, 22 Mar 2021 04:48:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 06EF 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6330085b1a392c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e38cf000002c4e8e342000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 06EF
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:18 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:18 GMT
frontend-id
12
location
/pubmatic/1/info2?sType=sync&sExtCookieId=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 06EF
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&addseg=21
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&addseg=21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:20 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sat, 20 Mar 2021 15:39:20 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 06EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUNDMkI0MDktQzYxMS00NUQ1LTgxODUtREY1QjVGQkJBNjBD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:20 GMT
X-lat
lhrpug005:0:771
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 06EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDrWAb2pKQ4eCBJ5xs8mxn8&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDrWAb2pKQ4eCBJ5xs8mxn8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:20 GMT
X-lat
lhrpug017:0:399
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDrWAb2pKQ4eCBJ5xs8mxn8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 06EF 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 19 Mar 2021 15:39:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 06EF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=920e402c-c30f-44de-a326-4d757e2435a5
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=920e402c-c30f-44de-a326-4d757e2435a5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:21 GMT
X-lat
lhrpug014:0:529
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=920e402c-c30f-44de-a326-4d757e2435a5
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 06EF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7213171251011680079
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7213171251011680079
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:21 GMT
X-lat
lhrpug018:0:406
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7213171251011680079
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 06EF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c3636056-1729-4e00-af2e-d0fac6aa9162&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c3636056-1729-4e00-af2e-d0fac6aa9162&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:21 GMT
X-lat
lhrpug004:0:593
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sat, 20 Mar 2021 15:39:20 GMT
Server
MT3 3611 f10363c master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c3636056-1729-4e00-af2e-d0fac6aa9162&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 Mar 2021 15:39:19 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 06EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2843067914202549357&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2843067914202549357&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:20 GMT
X-lat
lhrpug017:0:452
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:20 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.237:80
AN-X-Request-Uuid
5d76de02-2eb5-4e1c-9ccf-00b370da7fc2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2843067914202549357&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 06EF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b4cb0d90-65fd-448e-956c-aab8c440e71e&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d81b75a6-9147-4c20-91b2-cb3d99514257&bsw_param=b4cb0d90-65fd-448e-956c-aab8c440e71e&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b4cb0d90-65fd-448e-956c-aab8c440e71e&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b4cb0d90-65fd-448e-956c-aab8c440e71e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:21 GMT
X-lat
lhrpug005:0:491
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b4cb0d90-65fd-448e-956c-aab8c440e71e&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 20 Mar 2021 15:39:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame D733 		35 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43991442;rtbwp=AAABeFBKc1lK669vrXTd6PXVbV4bq1Iq5JWZeg-eyMhVfmw60Hqy1X_Rg_1JwGAC0-z9se30;rtbdata=4KraxiC3ARtPa4jDgw9AaoPRV26ZdGsdPDBUZKk5DxawgJVZwTBtYp_8OnJ9y6cmbs_y4F3FakeQPrGnUOMDHJrpkRgTR6SDdIsNlk-9j3K8krUCz8sNYt4704e-bYUxSy2XKghcUmQHy-WQ82gtE5OWcp24izMTBGradKHP7Z3VXFHw3ZvDPXC6TMr2FG5WVi7VyznwOE-RV-QcE45NG08BsFdQCnhE4UFuhV40q881
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
686df60545fbf0a0d59457fc410d3f997b5c904afdedb6d1b67a48984d6a2cda

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 15:51:47 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 21 Mar 2021 18:26:09 GMT
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame A956 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 13:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
95660
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 13:05:00 GMT
Ping.aspx
engine4.livenetlife.com/ 		1 KB
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://engine4.livenetlife.com/Ping.aspx
Requested by
Host:
URL: 0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.148.163 Ljubljana, Slovenia, ASN12778 (NETSI NETSI.NET AS, SI),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4d1535b9eb3f5c1675c6959754e8faa289b9668e16dbf5eb3979eb7e4e17a69

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
/
track.adform.net/adfserve/ Frame D733 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=43991442;rtbwp=AAABeFBKc1lK669vrXTd6PXVbV4bq1Iq5JWZeg-eyMhVfmw60Hqy1X_Rg_1JwGAC0-z9se30;rtbdata=4KraxiC3ARtPa4jDgw9AaoPRV26ZdGsdPDBUZKk5DxawgJVZwTBtYp_8OnJ9y6cmbs_y4F3FakeQPrGnUOMDHJrpkRgTR6SDdIsNlk-9j3K8krUCz8sNYt4704e-bYUxSy2XKghcUmQHy-WQ82gtE5OWcp24izMTBGradKHP7Z3VXFHw3ZvDPXC6TMr2FG5WVi7VyznwOE-RV-QcE45NG08BsFdQCnhE4UFuhV40q881;js=1;adfxid=1x;6218;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.slovenskenovice.si
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
554df558894384d2d103892cec4d3ee5e977d45a1ab8acc21ed41cb435bcab1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2410
expires
-1
B25163995.293635391;dc_pre=CJ_2g5eav-8CFcEWiwod6WcD3w;dc_trk_aid=486903751;dc_trk_cid=144336572;ord=42281;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=
ad.doubleclick.net/ddm/trackimp/N1426392.3421449OMNICONSOLE/ Frame D733
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1426392.3421449OMNICONSOLE/B25163995.293635391;dc_trk_aid=486903751;dc_trk_cid=144336572;ord=42281;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N1426392.3421449OMNICONSOLE/B25163995.293635391;dc_pre=CJ_2g5eav-8CFcEWiwod6WcD3w;dc_trk_aid=486903751;dc_trk_cid=144336572;ord=42281;dc_lat=;dc_rdid=;tag_fo...
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1426392.3421449OMNICONSOLE/B25163995.293635391;dc_pre=CJ_2g5eav-8CFcEWiwod6WcD3w;dc_trk_aid=486903751;dc_trk_cid=144336572;ord=42281;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=?
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1426392.3421449OMNICONSOLE/B25163995.293635391;dc_pre=CJ_2g5eav-8CFcEWiwod6WcD3w;dc_trk_aid=486903751;dc_trk_cid=144336572;ord=42281;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
us-u.openx.net/w/1.0/ Frame AFA6 		1007 B
950 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.203.0 /
Resource Hash
9f7cf90e4c059a050cfc2214197a9b4d17dfedf5a47fb52058978f2b189edc74

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=80ec4686-eaf7-48f0-a67d-62af7ed4c808|1616254760
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=80ec4686-eaf7-48f0-a67d-62af7ed4c808|1616254760; Version=1; Expires=Sun, 20-Mar-2022 15:39:21 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616254761|mOgegqnskin0vNomiygu; Version=1; Expires=Sun, 04-Apr-2021 15:39:21 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 20 Mar 2021 15:39:21 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear
truncated
/ Frame D733 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4138c7a1cc135a3fc33eaf2fb3b3009783b643f20f1e7025e3faea23357f8af5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame D733 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 15:51:47 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 21 Mar 2021 19:25:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C77 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=311568240916124&bg=!np2lndnNAAbUo7L91KM7ACkAdvg8WjknPAkiwcHEsCTHhcCWQrjHFcEe-p4rNfD2eHpE-5lFzGwEfwIAAADyUgAAAAxoAQcKAB0WkCUjxU4GhANrnPMnIAprj3TIWbN0oK7u2fs-4pkCIQjviUsPvD8Y7Zsx48tO5uzZm0Qx-LF0a4o4-wMpA5ch7-lfuSJf1vUBzuiCHoD5h7pNgoYrAAi9PQav_xflnppR3jGymSI0lASRt7lq114BaveBI-GS3l41JE_Fup9XViuKTWssv70bCV4SxIU0U6S7C1Q-7X4Y9_Nf8au5_eYdtmj3mX6tXqWTjNnCl3LEuG1Gh9FwSpt230mvZ0prwUDNiHMX4FYNHbUkcIloMlg0-JodLwPwLh5C5DgNOoWK_BRdnX5tfmhsnEenk4lGNtcIw_J0IIzXC422KDjz4GVnAuAqTKSp29HjkXA23BdaenWMFUexJWTf74q7jKudfHCdKoEHoeJn2cWDzwo1oQDedE2kx-TRO1VAaIdRcqyr2PYuCawPNa-lLTF7weU7_vQ2XdHgLAtEaJYsrcL2dH2cWU3LbFnRU9b26Ms-zhIP6tIndF2L2rre72dqzOwe_ZBPjq3L9IO2_RRYoFmEHbfh5H1gMgz2bqBLb30G2d5vwpxva8ytHpTLhikb0xs3JbuaHNvIy2tFp0Z3nSe214NP5zkIsfUNaquObvmE-H9dkEZTCb8rqYpHdIjvwc2wKRo8Z9GLHU6vgTQuCCilLjroRIo4n9OnFYpyB9LhPxhq28f9qZzPNmWgI5oTwdY-WmHJS1tr61rfUI8dMIhrZL9yYwNoMb23jzNFxS8qHWhTPhMkt8IllRXCqb-W6-eUvey-
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/csimpr/ Frame D733 		35 B
502 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=43991442&csi=J9zAhEtdtpNy8VwOWur9Vj_FrAi79m8k8XY3tDh0_brZKGWOLEEutvLvErD9xNSG0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
9223123.js
s1.adform.net/Banners/Elements/Files/2077934/9223123/ Frame 7667 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2077934/9223123/9223123.js?ADFassetID=9223123&bv=258
Requested by
Host: www.slovenskenovice.si
URL: https://www.slovenskenovice.si/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
afb06cee92026a44c629b5b199bf775283a5853537c89eb03cf33730206bffdd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2021 11:31:54 GMT
server
nginx
etag
W/"6021212a-110e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 7667 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=620
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 12:11:56 GMT
server
nginx
etag
W/"5f84480c-78ab"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
createjs.min.js
code.createjs.com/1.0.0/ Frame 7667 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 20 Mar 2021 15:54:20 GMT
970x250.js
s1.adform.net/Banners/Elements/Files/2077934/9223123/bvpath_258/ Frame 7667 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2077934/9223123/bvpath_258/970x250.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bb9c02f801e3f9e0927d9cea4fe530538ebf750242a8553de9d25dfad0de65ec
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2021 11:31:54 GMT
server
nginx
etag
W/"6021212a-b1f0"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
KV.png
s1.adform.net/Banners/Elements/Files/2077934/9223123/bvpath_258/images/ Frame 7667 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2077934/9223123/bvpath_258/images/KV.png
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
04f6c7f5e15091a5937558e4da052f5967264843fc4d62c516131317bb3bb1c5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
last-modified
Mon, 08 Feb 2021 11:31:54 GMT
server
nginx
etag
"6021212a-b74e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
46926
async_usersync
ib.adnxs.com/ Frame C683 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:20 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid
1bdb3668-54f7-413f-9fe9-4bd402b522c6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Set.png
s1.adform.net/Banners/Elements/Files/2077934/9223123/bvpath_258/images/ Frame 7667 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2077934/9223123/bvpath_258/images/Set.png
Requested by
Host: fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
URL: https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b5e1dce3f360295382fcd8ab5f59913ff723068b50866bc0c71418b6342e04d7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:20 GMT
last-modified
Mon, 08 Feb 2021 11:31:54 GMT
server
nginx
etag
"6021212a-5810"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
22544
connectmyusers.php
cdn.connectad.io/ Frame BA0A 		1 KB
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8143d2ce4883c14ad30cc19e04d311470c3d54b5ba49ddfba2e337947888efb

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

date
Sat, 20 Mar 2021 15:39:21 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d549864f73d504f44df38033ecf2ff2ad1616254761; expires=Mon, 19-Apr-21 15:39:21 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
08f1e390c800004a97618b1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
633008613cea4a97-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 201A 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.155 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-155.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156308:2; KADUSERCOOKIE=ECC2B409-C611-45D5-8185-DF5B5FBBA60C; chkChromeAb67Sec=1; DPSync3=1617408000%3A226_221_201_227; SyncRTB3=1617408000%3A54_3_161_56_7_220_21_13%7C1617062400%3A63%7C1617494400%3A35; KRTBCOOKIE_57=22776-2843067914202549357; PugT=1616254760; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&22987-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&23025-CAESEDrWAb2pKQ4eCBJ5xs8mxn8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=133731
Expires
Mon, 22 Mar 2021 04:48:12 GMT
Date
Sat, 20 Mar 2021 15:39:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 785F 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.155 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-155.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156308:2; KADUSERCOOKIE=ECC2B409-C611-45D5-8185-DF5B5FBBA60C; chkChromeAb67Sec=1; DPSync3=1617408000%3A226_221_201_227; SyncRTB3=1617408000%3A54_3_161_56_7_220_21_13%7C1617062400%3A63%7C1617494400%3A35; KRTBCOOKIE_57=22776-2843067914202549357; PugT=1616254760; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&22987-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&23025-CAESEDrWAb2pKQ4eCBJ5xs8mxn8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=128424
Expires
Mon, 22 Mar 2021 03:19:45 GMT
Date
Sat, 20 Mar 2021 15:39:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
setuid
rtb.adxpremium.services/ Frame E0A4
Redirect Chain
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=TDXHJAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RX...
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=2843067914202549357&mpk=TDXHJAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV...
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=2843067914202549357
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=2843067914202549357
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DkPKJKPPp5b0k0QBBqYpWhJ%2B%2ForZdatQbttuTpfLMwDg26UsjQsxOsS%2Fxbsl18xHOUxc9ZgqmEohvr1JjVcCDwaJUYjgRFTdPRf874Kyu%2BmnG9Po%2FGV74q6%2BVdlA4p1SZ75zKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
633008640af64eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
08f1e3928800004eeb472fc000000001
expires
0

Redirect headers

date
Sat, 20 Mar 2021 15:39:21 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wPMhIHo1Mu5NKllfqd9%2Bg0cYU4K9mHFvgOUkLQw8Jres8N1aAaXQysXvpXqRr968OoayVddmHqGzGWDFnpQ09UunXFJ7ngRiTHHcmlFptTTa%2FmH9xDdNTl7xpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=2843067914202549357
cf-ray
633008636966d709-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
08f1e3921f0000d709fa88e000000001
/
ads.us.e-planning.net/uspd/1/ Frame 312B
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_...
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
24ba618e3902116dec23df331662453485ad0308ec748441bb7d3f6d9ce3dffe

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

server
openresty
date
Sat, 20 Mar 2021 15:39:21 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AMjaCvTgBC9Nqdoj; path=/; domain=e-planning.net; expires=Sat, 18-Mar-2028 15:39:21 GMT; SameSite=None; Secure
expires
Sat, 20 Mar 2021 15:39:21 GMT
x-sid
AMS-745
content-encoding
gzip

Redirect headers

server
openresty
date
Sat, 20 Mar 2021 15:39:21 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
x-sid
AMS-745
c7871f9b-d3dc-e54e-cd7c-bcb2e5a436bc
pr-bh.ybp.yahoo.com/sync/openx/ Frame AFA6 		43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c7871f9b-d3dc-e54e-cd7c-bcb2e5a436bc?gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame AFA6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qpLWjYjR1LnDHc5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qpLWjYjR1LnDHc5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:22 GMT
Server
PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0dbb3bb3e77219ff5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qpLWjYjR1LnDHc5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AFA6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=b4cb0d90-65fd-448e-956c-aab8c440e71e
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=a1ea3b7f-bd8d-4485-888c-171b3bbafc58&expires=10&ssp=openx&bsw_param=b4cb0d90-65fd-448e-956c-aab8c440e71e
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b4cb0d90-65fd-448e-956c-aab8c440e71e
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=b4cb0d90-65fd-448e-956c-aab8c440e71e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:22 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=b4cb0d90-65fd-448e-956c-aab8c440e71e
date
Sat, 20 Mar 2021 15:39:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
redir
rtb-csync.smartadserver.com/ Frame AFA6
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDa2xVN0FyQzRBQUJHNXEtSWRiQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACklU7ArC4AABG5q-IdbA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir
Date
Sat, 20 Mar 2021 15:39:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame AFA6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c3636056-1729-4e00-af2e-d0fac6aa9162
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c3636056-1729-4e00-af2e-d0fac6aa9162
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 20 Mar 2021 15:39:21 GMT
Server
MT3 3611 f10363c master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c3636056-1729-4e00-af2e-d0fac6aa9162
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 Mar 2021 15:39:20 GMT
sd
us-u.openx.net/w/1.0/ Frame AFA6
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=CqtFAw2sQgwR-UkNXqxdAl2iEVAR-UBWCalaBjNh
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=CqtFAw2sQgwR-UkNXqxdAl2iEVAR-UBWCalaBjNh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=CqtFAw2sQgwR-UkNXqxdAl2iEVAR-UBWCalaBjNh
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame AFA6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7213171251011680079
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7213171251011680079
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7213171251011680079
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame AFA6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=534079df-4370-7707-fcab-aa471af3fbf5&gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.156.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame AFA6 		170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2YyZmFhMTUtOGEwNy0yOWEzLWU5NGItZjBmZWQwMTEzNTk1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AFA6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9SDR-cIjFTW2XLcHroIpI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9SDR-cIjFTW2XLcHroIpI&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO9SDR-cIjFTW2XLcHroIpI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams02.e-planning.net/ Frame 312B
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3De533928420f05e88
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=e533928420f05e88
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=e533928420f05e88
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:22 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=e533928420f05e88
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame 312B
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2356433572
  • https://sync.1rx.io/usersync/tradedesk/c3eb79ee-5b99-436c-a8f4-02447e7a2eec
  • https://sync.targeting.unrulymedia.com/csync/RX-d59fb517-c06b-48b3-ada6-56bd038bd4c5-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d59fb517-c06b-48b3-ada6-56bd038bd4c5-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-d59fb517-c06b-48b3-ada6-56bd038bd4c5-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-d59fb517-c06b-48b3-ada6-56bd038bd4c5-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:29 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Sat, 20 Mar 2021 15:39:29 GMT
Server
Tengine
ETag
RXd59fb517c06b48b3ada656bd038bd4c5003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.e-planning.net/um?uid=RX-d59fb517-c06b-48b3-ada6-56bd038bd4c5-003&dc=1079cc634ca638f8&iss=1
Connection
keep-alive
Content-Type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 312B 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 19 Mar 2026 15:39:23 GMT
tm60118.js
tag.navdmp.com/ Frame 312B 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:21 GMT
content-encoding
gzip
cf-cache-status
HIT
age
587
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
08f1e393ac00002bc23b057000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
63300865dd092bc2-FRA
expires
Sat, 20 Mar 2021 16:29:34 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 312B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 19 Mar 2026 15:39:23 GMT
um
u-ams02.e-planning.net/ Frame 312B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3De533928420f05e88%26uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3De533928420f05e88%26uid%3D%7BPUB_USER_ID%7D
  • https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=e533928420f05e88&uid=99131853-d3f7-4ed4-bf14-7b93f88b3bac
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=e533928420f05e88&uid=99131853-d3f7-4ed4-bf14-7b93f88b3bac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=e533928420f05e88&uid=99131853-d3f7-4ed4-bf14-7b93f88b3bac
date
Sat, 20 Mar 2021 15:39:23 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
um
u-ams02.e-planning.net/ Frame 312B
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3De533928420f05e88%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e533928420f05e88&uid=6a9ef610-faef-44ee-9727-6a529ba83978
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e533928420f05e88&uid=6a9ef610-faef-44ee-9727-6a529ba83978
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:22 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e533928420f05e88&uid=6a9ef610-faef-44ee-9727-6a529ba83978
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
trqn6ji4gjd1sq50qpgo89tf3hep0qi2
ptag
a.audrte.com/ Frame 312B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4f600b1db2ac23f7973100fae454508086ff2db74558b89428d64639c2b38e79

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:23 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1663
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 312B 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 19 Mar 2026 15:39:23 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 312B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3De533928420f05e88%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 312B
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3De533928420f05e88
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.50.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cm021.richaudience.com
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:28 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Type
image/png
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Date
Sat, 20 Mar 2021 15:39:28 GMT
Server
nginx/1.14.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 312B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De533928420f05e88%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=e533928420f05e88&uid=2843067914202549357
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=e533928420f05e88&uid=2843067914202549357
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:22 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:21 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid
b3778d3e-aca3-4b72-a2b6-828554f0dd88
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=e533928420f05e88&uid=2843067914202549357
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 312B 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3De533928420f05e88%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 312B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-tm6pV_lE2uEEfruQDVmw04g0ZeId8xB8OLUhTCw-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-tm6pV_lE2uEEfruQDVmw04g0ZeId8xB8OLUhTCw-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:22 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Sat, 20 Mar 2021 15:39:22 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-tm6pV_lE2uEEfruQDVmw04g0ZeId8xB8OLUhTCw-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 312B
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3De533928420f05e88%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=e533928420f05e88&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=e533928420f05e88&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:22 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=e533928420f05e88&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
Date
Sat, 20 Mar 2021 15:39:22 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame 312B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 894E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 Mar 2021 15:39:23 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Sat, 20 Mar 2021 15:39:23 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A133 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De533928420f05e88%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.155 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-155.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156308:2; KADUSERCOOKIE=ECC2B409-C611-45D5-8185-DF5B5FBBA60C; chkChromeAb67Sec=1; DPSync3=1617408000%3A226_221_201_227; SyncRTB3=1617408000%3A54_3_161_56_7_220_21_13%7C1617062400%3A63%7C1617494400%3A35; KRTBCOOKIE_57=22776-2843067914202549357; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&22987-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&23025-CAESEDrWAb2pKQ4eCBJ5xs8mxn8; KRTBCOOKIE_466=16530-b4cb0d90-65fd-448e-956c-aab8c440e71e; PugT=1616254761; KRTBCOOKIE_27=16735-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&16736-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&23019-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&23114-uid:c3636056-1729-4e00-af2e-d0fac6aa9162; KRTBCOOKIE_391=22924-7213171251011680079&KRTB&23263-7213171251011680079; KRTBCOOKIE_377=6810-920e402c-c30f-44de-a326-4d757e2435a5&KRTB&22918-920e402c-c30f-44de-a326-4d757e2435a5&KRTB&23031-920e402c-c30f-44de-a326-4d757e2435a5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=133731
Expires
Mon, 22 Mar 2021 04:48:12 GMT
Date
Sat, 20 Mar 2021 15:39:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5A67 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De533928420f05e88%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.155 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-155.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De533928420f05e88%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156308:2; KADUSERCOOKIE=ECC2B409-C611-45D5-8185-DF5B5FBBA60C; chkChromeAb67Sec=1; DPSync3=1617408000%3A226_221_201_227; SyncRTB3=1617408000%3A54_3_161_56_7_220_21_13%7C1617062400%3A63%7C1617494400%3A35; KRTBCOOKIE_57=22776-2843067914202549357; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&22987-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&23025-CAESEDrWAb2pKQ4eCBJ5xs8mxn8; KRTBCOOKIE_466=16530-b4cb0d90-65fd-448e-956c-aab8c440e71e; PugT=1616254761; KRTBCOOKIE_27=16735-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&16736-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&23019-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&23114-uid:c3636056-1729-4e00-af2e-d0fac6aa9162; KRTBCOOKIE_391=22924-7213171251011680079&KRTB&23263-7213171251011680079; KRTBCOOKIE_377=6810-920e402c-c30f-44de-a326-4d757e2435a5&KRTB&22918-920e402c-c30f-44de-a326-4d757e2435a5&KRTB&23031-920e402c-c30f-44de-a326-4d757e2435a5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De533928420f05e88%26uid%3D

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=128424
Expires
Mon, 22 Mar 2021 03:19:45 GMT
Date
Sat, 20 Mar 2021 15:39:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame 06EF 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156308&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:20 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cookie set usermatch
ssum.casalemedia.com/ Frame 77B1
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2ac58044e93acc280dafd0b2aee4988a1e76c3e9d25783c1eb7b01ef71111154

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YFYXK68MMJwlPOsTzdL4YQAA; CMPS=1155
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|105|65|31|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1685
Expires
Sat, 20 Mar 2021 15:39:23 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:23 GMT
Connection
keep-alive
Set-Cookie
CMID=YFYXK68MMJwlPOsTzdL4YQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Mar 2022 15:39:23 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 15:39:23 GMT CMPRO=1172;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 15:39:23 GMT CMST=YFYXK2BWFysA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Mar 2021 15:39:23 GMT CMRUM3=416056172b05a0&e66056172b27600&f16056172b05a00&696056172b05a0&396056172b05a0&1f6056172b05a00&276056172b0b40&2d6056172b05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Mar 2022 15:39:23 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 20 Mar 2021 15:39:23 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:23 GMT
Connection
keep-alive
Set-Cookie
CMID=YFYXK68MMJwlPOsTzdL4YQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Mar 2022 15:39:23 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 15:39:23 GMT
/
spl.zeotap.com/ Frame 180D 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5eecc6b0b45f2a9c5f7e6af1d261da602ffd214db154d2ab7b25c2eeb37f3a7

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=708b4473-4523-42ed-4b67-7ad913749a4b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
content-type
text/html
set-cookie
__cfduid=d59671006b3f311cdf41a689bb8b2a6b31616254763; expires=Mon, 19-Apr-21 15:39:23 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=708b4473-4523-42ed-4b67-7ad913749a4b; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%5C%A0%F6%EA%3DD%F8HY%EEKxhtC%7Cj%AE%E2b3%B3%03%B3%A9%E44A%1D%3A%13%28%B4%F9%B1%DE%0B%9F%2B+H%D4%1E%88%C6%22%0A%06u%90r%CF%87%97%ADm%94%E0%1DK%87%B6%7C%A4%93%B3%F9K%90%0E%CCT%E4%90%F7%0D%E7%10%98%90%8B%1D%CDT%EE%E2%1Cs5%9FA%BA%C8IT%EB%E7%81N%D6%A8%87%90%00+%C9%DA%07%04%83yS%1E%5BON%EB%28%04%1Cw%0At%07%7DZ%D4%11Im%A2%EF%A68%2C7%17%F4%C3g%BA1%E1%C3%F5%DD%A8%83Z~%B4r%18%924Zt%C3R%C5%ED%A6%91%3E9%88F; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08f1e3985c00002c4e74a68000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6330086d5ad32c4e-FRA
content-encoding
br
getuid
ib.adnxs.com/ Frame 180D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-64...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMX81p9p9FuOTw9VHVp1iN8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5...
95 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEMX81p9p9FuOTw9VHVp1iN8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6330086dfb952c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e398ba00002c4e489bf000000001

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEMX81p9p9FuOTw9VHVp1iN8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=73107123-8992-11eb-b02c-769fd3df2705&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb...
95 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=73107123-8992-11eb-b02c-769fd3df2705&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6330087c28da2c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e3a19700002c4e6d937000000001

Redirect headers

date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=73107123-8992-11eb-b02c-769fd3df2705&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 180D 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8...
  • https://mwzeom.zeotap.com/mw?cid=920e402c-c30f-44de-a326-4d757e2435a5&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=920e402c-c30f-44de-a326-4d757e2435a5&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6330086e1bbc2c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e398cb00002c4e66af3000000001

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=920e402c-c30f-44de-a326-4d757e2435a5&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 180D 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
66
date
Sat, 20 Mar 2021 15:39:23 GMT
via
1.1 varnish
server
nginx
x-timer
S1616254763.164140,VS0,VE66
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11551-HHN
u
dmp.v.fwmrm.net/ad/ Frame 180D 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.156.250.128 , United Kingdom, ASN3549 (LVLT-3549, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:26 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 180D 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:21 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=b8903535-f99c-4ef4-81db-3ef15f5bee4f&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b8903535-f99c-4ef4-81db-3ef15f5bee4f&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6330086e9c782c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e3992200002c4e62088000000001

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=b8903535-f99c-4ef4-81db-3ef15f5bee4f&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=708b4473-4523-42ed-4b67-7ad913749a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=708b4473-4523-42ed-4b67-7ad913749a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=07559488528607013161103483173107377997&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=07559488528607013161103483173107377997&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63300882a9a32c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e3a5a700002c4e3e1b7000000001

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
jtRjQFLGQQM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=07559488528607013161103483173107377997&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
loadeu.exelator.com/load/ Frame 180D 		0
0
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=708b4473-4523-42ed-4b67-7ad913749a4b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021032016-27755-0.180978001616254765-0ea6af8314a5983ddde20aa6afd660a9&zdid=533&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021032016-27755-0.180978001616254765-0ea6af8314a5983ddde20aa6afd660a9&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63300877295b2c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e39e7a00002c4e67bbe000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021032016-27755-0.180978001616254765-0ea6af8314a5983ddde20aa6afd660a9&zdid=533&env=mWeb
Date
Sat, 20 Mar 2021 15:39:25 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6941761353411524755&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6941761353411524755&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
633008788b842c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e39f5100002c4ebc11e000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6941761353411524755&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Date
Sat, 20 Mar 2021 15:39:24 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 180D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=708b4473-4523-42ed-4b67-7ad913749a4b
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=708b4473-4523-42ed-4b67-7ad913749a4b
95 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=708b4473-4523-42ed-4b67-7ad913749a4b
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=708b4473-4523-42ed-4b67-7ad913749a4b
alt-svc
clear
content-length
0
ids
idsync.frontend.weborama.fr/ Frame 180D 		0
0
2.gif
dmp.theadex.com/d/949/i/ Frame 180D 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=708b4473-4523-42ed-4b67-7ad913749a4b&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.163.159.103 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=708b4473-4523-42ed-4b67-7ad913749a4b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=708b4473-4523-42ed-4b67-7ad913749a4b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=b6defa5647cf427dde65de3d8d3f30de&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=b6defa5647cf427dde65de3d8d3f30de&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63300872ca432c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e39bbb00002c4e720ed000000001

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=b6defa5647cf427dde65de3d8d3f30de&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
cache-control
no-cache
x-server
10.45.11.200
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-hwz11.FE2opfguC5A40lm5QVz8UQPUzUHw--~A&zpartnerid=570&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-hwz11.FE2opfguC5A40lm5QVz8UQPUzUHw--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63300870bf2b2c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e39a7500002c4e5c199000000001

Redirect headers

date
Sat, 20 Mar 2021 15:39:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-hwz11.FE2opfguC5A40lm5QVz8UQPUzUHw--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=VrbOaIEaYN4zRAtZaqxfPTwkWqAkGUDa%2BS41iYitP1U%3D
95 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=VrbOaIEaYN4zRAtZaqxfPTwkWqAkGUDa%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
633008738b6a2c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e39c3400002c4eb9a1a000000001

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=VrbOaIEaYN4zRAtZaqxfPTwkWqAkGUDa%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 180D 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=708b4473-4523-42ed-4b67-7ad913749a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 180D 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.1.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-1-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1616254764
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 180D 		95 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=708b4473-4523-42ed-4b67-7ad913749a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.50.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cm021.richaudience.com
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:28 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Type
image/png
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YFYXLAAAAIfZCSrK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-558...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YFYXLAAAAIfZCSrK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&_test=YFYXLAAAAIfZCSrK
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
633008785b312c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e39f3500002c4e97a3e000000001

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616254765.828070,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YFYXLAAAAIfZCSrK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&_test=YFYXLAAAAIfZCSrK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=fadf6056-172d-4100-bd1a-351e47123987&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=fadf6056-172d-4100-bd1a-351e47123987&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
633008804ecd2c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e3a42d00002c4e86031000000001

Redirect headers

Date
Sat, 20 Mar 2021 15:39:26 GMT
Server
MT3 3611 f10363c master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=fadf6056-172d-4100-bd1a-351e47123987&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sat, 20 Mar 2021 15:39:25 GMT
usermatch.gif
beacon.krxd.net/ Frame 180D
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.1.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-1-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1616254765
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
date
Sat, 20 Mar 2021 15:39:25 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a002-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 180D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=708b4473-4523-42ed-4b67-7ad913749a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b6...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=708b4473-4523-42ed-4b67-7ad913749a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b6...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=708b4473-4523-42ed-4b67-7ad913749a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:25 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:25 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=708b4473-4523-42ed-4b67-7ad913749a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 180D
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=708b4473-4523-42ed-4b67-7ad913749a4b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
633008802eb22c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e3a41e00002c4e3e1a5000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Sat, 20 Mar 2021 15:39:26 GMT
Connection
keep-alive
Content-Length
0
BK-Server
487e
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 180D 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.198.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:28 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 180D 		557 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2059db77763b3aa4ee083a35a0ed37dbd9ae2d832eee8fbe77118c3562af5ea

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
6330087c49052c4e-FRA
date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
08f1e3a1b100002c4e6d938000000001
usync.js
eus.rubiconproject.com/ Frame 894E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d4b9beb1775d109ba8e355206ab56f8a21bb40012230ab1f100057f07d3e3c3b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42713
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Sun, 21 Mar 2021 03:31:16 GMT
khaos.jpg
token.rubiconproject.com/ Frame 894E 		0
0
casale
match.adsrvr.org/track/cmf/ Frame 77B1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_user_id=YFYXK68MMJwlPOsTzdL4YQAA&gdpr=1&cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.156.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 77B1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:23 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 77B1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFYXK68MMJwlPOsTzdL4YQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGTKcy5qi0yLTtYzf_XMn3U&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGTKcy5qi0yLTtYzf_XMn3U&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 20 Mar 2021 15:39:24 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGTKcy5qi0yLTtYzf_XMn3U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 77B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGae7qqlZIbGes8DQUwWby4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGae7qqlZIbGes8DQUwWby4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 20 Mar 2021 15:39:23 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGae7qqlZIbGes8DQUwWby4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 77B1
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 20 Mar 2021 15:39:24 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sat, 20 Mar 2021 15:39:24 GMT
server
nginx/1.18.0
content-length
76
rum
dsum.casalemedia.com/ Frame 77B1
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616341163&gdpr=1
0
0
noop
px.owneriq.net/ Frame 77B1
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6695411661888153133&uid=Q6695411661888153133&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.62.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:26 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sat, 20 Mar 2021 15:39:26 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
cm
p.rfihub.com/ Frame 77B1 		0
0
um
u-ams02.e-planning.net/ Frame 77B1 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=e533928420f05e88&uid=YFYXK68MMJwlPOsTzdL4YQAA%261172
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De533928420f05e88%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
server
openresty
content-type
image/gif
cc.js
tags.crwdcntrl.net/c/15238/ Frame 312B 		0
0
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame B8B4 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AMjaCvTgBC9Nqdoj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Sat, 20 Mar 2021 15:39:23 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Thu, 19 Mar 2026 15:39:23 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame D108 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bc4c7106d40609469f495a62a993e563e58754d9c68d4b5fa96e76ee07bf621

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
content-type
text/html
set-cookie
__cfduid=d5d42487ac8da9928d234bfe30adf1e041616254763; expires=Mon, 19-Apr-21 15:39:23 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=b1b35a07-af81-4b60-b1b7-3a504a6588d8; expires=Fri, 09 Apr 2021 15:39:23 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
08f1e399cd00004e31ee147000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mXPaV%2BdXiTi9l4bEuTkzQ1TmoABa1xaaiPgE%2B8sgfIThXe%2FbLrvcBVnfLVLwJ7CayRtDG6GlPqFIpBJS6U4HPanFGKRlErLJCGl4uEEH8nWuwId7nyznlzkpelVkUVo%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6330086fab724e31-FRA
content-encoding
br
setuid
rtb.adxpremium.services/ Frame 8056
Redirect Chain
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AMjaCvTgBC9Nqdoj
0
903 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AMjaCvTgBC9Nqdoj
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AMjaCvTgBC9Nqdoj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJkOWYyZmFmZmJkYjAyYzQ2IiwiZXhwaXJlcyI6IjIwMjEtMDQtMDNUMTc6Mzk6MjAuNDc2NTA4OTgrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjI4NDMwNjc5MTQyMDI1NDkzNTciLCJleHBpcmVzIjoiMjAyMS0wNC0wM1QxNzozOToyMS42NDU2NTE3NiswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDMtMjBUMTY6Mzk6MjAuNDc2NTAzOTQyKzAxOjAwIn0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
content-length
0
set-cookie
__cfduid=d8fc19c4af5272304be727d532d4abf151616254763; expires=Mon, 19-Apr-21 15:39:23 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax SSCookie=1; Path=/; Expires=Fri, 18 Jun 2021 15:39:23 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJkOWYyZmFmZmJkYjAyYzQ2IiwiZXhwaXJlcyI6IjIwMjEtMDQtMDNUMTc6Mzk6MjAuNDc2NTA4OTgrMDI6MDAifSwiZXBsYW5uaW5nIjp7InVpZCI6IkFNamFDdlRnQkM5TnFkb2oiLCJleHBpcmVzIjoiMjAyMS0wNC0wM1QxNzozOToyMy41NDA3NjI0MDUrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjI4NDMwNjc5MTQyMDI1NDkzNTciLCJleHBpcmVzIjoiMjAyMS0wNC0wM1QxNzozOToyMS42NDU2NTE3NiswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDMtMjBUMTY6Mzk6MjAuNDc2NTAzOTQyKzAxOjAwIn0=; Path=/; Domain=adxpremium.services; Expires=Fri, 18 Jun 2021 15:39:23 GMT; Secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
08f1e399ef00004eeb6e092000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IRQ4JBvtLkni1Bm4X7sLJPmvUoEXaKc1svA9sGCWLD0hdUJaKTiAx%2FkAbTtAAXvzQH%2Bj3tbYF7h0yOXs6tiEmKoEby6JhL7hIioIzHfc20zoYB66qhrTf%2BoICmM76edPzVDJWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6330086feea04eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
openresty
date
Sat, 20 Mar 2021 15:39:23 GMT
content-type
text/html; charset=iso-8859-1
location
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AMjaCvTgBC9Nqdoj
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Sat, 20 Mar 2021 15:39:23 GMT
x-sid
AMS-745
GS.d
js.cookieless-data.com/ Frame B8B4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1616254763507
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.12 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
3e706df0b0dee5ea5f39ce9b6a839bd4de2282071767daa41933e5e523ce963d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
content-encoding
gzip
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-type
text/javascript
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame D108
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2843067914202549357
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2843067914202549357
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vAloconMeH4Kzuz8DeTgDYtz6AEReF9QMLTvTvca7IwWE%2F9ttTDXb0vRW59nQAcy%2FvjY7N8D1iNz7cVJHi5SxlI3pxt7GgrHwUZwwMIChNtQMEO%2FrgYlxEM5WhJwDtU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/gif
cf-ray
6330087319124e31-FRA
content-length
43
cf-request-id
08f1e39bef00004e31ee169000000001

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:23 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid
e17549db-9231-4483-8c4c-d4497b6fbe7d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2843067914202549357
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame D108
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9ed3b79d-970f-514f-ae43-5240ce15456c
43 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9ed3b79d-970f-514f-ae43-5240ce15456c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zke5%2BMoKe1RnLX2VIVeRQysDvge32n2Lf2lVHa4f2wS3xVKVp%2F4F8LmWUMwy5jvEB4K4LYkNFIDHAyQGSZzBHae1d8fFzECFVbeF%2BNtS9xlzNW4iKm%2Be%2B8ZoCx9FJFs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/gif
cf-ray
63300879aa424e31-FRA
content-length
43
cf-request-id
08f1e3a00700004e310e306000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9ed3b79d-970f-514f-ae43-5240ce15456c
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame D108
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2843067914202549357
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2843067914202549357
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q4Ze%2BafRywfV6ogy2QcC%2FvK1ZyLl3dlLIn0hsI6o2yYfUgg9HELdAxWT%2By%2B9X8jWfLOV%2FYEwpBGm59uoxC27VsEeuyWV3A123zaxKtULyjikYZnS5yxG%2Fil0m1RYMoU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/gif
cf-ray
6330087369734e31-FRA
content-length
43
cf-request-id
08f1e39c1f00004e31d5234000000001

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:24 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.237:80
AN-X-Request-Uuid
4b7e1c41-7396-47a9-9e6b-f0201bc2d08b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2843067914202549357
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame D108
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-tm6pV_lE2uEEfruQDVmw04g0ZeId8xB8OLUhTCw-~A
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-tm6pV_lE2uEEfruQDVmw04g0ZeId8xB8OLUhTCw-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oq1lh9zGyMNFSoaHpffEahwdOKr74d4SJUzXOallppqrg0ttfOP1ridNH4%2F0p8J%2FvWixvNIxMpf7k9cSfdsP9XSkU7v0LbQblD0baXxnIZmSX5sVvqctlVEwrR1D6ls%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/gif
cf-ray
63300870ed3f4e31-FRA
content-length
43
cf-request-id
08f1e39a9500004e31f124f000000001

Redirect headers

Date
Sat, 20 Mar 2021 15:39:23 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-tm6pV_lE2uEEfruQDVmw04g0ZeId8xB8OLUhTCw-~A
Connection
keep-alive
Content-Length
0
um
sync.e-planning.net/ Frame D108 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=b1b35a07-af81-4b60-b1b7-3a504a6588d8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C69B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
50c6ebd85db74de4552ff16ae96d25dd3e1d4ac8389192061626a6aca57e2942

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YFYXK68MMJwlPOsTzdL4YQAA; CMPS=1155; CMPRO=1172; CMST=YFYXK2BWFysA; CMRUM3=416056172b05a0&e66056172b27600&f16056172b05a00&696056172b05a0&396056172b05a0&1f6056172b05a00&276056172b0b40&2d6056172b05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|206|3|8|81|221|39
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1596
Expires
Sat, 20 Mar 2021 15:39:23 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:23 GMT
Connection
keep-alive
Set-Cookie
CMID=YFYXK68MMJwlPOsTzdL4YQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Mar 2022 15:39:23 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 15:39:23 GMT CMPRO=1172;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 15:39:23 GMT CMRUM3=516056172b05a0&416056172b05a0&dd6056172b27600&2e6056172b05a0&ce6056172b05a00&086056172b05a00&496056172b05a00&1f6056172b05a00&396056172b05a0&2d6056172b05a0&276056172b0b40&036056172b05a0&f16056172b05a00&e66056172b27600&696056172b05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Mar 2022 15:39:23 GMT
d
ic.tynt.com/r/ Frame 740E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

server
nginx/1.16.1
date
Sat, 20 Mar 2021 15:39:12 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
onetag-sys.com/usync/ Frame 3E7F 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
getuid
secure.adnxs.com/ Frame C69B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C69B 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C69B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 20 Mar 2021 15:39:23 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame C69B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3636056-1729-4e00-af2e-d0fac6aa9162&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3636056-1729-4e00-af2e-d0fac6aa9162&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 20 Mar 2021 15:39:24 GMT

Redirect headers

Date
Sat, 20 Mar 2021 15:39:23 GMT
Server
MT3 3611 f10363c master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3636056-1729-4e00-af2e-d0fac6aa9162&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 Mar 2021 15:39:22 GMT
ix.gif
beacon.lynx.cognitivlabs.com/ Frame C69B 		0
0
rum
dsum-sec.casalemedia.com/ Frame C69B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Zj291GE6utt9b7HaMjql1TE06Yd9b7iBZT-xgVf3
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Zj291GE6utt9b7HaMjql1TE06Yd9b7iBZT-xgVf3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 20 Mar 2021 15:39:24 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Zj291GE6utt9b7HaMjql1TE06Yd9b7iBZT-xgVf3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tpid=YFYXK68MMJwlPOsTzdL4YQAA%261172
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame C69B
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YFYXK68MMJwlPOsTzdL4YQAA%261172
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YFYXK68MMJwlPOsTzdL4YQAA%261172
49 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YFYXK68MMJwlPOsTzdL4YQAA%261172
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.228
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YFYXK68MMJwlPOsTzdL4YQAA%261172
cache-control
no-cache
x-server
10.45.10.57
content-length
0
expires
0
casale
match.adsrvr.org/track/cmf/ Frame C69B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YFYXK68MMJwlPOsTzdL4YQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.156.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
sync.quantumdex.io/ Frame C69B 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YFYXK68MMJwlPOsTzdL4YQAABJQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:23 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F9IHBmHN5NYq9cBBUhrRziMDg2mIvaCcgNBNf1fp4UqByoEtzKJ%2FDELSOYLbZtM%2BZ18CUCBGP%2FYjqww1B8OOHkuiC5zF16B09LlD3GVgrNReYrOohaHoLEGfejOoKqM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/gif
cf-ray
633008710d844e31-FRA
content-length
43
cf-request-id
08f1e39aaa00004e310e2b4000000001
Log
core.iprom.net/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=13&siteID=3142&adID=728820&zoneID=237&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=e&e=25%&c=vid&referer=https://www.slovenskenovice.si/&cb=1616254763860
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
leviathan-aa0a643b52f3@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif
get-consent
sddan.mgr.consensu.org/api/v1/public/ Frame B8B4 		0
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sddan.mgr.consensu.org/api/v1/public/get-consent?redirect=https%3A%2F%2Fjs.cookieless-data.com%2FGS.d%3Fpa%3D24492%26r%3Dhttps%253A%252F%252Fads.us.e-planning.net%252F%26rand%3D1616254763507%26s%3D%26si%3D1%26u%3Dhttps%253A%252F%252Fs.e-planning.net%252Fesb%252F4%252F0%252F1992d%252Fbb6e7a161f794f56%252Fsirdata_03022021.html&vendor_ids=53,916&user_id=ODZkZjkyZTlkOGIwOThiYmM3MTc2MmFl%2Fhs4iYOpf47%2F5J%2F29GeuzcN2wrn6eKh1jnOX%2F%2Be9Ul6s5xxQ694GfgHa6R5xYWIAq0ZUZOCOUegt
Requested by
Host: js.cookieless-data.com
URL: https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1616254763507
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.12 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
server
nginx/1.11.3
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains; preload
Ping.aspx
engine4.livenetlife.com/ 		1 KB
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://engine4.livenetlife.com/Ping.aspx
Requested by
Host:
URL: 0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.234.148.163 Ljubljana, Slovenia, ASN12778 (NETSI NETSI.NET AS, SI),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a21e10f5497ce6ba1e76f468123589d175db2d98893fb6f2823b10ca5096bc8e

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
showad.js
ads.pubmatic.com/AdServer/js/ Frame 785F 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.155 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-155.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=ECC2B409-C611-45D5-8185-DF5B5FBBA60C; chkChromeAb67Sec=1; DPSync3=1617408000%3A226_221_201_227; SyncRTB3=1617408000%3A54_3_161_56_7_220_21_13%7C1617062400%3A63%7C1617494400%3A35; KRTBCOOKIE_57=22776-2843067914202549357; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&22987-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&23025-CAESEDrWAb2pKQ4eCBJ5xs8mxn8; KRTBCOOKIE_466=16530-b4cb0d90-65fd-448e-956c-aab8c440e71e; KRTBCOOKIE_27=16735-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&16736-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&23019-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&23114-uid:c3636056-1729-4e00-af2e-d0fac6aa9162; KRTBCOOKIE_391=22924-7213171251011680079&KRTB&23263-7213171251011680079; KRTBCOOKIE_377=6810-920e402c-c30f-44de-a326-4d757e2435a5&KRTB&22918-920e402c-c30f-44de-a326-4d757e2435a5&KRTB&23031-920e402c-c30f-44de-a326-4d757e2435a5; SPugT=1616254760; KRTBCOOKIE_699=22727-AACklU7ArC4AABG5q-IdbA; PugT=1616254763; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=128421
Expires
Mon, 22 Mar 2021 03:19:45 GMT
Date
Sat, 20 Mar 2021 15:39:24 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 785F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=18043081&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1455c0767e8f14b2ffb3699e9da35f7273b4dd8a4677d53568e7f40d3862db21

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 1197 		35 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=18043081&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=7213171251011680079
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 20 Mar 2021 15:39:24 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=7213171251011680079; expires=Wed, 19 May 2021 15:39:24 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame FA0C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACklU7ArC4AABG5q-IdbA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_syn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACklU7ArC4AABG5q-IdbA&pid=558502&do=add
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABlQU7ArC4AABF5bJoaug
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABlQU7ArC4AABF5bJoaug
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=18043081&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_218=22978-YFYXLAAAAJ-kgjoG&KRTB&23194-YFYXLAAAAJ-kgjoG&KRTB&23209-YFYXLAAAAJ-kgjoG&KRTB&23244-YFYXLAAAAJ-kgjoG; PUBMDCID=3; SPugT=1616254764; KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=984868AC-385D-41A3-A06C-A07431D2124B; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1616803200%3A67_15_223_2%7C1618790400%3A203%7C1617062400%3A63%7C1617494400%3A35%7C1617408000%3A166_55_176_21_7_71_22_161_8_81_56_204_78_165_230_3_189_222_88_220_13_54_5; KRTBCOOKIE_153=1923-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo&KRTB&19420-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo&KRTB&22979-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo; PugT=1616254765; KRTBCOOKIE_1101=23040-6941761353411524755; KRTBCOOKIE_27=16735-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&16736-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&23019-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&23114-uid:8a616056-172d-4400-9a08-50d289ac9b4a; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_57=22776-8835092150836305382; KRTBCOOKIE_391=22924-5184534216915365347&KRTB&23263-5184534216915365347; KRTBCOOKIE_80=16514-CAESEMVR6zn8sN603Iv2jDyWY04&KRTB&22987-CAESEMVR6zn8sN603Iv2jDyWY04&KRTB&23025-CAESEMVR6zn8sN603Iv2jDyWY04; KRTBCOOKIE_107=1471-uid:UAgoKqpI1LnDHf5; KRTBCOOKIE_377=6810-28521972-698f-4126-a9d1-f4ca5e95dbf1&KRTB&22918-28521972-698f-4126-a9d1-f4ca5e95dbf1&KRTB&23031-28521972-698f-4126-a9d1-f4ca5e95dbf1; KRTBCOOKIE_22=14911-3154976557178373947; KRTBCOOKIE_466=16530-1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 20 Mar 2021 15:39:26 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AABlQU7ArC4AABF5bJoaug; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 15:39:26 GMT; path=/ PugT=1616254766; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 15:39:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 15:39:26 GMT; path=/
X-lat
lhrpug008:0:513
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Sat, 20 Mar 2021 15:39:26 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABlQU7ArC4AABF5bJoaug
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 208E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353401890963
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353401890963
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=18043081&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=ECC2B409-C611-45D5-8185-DF5B5FBBA60C; KRTBCOOKIE_57=22776-2843067914202549357; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&22987-CAESEDrWAb2pKQ4eCBJ5xs8mxn8&KRTB&23025-CAESEDrWAb2pKQ4eCBJ5xs8mxn8; KRTBCOOKIE_466=16530-b4cb0d90-65fd-448e-956c-aab8c440e71e; KRTBCOOKIE_27=16735-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&16736-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&23019-uid:c3636056-1729-4e00-af2e-d0fac6aa9162&KRTB&23114-uid:c3636056-1729-4e00-af2e-d0fac6aa9162; KRTBCOOKIE_391=22924-7213171251011680079&KRTB&23263-7213171251011680079; KRTBCOOKIE_377=6810-920e402c-c30f-44de-a326-4d757e2435a5&KRTB&22918-920e402c-c30f-44de-a326-4d757e2435a5&KRTB&23031-920e402c-c30f-44de-a326-4d757e2435a5; SPugT=1616254760; KRTBCOOKIE_699=22727-AACklU7ArC4AABG5q-IdbA; pi=159760:4; chkChromeAb67Sec=2; DPSync3=1616284800%3A174%7C1617408000%3A197_226_221_201_227_219; SyncRTB3=1617408000%3A3_220_166_81_55_54_56_7_8_161_22_21_13_71%7C1617062400%3A63%7C1617494400%3A35%7C1618790400%3A203%7C1616803200%3A223_15_2; KRTBCOOKIE_153=1923-nsU1UJnCMl-FlzleysItUcnMYQOFlzAFncc6KN0x&KRTB&19420-nsU1UJnCMl-FlzleysItUcnMYQOFlzAFncc6KN0x&KRTB&22979-nsU1UJnCMl-FlzleysItUcnMYQOFlzAFncc6KN0x; PugT=1616254764; KRTBCOOKIE_22=14911-3080670461861644091
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 20 Mar 2021 15:39:24 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6941761353401890963; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 15:39:24 GMT; path=/ PugT=1616254764; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 15:39:24 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 15:39:24 GMT; path=/
X-lat
lhrpug001:0:404
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 20 Mar 2021 15:39:24 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6941761353401890963; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353401890963
setuid
rtb.adxpremium.services/ Frame 1A23 		0
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJkOWYyZmFmZmJkYjAyYzQ2IiwiZXhwaXJlcyI6IjIwMjEtMDQtMDNUMTc6Mzk6MjAuNDc2NTA4OTgrMDI6MDAifSwiZXBsYW5uaW5nIjp7InVpZCI6IkFNamFDdlRnQkM5TnFkb2oiLCJleHBpcmVzIjoiMjAyMS0wNC0wM1QxNzozOToyMy41NDA3NjI0MDUrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjI4NDMwNjc5MTQyMDI1NDkzNTciLCJleHBpcmVzIjoiMjAyMS0wNC0wM1QxNzozOToyMS42NDU2NTE3NiswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDMtMjBUMTY6Mzk6MjAuNDc2NTAzOTQyKzAxOjAwIn0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
content-length
0
set-cookie
__cfduid=d36e8f5a99c0c097528907a02385bcf8f1616254764; expires=Mon, 19-Apr-21 15:39:24 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax SSCookie=1; Path=/; Expires=Fri, 18 Jun 2021 15:39:24 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJkOWYyZmFmZmJkYjAyYzQ2IiwiZXhwaXJlcyI6IjIwMjEtMDQtMDNUMTc6Mzk6MjAuNDc2NTA4OTgrMDI6MDAifSwiZXBsYW5uaW5nIjp7InVpZCI6IkFNamFDdlRnQkM5TnFkb2oiLCJleHBpcmVzIjoiMjAyMS0wNC0wM1QxNzozOToyMy41NDA3NjI0MDUrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjI4NDMwNjc5MTQyMDI1NDkzNTciLCJleHBpcmVzIjoiMjAyMS0wNC0wM1QxNzozOToyMS42NDU2NTE3NiswMjowMCJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJFQ0MyQjQwOS1DNjExLTQ1RDUtODE4NS1ERjVCNUZCQkE2MEMiLCJleHBpcmVzIjoiMjAyMS0wNC0wM1QxNzozOToyNC41MDkxNzQyOTgrMDI6MDAifX0sImJkYXkiOiIyMDIxLTAzLTIwVDE2OjM5OjIwLjQ3NjUwMzk0MiswMTowMCJ9; Path=/; Domain=adxpremium.services; Expires=Fri, 18 Jun 2021 15:39:24 GMT; Secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
08f1e39db400004eeb26a95000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ccG9GmQFwOVkmgmg6IbgQ4CEprWK2fz6LvyTSy6QFc2AmPSSAx2l%2BS9e9VFWyhWpuRxck4KqVxJW6WNim6cKOiTjGz6DJbHFhxWdTNtpu2YcoQJpelYMkEumHDnrrTD7xWHw1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
63300875e8ce4eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
mw
mwzeom.zeotap.com/ Frame 785F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=ECC2B409-C611-45D5-8185-DF5B5FBBA60C
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b6defa5647cf427dde65de3d8d3f30de
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=c3eb79ee-5b99-436c-a8f4-02447e7a2eec&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=18a9079d64d1bb81
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ddc97a7c-1159-417e-6b6e-81218528d67c&reqId=4694fcca-934d-413f-4d90-2b8a703bbb75&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ddc97a7c-1159-417e-6b6e-81218528d67c&reqId=4694fcca-934d-413f-4d90-2b8a703bbb75&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELLWsnYvl9fK5wK0Ta92xq0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ddc97a7c-1159-417e-6b6e-81218528d67c&reqId=4694fcca-934d-413f-4d90-2b8...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESELLWsnYvl9fK5wK0Ta92xq0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ddc97a7c-1159-417e-6b6e-81218528d67c&reqId=4694fcca-934d-413f-4d90-2b8a703bbb75&zcluid=18a9079d64d1bb81&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
633008920e412c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e3af4200002c4e7cb8b000000001

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESELLWsnYvl9fK5wK0Ta92xq0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ddc97a7c-1159-417e-6b6e-81218528d67c&reqId=4694fcca-934d-413f-4d90-2b8a703bbb75&zcluid=18a9079d64d1bb81&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 785F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c3636056-1729-4e00-af2e-d0fac6aa9162
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c3636056-1729-4e00-af2e-d0fac6aa9162
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:23 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
Server
MT3 3611 f10363c master cdg-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c3636056-1729-4e00-af2e-d0fac6aa9162
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 Mar 2021 15:39:23 GMT
ECC2B409-C611-45D5-8185-DF5B5FBBA60C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 785F 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/ECC2B409-C611-45D5-8185-DF5B5FBBA60C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 785F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nJF6uGdE2uURovzLiQXAazqgqSl5LTM-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nJF6uGdE2uURovzLiQXAazqgqSl5LTM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sat, 20 Mar 2021 15:39:24 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nJF6uGdE2uURovzLiQXAazqgqSl5LTM-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 785F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nsU1UJnCMl-FlzleysItUcnMYQOFlzAFncc6KN0x
42 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nsU1UJnCMl-FlzleysItUcnMYQOFlzAFncc6KN0x
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
X-lat
lhrpug015:0:2230
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nsU1UJnCMl-FlzleysItUcnMYQOFlzAFncc6KN0x
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 785F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFYXLAAAAJ-kgjoG&gdpr=0&gdpr_consent=&_test=YFYXLAAAAJ-kgjoG
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFYXLAAAAJ-kgjoG&gdpr=0&gdpr_consent=&_test=YFYXLAAAAJ-kgjoG
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
X-lat
lhrpug002:0:480
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616254765.912101,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFYXLAAAAJ-kgjoG&gdpr=0&gdpr_consent=&_test=YFYXLAAAAJ-kgjoG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 785F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3080670461861644091&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3080670461861644091&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
X-lat
lhrpug012:0:550
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3080670461861644091&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 785F
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:25481367-bbfd-4932-ba5d-a3a316183164&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:25481367-bbfd-4932-ba5d-a3a316183164&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug017:0:360
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:25481367-bbfd-4932-ba5d-a3a316183164&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 20 Mar 2021 15:39:25 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 785F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
X-lat
lhrpug007:0:393
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 785F 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ECC2B409-C611-45D5-8185-DF5B5FBBA60C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5A67 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.155 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-155.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1616254763; KRTBCOOKIE_218=22978-YFYXLAAAAJ-kgjoG&KRTB&23194-YFYXLAAAAJ-kgjoG&KRTB&23209-YFYXLAAAAJ-kgjoG&KRTB&23244-YFYXLAAAAJ-kgjoG; PugT=1616254764; PUBMDCID=3; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=128420
Expires
Mon, 22 Mar 2021 03:19:45 GMT
Date
Sat, 20 Mar 2021 15:39:25 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 5A67 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0162f17d5f59c9e88635a914ea0ad44a805b96edeeae452ec558ea3e13a54ac9

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:23 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMVR6zn8sN603Iv2jDyWY04&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMVR6zn8sN603Iv2jDyWY04&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug007:0:400
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMVR6zn8sN603Iv2jDyWY04&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 5A67 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 19 Mar 2021 15:39:25 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=28521972-698f-4126-a9d1-f4ca5e95dbf1
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=28521972-698f-4126-a9d1-f4ca5e95dbf1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug019:0:390
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=28521972-698f-4126-a9d1-f4ca5e95dbf1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
pubmatic
d5p.de17a.com/getuid/ Frame D78B 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.168 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-168.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 0C9C 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 20 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1028
x-powered-by
ASP.NET
date
Sat, 20 Mar 2021 15:39:24 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5184534216915365347
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5184534216915365347
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug008:0:474
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5184534216915365347
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8a616056-172d-4400-9a08-50d289ac9b4a&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8a616056-172d-4400-9a08-50d289ac9b4a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug017:0:392
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
Server
MT3 3611 f10363c master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8a616056-172d-4400-9a08-50d289ac9b4a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 Mar 2021 15:39:23 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8835092150836305382&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8835092150836305382&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug006:0:397
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:25 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.40:80
AN-X-Request-Uuid
07a43aca-1027-422b-aff9-81fb878b0282
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8835092150836305382&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug001:0:464
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 2909
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbFFVN0FyQzRBQUJGNWJKb2F1Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABlQU7ArC4AABF5bJoaug&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABlQU7ArC4AABF5bJoaug&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Sat, 20 Mar 2021 15:39:26 GMT
location
https://rtb-csync.smartadserver.com/redir
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame F201
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353411524755
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353411524755
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_218=22978-YFYXLAAAAJ-kgjoG&KRTB&23194-YFYXLAAAAJ-kgjoG&KRTB&23209-YFYXLAAAAJ-kgjoG&KRTB&23244-YFYXLAAAAJ-kgjoG; PugT=1616254764; PUBMDCID=3; SPugT=1616254764; KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=984868AC-385D-41A3-A06C-A07431D2124B; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1616803200%3A67_15_223_2%7C1618790400%3A203%7C1617062400%3A63%7C1617494400%3A35%7C1617408000%3A166_55_176_21_7_71_22_161_8_81_56_204_78_165_230_3_189_222_88_220_13_54_5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 20 Mar 2021 15:39:25 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6941761353411524755; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 15:39:25 GMT; path=/ PugT=1616254765; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 15:39:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 15:39:25 GMT; path=/
X-lat
lhrpug014:0:563
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 20 Mar 2021 15:39:25 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6941761353411524755; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941761353411524755
Pug
simage2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f5fa5cb6-3f8d-4a6d-bead-3b0cc99475bb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f5fa5cb6-3f8d-4a6d-bead-3b0cc99475bb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug009:0:525
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f5fa5cb6-3f8d-4a6d-bead-3b0cc99475bb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 20 Mar 2021 15:39:25 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug017:0:368
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 11AB
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ClgvDQP9e5F5jvDYD8bcWgOr
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ClgvDQP9e5F5jvDYD8bcWgOr
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_218=22978-YFYXLAAAAJ-kgjoG&KRTB&23194-YFYXLAAAAJ-kgjoG&KRTB&23209-YFYXLAAAAJ-kgjoG&KRTB&23244-YFYXLAAAAJ-kgjoG; PUBMDCID=3; SPugT=1616254764; KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=984868AC-385D-41A3-A06C-A07431D2124B; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1616803200%3A67_15_223_2%7C1618790400%3A203%7C1617062400%3A63%7C1617494400%3A35%7C1617408000%3A166_55_176_21_7_71_22_161_8_81_56_204_78_165_230_3_189_222_88_220_13_54_5; KRTBCOOKIE_153=1923-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo&KRTB&19420-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo&KRTB&22979-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo; KRTBCOOKIE_1101=23040-6941761353411524755; KRTBCOOKIE_27=16735-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&16736-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&23019-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&23114-uid:8a616056-172d-4400-9a08-50d289ac9b4a; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_57=22776-8835092150836305382; KRTBCOOKIE_391=22924-5184534216915365347&KRTB&23263-5184534216915365347; KRTBCOOKIE_80=16514-CAESEMVR6zn8sN603Iv2jDyWY04&KRTB&22987-CAESEMVR6zn8sN603Iv2jDyWY04&KRTB&23025-CAESEMVR6zn8sN603Iv2jDyWY04; KRTBCOOKIE_107=1471-uid:UAgoKqpI1LnDHf5; KRTBCOOKIE_377=6810-28521972-698f-4126-a9d1-f4ca5e95dbf1&KRTB&22918-28521972-698f-4126-a9d1-f4ca5e95dbf1&KRTB&23031-28521972-698f-4126-a9d1-f4ca5e95dbf1; KRTBCOOKIE_22=14911-3154976557178373947; KRTBCOOKIE_466=16530-1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e; KRTBCOOKIE_699=22727-AABlQU7ArC4AABF5bJoaug; PugT=1616254766
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 20 Mar 2021 15:39:26 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-ClgvDQP9e5F5jvDYD8bcWgOr&KRTB&23212-ClgvDQP9e5F5jvDYD8bcWgOr; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 15:39:26 GMT; path=/ PugT=1616254766; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 15:39:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 15:39:26 GMT; path=/
X-lat
lhrpug017:0:547
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 20 Mar 2021 15:39:26 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=ClgvDQP9e5F5jvDYD8bcWgOr; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ClgvDQP9e5F5jvDYD8bcWgOr
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 1437 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 20 Mar 2021 15:39:28 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 5D61
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=abnoeUxlqLNnJVsVTdNJ1X1EMZcyGZb4ZbsjEivsW7S
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d719702087d3467b36918b2d84cbcb2131616254765; expires=Mon, 19-Apr-21 15:39:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a8nseFw5EGjAaINQeEsD8HFcMkSHVDQZcehQsbSMtuUoVZbYSsjC3lgh4Ly3rA1166gkbZdfGNn4GPZcB0gvSnk3; path=/; domain=.tribalfusion.com; expires=Fri, 18-Jun-2021 15:39:25 GMT; SameSite=None; Secure; ANON_ID_old=a8nseFw5EGjAaINQeEsD8HFcMkSHVDQZcehQsbSMtuUoVZbYSsjC3lgh4Ly3rA1166gkbZdfGNn4GPZcB0gvSnk3; path=/; domain=.tribalfusion.com; expires=Fri, 18-Jun-2021 15:39:25 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08f1e3a12a00004dd051250000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6330087b7a294dd0-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sat, 20 Mar 2021 15:39:25 GMT
content-type
text/html
set-cookie
__cfduid=d719702087d3467b36918b2d84cbcb2131616254765; expires=Mon, 19-Apr-21 15:39:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=abnoeUxlqLNnJVsVTdNJ1X1EMZcyGZb4ZbsjEivsW7S; path=/; domain=.tribalfusion.com; expires=Fri, 18-Jun-2021 15:39:25 GMT; SameSite=None; Secure; ANON_ID_old=abnoeUxlqLNnJVsVTdNJ1X1EMZcyGZb4ZbsjEivsW7S; path=/; domain=.tribalfusion.com; expires=Fri, 18-Jun-2021 15:39:25 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1814
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08f1e3a08000004dd09314d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6330087a688d4dd0-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 16EA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FcANgonFaqN6&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FcANgonFaqN6&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_218=22978-YFYXLAAAAJ-kgjoG&KRTB&23194-YFYXLAAAAJ-kgjoG&KRTB&23209-YFYXLAAAAJ-kgjoG&KRTB&23244-YFYXLAAAAJ-kgjoG; PUBMDCID=3; SPugT=1616254764; KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=984868AC-385D-41A3-A06C-A07431D2124B; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1616803200%3A67_15_223_2%7C1618790400%3A203%7C1617062400%3A63%7C1617494400%3A35%7C1617408000%3A166_55_176_21_7_71_22_161_8_81_56_204_78_165_230_3_189_222_88_220_13_54_5; KRTBCOOKIE_153=1923-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo&KRTB&19420-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo&KRTB&22979-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo; PugT=1616254765; KRTBCOOKIE_1101=23040-6941761353411524755; KRTBCOOKIE_27=16735-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&16736-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&23019-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&23114-uid:8a616056-172d-4400-9a08-50d289ac9b4a; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_57=22776-8835092150836305382; KRTBCOOKIE_391=22924-5184534216915365347&KRTB&23263-5184534216915365347; KRTBCOOKIE_80=16514-CAESEMVR6zn8sN603Iv2jDyWY04&KRTB&22987-CAESEMVR6zn8sN603Iv2jDyWY04&KRTB&23025-CAESEMVR6zn8sN603Iv2jDyWY04; KRTBCOOKIE_107=1471-uid:UAgoKqpI1LnDHf5; KRTBCOOKIE_377=6810-28521972-698f-4126-a9d1-f4ca5e95dbf1&KRTB&22918-28521972-698f-4126-a9d1-f4ca5e95dbf1&KRTB&23031-28521972-698f-4126-a9d1-f4ca5e95dbf1; KRTBCOOKIE_22=14911-3154976557178373947; KRTBCOOKIE_466=16530-1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 20 Mar 2021 15:39:26 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 15:39:26 GMT; path=/
X-lat
lhrpug016:0:456
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-stage-0
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FcANgonFaqN6&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=89f86299fdd99556; path=/; HttpOnly; Secure; SameSite=None
dpe
ad4m.at/ad/ Frame A1DB 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d42c6df3e3fa0a696da1f9a98eec277781616254765; expires=Mon, 19-Apr-21 15:39:25 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-xzpr
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08f1e3a07f00001f39d1b1b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6330087a6ca01f39-FRA
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 6DE4
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ea81de4e-0a0a-46f9-9e08-65a1c19e2fdd-tuct74f9cad&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ea81de4e-0a0a-46f9-9e08-65a1c19e2fdd-tuct74f9cad&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ea81de4e-0a0a-46f9-9e08-65a1c19e2fdd-tuct74f9cad&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=ea81de4e-0a0a-46f9-9e08-65a1c19e2fdd-tuct74f9cad
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 varnish
x-served-by
cache-hhn11551-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1616254765.319822,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=ea81de4e-0a0a-46f9-9e08-65a1c19e2fdd-tuct74f9cad;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 20-Mar-2022 15:39:25 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ea81de4e-0a0a-46f9-9e08-65a1c19e2fdd-tuct74f9cad&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 varnish
x-served-by
cache-hhn11551-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1616254765.193242,VS0,VE66
x-vcl-time-ms
66
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 3370
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1616254765362; TapAd_DID=73107123-8992-11eb-b02c-769fd3df2705
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Sat, 20 Mar 2021 15:39:25 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1616254765362;Expires=Wed, 19 May 2021 15:39:25 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=73107122-8992-11eb-b02c-769fd3df2705;Expires=Wed, 19 May 2021 15:39:25 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 3D33
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UAgoKqpI1LnDHf5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UAgoKqpI1LnDHf5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=49540475&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_218=22978-YFYXLAAAAJ-kgjoG&KRTB&23194-YFYXLAAAAJ-kgjoG&KRTB&23209-YFYXLAAAAJ-kgjoG&KRTB&23244-YFYXLAAAAJ-kgjoG; PUBMDCID=3; SPugT=1616254764; KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=984868AC-385D-41A3-A06C-A07431D2124B; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1616803200%3A67_15_223_2%7C1618790400%3A203%7C1617062400%3A63%7C1617494400%3A35%7C1617408000%3A166_55_176_21_7_71_22_161_8_81_56_204_78_165_230_3_189_222_88_220_13_54_5; KRTBCOOKIE_153=1923-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo&KRTB&19420-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo&KRTB&22979-hiZiRoEhZRSdJG9HhiZ6FYEjZBKddWAWgXCjsCvo; PugT=1616254765; KRTBCOOKIE_1101=23040-6941761353411524755; KRTBCOOKIE_27=16735-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&16736-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&23019-uid:8a616056-172d-4400-9a08-50d289ac9b4a&KRTB&23114-uid:8a616056-172d-4400-9a08-50d289ac9b4a; KRTBCOOKIE_188=3189-no-consent
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 20 Mar 2021 15:39:25 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:UAgoKqpI1LnDHf5; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 15:39:25 GMT; path=/ PugT=1616254765; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 15:39:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 15:39:25 GMT; path=/
X-lat
lhrpug015:0:456
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sat, 20 Mar 2021 15:39:24 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UAgoKqpI1LnDHf5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0ab29fc25246f26bf@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=UAgoKqpI1LnDHf5; Domain=.w55c.net; Expires=Wed, 20-Apr-2022 15:39:25 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Mon, 19-Apr-2021 15:39:25 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
um
u-ams02.e-planning.net/ Frame F96E 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=e533928420f05e88&uid=984868AC-385D-41A3-A06C-A07431D2124B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method
GET
:authority
u-ams02.e-planning.net
:scheme
https
:path
/um?dc=a208d9366469aa64&fi=e533928420f05e88&uid=984868AC-385D-41A3-A06C-A07431D2124B
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Sat, 20 Mar 2021 15:39:25 GMT
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5A67
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mEhorDhdQaOgbKB0MdISSw%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mEhorDhdQaOgbKB0MdISSw%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.155 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-155.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=133727
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Mon, 22 Mar 2021 04:48:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5A67 		95 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=984868AC-385D-41A3-A06C-A07431D2124B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6330087a9e9d2c4e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f1e3a09e00002c4ebf3f2000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 5A67
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=984868AC-385D-41A3-A06C-A07431D2124B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=984868AC-385D-41A3-A06C-A07431D2124B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=984868AC-385D-41A3-A06C-A07431D2124B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:23 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=984868AC-385D-41A3-A06C-A07431D2124B&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=984868AC-385D-41A3-A06C-A07431D2124B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=984868AC-385D-41A3-A06C-A07431D2124B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=984868AC-385D-41A3-A06C-A07431D2124B&addseg=21
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=984868AC-385D-41A3-A06C-A07431D2124B&addseg=21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=984868AC-385D-41A3-A06C-A07431D2124B&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTg0ODY4QUMtMzg1RC00MUEzLUEwNkMtQTA3NDMxRDIxMjRC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug013:0:350
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=af0b2d81-fa23-42b5-a001-b70477845da4&user_group=1&ssp=pubmatic&bsw_param=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug001:0:572
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1100ecd7-273d-4c27-9adf-4b0f9f7f1b8e&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 20 Mar 2021 15:39:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
984868AC-385D-41A3-A06C-A07431D2124B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5A67 		43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/984868AC-385D-41A3-A06C-A07431D2124B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:39:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=984868AC-385D-41A3-A06C-A07431D2124B&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=984868AC-385D-41A3-A06C-A07431D2124B&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Jt4rEmBE2uXMMgVEtDgTAFvlNi6eGk0-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Jt4rEmBE2uXMMgVEtDgTAFvlNi6eGk0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:24 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Jt4rEmBE2uXMMgVEtDgTAFvlNi6eGk0-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFYXLAAAAJ-kgjoG&gdpr=0&gdpr_consent=
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFYXLAAAAJ-kgjoG&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug013:0:853
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616254765.358343,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFYXLAAAAJ-kgjoG&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3154976557178373947&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3154976557178373947&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
X-lat
lhrpug013:0:421
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3154976557178373947&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 5A67 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=984868AC-385D-41A3-A06C-A07431D2124B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5031862600181567872
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5031862600181567872
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:28 GMT
X-lat
lhrpug012:0:316
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:28 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.73:80
AN-X-Request-Uuid
ca2010f8-778e-4de8-b1c6-5e356bc6937f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5031862600181567872
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5A67
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_301a5954-c676-43fb-aac9-a64b96727046
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_301a5954-c676-43fb-aac9-a64b96727046
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:28 GMT
X-lat
lhrpug014:0:548
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_301a5954-c676-43fb-aac9-a64b96727046
date
Sat, 20 Mar 2021 15:39:28 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43080:time[url:%2F,device:desktop,user_id:5738805d5.fe6c91e31_1616254765379,cdn_version:7]&s=27f853c1546333f5801c5f74c6a89d7d&1616254765382
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/cTfMp56HGo9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.118.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Mar 2021 15:39:25 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
track.adform.net/serving/unload/ Frame D733 		35 B
502 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@43991442,4926896158026611544,0|0|0|0|0|0|0|0|0||0|1|346|d136f81b-aba6-4bf4-9a07-2321228a4f4d_1|||1|0|0|Kqa5ZH46jQgEfUZHiYmJHGOiuwSL1Rui0||1|11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 15:39:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
cmp
spl.zeotap.com/ Frame 180D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=708b4473-4523-42ed-4b67-7ad913749a4b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Sat, 20 Mar 2021 15:39:26 GMT
set-cookie
__cfduid=d07727451c9b1217a3794e7b60c62fbeb1616254765; expires=Mon, 19-Apr-21 15:39:25 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08f1e3a1e600002c4e539bc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6330087ca97d2c4e-FRA
SPug
simage4.pubmatic.com/AdServer/ Frame 785F 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159760&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:25 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/jslog/ 		35 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/serving/jslog/?src=fluoroscope&msg=Placement%20not%20found%201920x1080
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 Mar 2021 15:39:28 GMT
cache-control
private
server
nginx
content-type
image/gif
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Log
core.iprom.net/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://core.iprom.net/Log?mediumID=189&codeNum=13&siteID=3142&adID=728820&zoneID=237&RID=161625475589384519&resx=1600&resy=1200&kw=%5B%5D&ch=%5B%5D&type=e&e=50%&c=vid&referer=https://www.slovenskenovice.si/&cb=1616254769860
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.slovenskenovice.si/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 15:39:29 GMT
Connection
close
Vary
Accept-Encoding
X-adserver-worker
ragnarok-a24d6a2640a2@version_1.265v2
X-server-arch
v1
Transfer-Encoding
chunked
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssp-nj.webtradehub.com
URL
https://ssp-nj.webtradehub.com/?c=o&m=multi
Domain
a.ipromcloud.com
URL
https://a.ipromcloud.com/2020/113157/307ba1d7591444443149beac3b11b8ac_480.jpg
Domain
loadeu.exelator.com
URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=708b4473-4523-42ed-4b67-7ad913749a4b&reqId=8b12e5f7-2d9b-4fbb-642c-5587a00d8a53&zdid=1361
Domain
idsync.frontend.weborama.fr
URL
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=708b4473-4523-42ed-4b67-7ad913749a4b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D708b4473-4523-42ed-4b67-7ad913749a4b%26reqId%3D8b12e5f7-2d9b-4fbb-642c-5587a00d8a53%26zdid%3D1361
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/khaos.jpg?
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616341163&gdpr=1
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
Domain
tags.crwdcntrl.net
URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/ix.gif

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| current_path string| dotmetrics_identifier object| dotmetrics_ids object| dm object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| adBlocker function| getCookie function| checkCookie function| joinCookieArgs function| setCookies function| unsetCookies function| setCookieOnDomain object| jwt object| recaptcha boolean| DotMetricsInitScript function| setImmediate function| clearImmediate object| regeneratorRuntime function| cash object| M object| Waves function| $bu_getBrowser object| _buorgres function| $ function| jQuery object| __io object| _io_config string| facebook_identifier object| facebook_ids string| page_path number| refresh_time number| timeout object| DotMetricsSettings object| _contentExchange function| display_contentexchange function| display_trafex function| contentExchangeLoad function| webpackHotUpdate object| DotmetricsJSON object| CryptoJS object| DotMetricsObj string| _io_uniques_holing_params function| _ipromNS string| GoogleAnalyticsObject function| ga object| closure_lm_111537 object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| iabLookupInterval function| IpromNS function| initAdTag object| pbjs object| ipromNS function| postscribe object| _taboola number| LiveNetLife_TimeSyncServerTimeStamp number| LiveNetLife_TimeSyncClientTimeStamp object| TRC object| _tblConsole undefined| msg object| heads object| LNLParameters string| LiveNetLife_LNLTextServer string| LiveNetLife_JabberServer string| LiveNetLife_JabberMainChannel string| LiveNetLife_BOSHURL string| LiveNetLife_ForwardServer function| name_jureferlez_lnl_pageplugin_LNLPagePlugin object| meta string| LiveNetLife_JabberLoggerResource string| s object| style function| dayDiff function| doFirstRowHeigth object| LNLAPI undefined| __propertyErrorFunction object| __gwt_activeModules string| __gwt_Locale object| __gwt_stylesLoaded undefined| LiveNetLife_TextContentId function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| ipromSiteStates function| pbjsChunk object| _pbjsGlobals object| Criteo function| LiveNetLife_GetErrorLog function| LiveNetLife_SetTraceLevel function| LNLReality_OnWndFocusBlur function| GwtPotentialElementShim object| afterIpromPrebid function| _ipromNativeAd object| crossNativeSettings function| _loadIpromNativemOeAs9D5EjCDmoySfZ46 function| _loadIpromNative4fPYpEeDFerVTCfG9tfQ number| _i_zone object| tunnel boolean| _iprom_consent object| c object| zh object| Adform object| _adform object| adformtag object| _fscope undefined| _adform_cb_1616254758111_46479266175014033 undefined| _adform_cb_1616254758237_4925882056731936 object| bextag object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 boolean| _inter_adf_607006__rendered__ number| _inter_adf_607006 boolean| _inter_adf_928054__rendered__ number| _inter_adf_928054 boolean| _inter_adf_372213__rendered__ number| _inter_adf_372213

9 Cookies

Domain/Path Name / Value
www.slovenskenovice.si/ Name: __io_visit_43080
Value: 1
.slovenskenovice.si/ Name: __io_nav_state43080
Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.slovenskenovice.si%22%2C%22previousDomain%22%3A%22%22%7D
www.slovenskenovice.si/ Name: __io_lv
Value: 1616254755477
.slovenskenovice.si/ Name: __io_d
Value: 1_705468254
www.slovenskenovice.si/ Name: __io
Value: 1ff7ab560.0e7e6086f_1616254755356
www.slovenskenovice.si/ Name: __io_unique_43080
Value: 20
www.slovenskenovice.si/ Name: cx_test
Value: test,path=/
.slovenskenovice.si/ Name: __io_session_id
Value: 950778a05.ec31eca87_1616254755479
www.slovenskenovice.si/ Name: __io_uh
Value: 1

19 Console Messages

Source Level URL
Text
console-api log URL: https://www.slovenskenovice.si/(Line 76)
Message:
-----------dotmetrics info--------------
console-api log URL: https://www.slovenskenovice.si/(Line 77)
Message:
path: /
console-api log URL: https://www.slovenskenovice.si/(Line 78)
Message:
id: 2763
console-api log URL: https://www.slovenskenovice.si/(Line 79)
Message:
-------------------------------------------
console-api log URL: https://www.slovenskenovice.si/(Line 24504)
Message:
-----------facebook info--------------
console-api log URL: https://www.slovenskenovice.si/(Line 24505)
Message:
path: /
console-api log URL: https://www.slovenskenovice.si/(Line 24506)
Message:
id: 3808216315857434
console-api log URL: https://www.slovenskenovice.si/(Line 24507)
Message:
-------------------------------------------
console-api log URL: https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js(Line 50)
Message:
path=/
console-api log URL: https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js(Line 50)
Message:
level1= level2=undefined
console-api log URL: https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js(Line 50)
Message:
ipromads: SID = naslovnica SSID =
console-api log URL: https://www.slovenskenovice.si/static/sn/js/app.b73fa3ff43ac.js(Line 50)
Message:
Ad blocker is OFF (No)
console-api log URL: https://si.contentexchange.me/static/tracker.js(Line 176)
Message:
ALTERNATIVES [object Object]
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031701.js?31060502(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api log URL: https://www.slovenskenovice.si/(Line 3)
Message:
BEFORE ALL FOR ADFORM
console-api log URL: https://www.slovenskenovice.si/(Line 3)
Message:
BEFORE ALL FOR ADFORM
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

34b1a43e04de86d119a72ac91d576ebf.safeframe.googlesyndication.com
3847535e915d11cfbd378958276f815a.safeframe.googlesyndication.com
4126a4335856b675d6eadb810e718850.safeframe.googlesyndication.com
526dff8e19425ce178237e40692ba742.safeframe.googlesyndication.com
a.audrte.com
a.ipromcloud.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adserver.livenetlife.com
adservice.google.com
adservice.google.de
adservice.google.pl
adx.adform.net
ap.lijit.com
aud.pubmatic.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bin.livenetlife.com
bn01.er.bemail.it
c1.adform.net
cdn.connectad.io
cdn.core.iprom.si
cdn.ipromcloud.com
cdn.jsdelivr.net
cdn.onthe.io
cdn.taboola.com
central.iprom.net
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms.analytics.yahoo.com
code.createjs.com
core.iprom.net
cs.admanmedia.com
d.adroll.com
d1be26bb51e36bd074dcb3fb2dcb6748.safeframe.googlesyndication.com
d1vbprrijiwq7d.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.rtbsrv.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e061cb84236a64447e157dac6ff50d86.safeframe.googlesyndication.com
engine4.livenetlife.com
eu-u.openx.net
eus.rubiconproject.com
fbb3a126ec7ecf125d96d4cedb1ca2a2.safeframe.googlesyndication.com
fe172631fc8977665e845de572a97e91.safeframe.googlesyndication.com
fonts.googleapis.com
green.erne.co
gum.criteo.com
hb.contentexchange.me
hbopenbid.pubmatic.com
i.connectad.io
ib.adnxs.com
ic.tynt.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images4.contentexchange.me
js.cookieless-data.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
prg.smartadserver.com
pubmatic-match.dotomi.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.e-planning.net
s.tribalfusion.com
s1.adform.net
s2.adxpremium.services
script.dotmetrics.net
sddan.mgr.consensu.org
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.delo.si
si.contentexchange.me
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssp-nj.webtradehub.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracker.contentexchange.me
tracker_si.contentexchange.me
trc.taboola.com
tt.onthe.io
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
usermatch.krxd.net
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.slovenskenovice.si
x.bidswitch.net
a.ipromcloud.com
beacon.lynx.cognitivlabs.com
dsum.casalemedia.com
idsync.frontend.weborama.fr
loadeu.exelator.com
p.rfihub.com
ssp-nj.webtradehub.com
tags.crwdcntrl.net
token.rubiconproject.com
104.117.200.100
104.79.88.155
104.79.88.202
116.202.50.131
13.226.159.45
142.250.186.162
142.250.186.98
142.93.164.116
148.251.44.50
151.1.205.165
151.101.113.108
151.101.114.49
159.253.128.188
176.9.70.89
178.162.133.149
178.250.2.131
178.250.2.146
178.250.2.151
178.62.202.251
18.156.0.31
18.159.182.76
18.159.69.204
184.30.20.207
185.184.8.30
185.29.135.190
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.86.138.143
185.86.138.16
185.97.52.29
188.40.118.169
195.5.165.160
195.5.165.20
195.5.165.21
198.148.27.139
199.232.137.44
2001:678:cb4:bbbb::11
2001:67c:300:de10::100
208.100.17.181
212.82.100.182
213.155.156.168
213.19.147.151
216.58.212.166
217.156.250.128
23.37.42.132
23.79.152.128
2606:4700:10::6816:1957
2606:4700:10::6816:37ce
2606:4700:10::6816:47af
2606:4700:20::ac43:47f1
2606:4700:3037::6815:18da
2606:4700:3039::6815:c025
2606:4700::6810:ef3
2606:4700::6812:c05
2606:4700:e0::ac40:6308
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:400c:c1b::9b
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:12::1400
2a02:fa8:8806:20::2040
2a04:4e42:3::621
2a05:d018:24:b001:d120:1359:acbb:2de6
2a0c:5c81:5161::2
3.127.52.31
34.237.146.133
34.246.156.173
34.247.1.48
34.252.198.170
34.98.107.212
34.98.64.218
34.98.67.61
35.157.249.55
35.186.253.211
35.201.96.126
35.210.53.219
35.227.248.159
37.157.2.248
37.157.4.28
37.157.4.40
37.252.172.249
46.19.11.36
46.19.9.11
46.249.52.248
5.178.65.253
51.158.29.12
51.210.112.236
51.89.9.253
52.30.234.204
52.30.76.93
52.4.128.233
52.58.45.227
52.94.232.32
52.95.116.38
54.171.173.220
54.228.192.197
54.74.23.153
62.149.0.72
63.33.120.132
65.9.58.5
65.9.67.31
66.155.71.150
72.251.241.204
72.251.249.9
77.234.148.163
77.243.60.138
85.114.159.93
87.98.242.60
88.212.252.22
88.214.193.146
88.214.206.247
88.221.62.154
89.163.159.103
01059b5e09c2c119fc487416325cb2744b9455867336ae1f900a2f080c5d56cf
0162f17d5f59c9e88635a914ea0ad44a805b96edeeae452ec558ea3e13a54ac9
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231
03596d2bacff0c8ea5313508d0a86ba76c28594890d5162e6f1da596f6c65c93
045edb6d91a5fdcfe490438cedad98dda05afd2310fa82c763ac4bce06b06866
04cd22d3cff30bd8f8813ffd1e9dac9429f49869ece4f843916d72d23d27c672
04f6c7f5e15091a5937558e4da052f5967264843fc4d62c516131317bb3bb1c5
050d76d309454ba53bcb2345629adc03d961427214d779c045a53b049f030cf5
05109f8e3cc557d861aeb4a28df5e3de87490edbfd305ea820a293dba49ff101
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672
058dd5c817c3b80a6ad299a3287a9093845945e508ddc02bd759e2ba7a2823eb
0654d396dba1a2d513db8e001f68f0e1a6029ed6266c3606a3a514227532c9a4
06e91132c5bb3e51eb2d05f289f8c5cb539384ddc4cb5bca6958dcd8868cbf2b
080854fd740fe08f9b79d5c80109389d7868560216e673dfc932046ac07c68ab
08e33f10d74b4877f2cee5db5ccc0a7c66a0d6222fbb20f0c1086305bd4ac270
0918dd8774012da2219657e1412143f0bc6d068a581c74a9353d298bd7734d25
0970280f24215d5aefdbd44bbde87841a4d59a769508c460ef37e5beb8aae90f
0a5fa7e4fe6389bc1ecb71003ef097887e31841a4b05a59956581a34b16284e8
0a8f64e5bc7ec05c3e1f8c976195ac635ead062e60578f9dc865520601199374
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ed0c62199a317ce5e6469bf0e6c473999fc9660e77662180465d90be98585a0
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
12e03c10e20dd31b7370e90c0c21d13d6a9556e3af1727e57bbca44cd19da455
12fb384c8de21010a8e83f8bfcc904b28f046c89f24d95d60f875c020209d9a6
1418073ebb44bab9ede0a52fff8543509fbc66fb6d726e8af4c7722fdb76aa51
1455c0767e8f14b2ffb3699e9da35f7273b4dd8a4677d53568e7f40d3862db21
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a0c13457d9aee26881fb2286cd0b954795d04654ba530969a131f86ac442ec
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1afb64f9b606241d97bc8d996beaf49650d9dabb936493d4bdc555d01ca83b58
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1d56d4da3c4a6711d2066289c78d94183c788e8284ecce2193c27ea0fbcb372f
1eecc69e4faa700fdf450c642ca47fb79d989655f4f93d0c0128c6980e1e46b0
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2046faf6be34865da7d3077fc70e8b978841eebdb16eb2f6e7242595637b5114
2247c9172c52c7d1982d386b9c38071c69405c34ddfe86cbda0c156b47326910
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d
2414f57c4290f7dab6977eee2199bcf8e052f9f1d0fe7557e2c5f3673a7b3b6f
24ba618e3902116dec23df331662453485ad0308ec748441bb7d3f6d9ce3dffe
2506838b22a95da7ddb580c8f3410be423c4b84c9997badd8fc8e06fe31dbce4
2744e7c4ced5817da5864da609f9cc06741de869dabbfefd7735623607d4cb40
297747d34d9f435ec4ff5831a17b50aaa541eea588604f4844f7af51f8684a01
2a831e08e76d19dc76fccfff3002ae0dfef9db10631b75c4bad58516d5d41281
2ac58044e93acc280dafd0b2aee4988a1e76c3e9d25783c1eb7b01ef71111154
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32ad455327c7bec355729c1ed154965631a509bc811be679407cd455e8548213
354a1fe53d41be06ea5fbce6e43e5260aeed8dcbcb394137fe204f3cb136e1ba
3677bbf1b5ed2484d1f87e96f48ff60588c6f08dfa09e3899e0706d95817ccd0
3698b294291c7b5ae94762e1b73855214e4c27c5e440a564d44c93e8bfbc33b0
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37b0a4f88153f498d2f5359218fb0ac78c43f34f1dbd0528933c9044266e15bf
390d3fc65ac7fb91d5c79823bee0984654113adf3d8519354b118243b02ab498
3931c9f4baf1ce9207d8b664dcccd3cc746c1f56c3c0c92089db91684e25113d
39c4f227fe120cc7eb6389f9d7205d584c0dbe9fafc7cd0d0860a9fdad78b9e2
3b0595920069ec490b2dbf1da61fc2bc01060ef06053cdc7373629e9defe7880
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e706df0b0dee5ea5f39ce9b6a839bd4de2282071767daa41933e5e523ce963d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f58d950120274e9c45118873465c45611b885ed6c1388aee5038bb17731e6cd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409f105735d580558a63ee4c527b8823695eee63a0abd9cf0a0b72eeed5a0a90
4138c7a1cc135a3fc33eaf2fb3b3009783b643f20f1e7025e3faea23357f8af5
4289906ac1b3f74fa8f178010d483bcd5eba7c21de8a8fde5098266ae2225a48
42f4b1578b2879e2841eea548f50e44fa91d27cd28f26362b18552617cc16720
43110a3ba3281f0ae2b3d59f92b6b7061794d7b32aaca51869b423e3a99fe39b
432dce5d0ff9e2712fc79004df4e5c30074021bcc8cb0c06cba72dc25f60f9df
43455f4ee053ee308849504f00fd2db2911eef4c6a54cdffc0fe1b82fa930a07
442f2d67d6721fe8cc0ab941dde312830919c4b7e7e3e56c95b0304480ba87b8
448174baa514cb54644dddbbcd25ad358b9aafd456c36cfdfc9b24dda83d0268
46e9453ca396772386d8faeea64c76d87b081368bf9ac7c80b225363af63ca32
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
499c5b939b037bc5a01668352e3376ef872a2787e7c4414fcac359f7f151677a
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b7b9919de6f7348b90f9697aa6afe82a1f2311ad8c0de2ddb48dc08cffae5be
4cd09fcf75879b117291808b0326ba49b96720807cdb1525d2a776b357c69d7d
4db9385bafc92f99a780ce93e27e30ecbbf421516059b48cc7e4de35d9a75126
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e91846150e0b9867d96a521f884e960db5efe5bcbe138d902cf47d89d7956d6
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5e2c4ed4480f957b98d77529ffc593d348748da4038cbac377846ce0fbf919
4f600b1db2ac23f7973100fae454508086ff2db74558b89428d64639c2b38e79
4fa5411a523f5eb12165125cce26da45b14f0ab06bf216180623a2e7834268f2
501fcb2fbbc30593935a06d08e2751293d2f144e28ab19d4cc4295f841c185f7
503d8b8f099473e703a158e1d2ab33671a0fedf8459bd2174869173a26776448
50c6ebd85db74de4552ff16ae96d25dd3e1d4ac8389192061626a6aca57e2942
511a96bb5f05d8d909c0d11e898a8131c944d8aed75cd044c00db0b95e09dd4b
513be1f74cfb3fd061a1b0e3655617c4718298b16e4dca9983cd9eabfeb31c48
5156ec2e1059a39bfd21028baddac3fa062754b708e7c9aca1f1ffea9094f6d6
51661b5f29bb08761ea0c2bb48188d675a4692d82d5ea011273fac9e719fae20
51901a44bc1a1b57010901fbcb2a0ca19dc5263af88bce9c3eb5d0fee25fae84
53ae84037babcb13a86711579b3ec1314e22e7e6d9a157d90b9307be9a000198
554df558894384d2d103892cec4d3ee5e977d45a1ab8acc21ed41cb435bcab1b
55a6bb96fd8a9ad2c95d0c430636b4e4ed6525827a883cb1f856f25273faeb67
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
58f04afab81e22381c36497d846960ad9ae1aa20ee4e68910c623afe2bb5a68b
5bc4c7106d40609469f495a62a993e563e58754d9c68d4b5fa96e76ee07bf621
5cb5419dbb11cc600ed85167196454af7f17b2510bcd788e900fd0afa70b61c7
5cb9cb5cc62ae184168b8552565561ae129f4b5d0f32785560ecc29a116b20b4
5daa7d5093ceee109a73a48a4d2b4abc8f5979dad8de977c1707563dfaf820d8
5dcd34e64114317fa741e1e53d0971d4c03f05e156e5b5abdc042af6ba9dbdaa
5dfa0879cfb7a74ee21462e4868365dd0b8b6c0b2048ae6fd71ce92ceee869d3
5fa93c61a37dd7a7e2f2e8617dbc89af90c85605900bff24cab715315e6c075b
5fe8bda3545bb8e198cb07f49b2b797bd552081b3d2274aadba860a8add92475
60dc4ef4a64c54e79d365d8ba3001630cc6e4519a162f7629dd00c44e4eaa10d
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
610ef377d771100e2a62981804d224e96cc2eaabf40d0260f7e3cf2b6e7dfbb2
61732e3676d9caa0e934664af03c802988e616dfa673db233946e0a6a93aabe8
62c17644e34636470fbe88d3b3fa39aa7854df73aefa6014d603e65fd3ab5e67
6320b5ce544cd96a8893b0904e16d1d12e9b885c3dbfc1a37003a3775e58a7aa
65261401cd73e387d8d3e0d7e75dd0dc5a46af038d2c1911ceb3bb81225f4ea9
6859411dac097535162bc2a50816e97f07c981366a2bd2615ea1f75531fb2777
686df60545fbf0a0d59457fc410d3f997b5c904afdedb6d1b67a48984d6a2cda
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b3f3dfa4667bf347635a7342afb2db3ea9857055b06f22e14725ef88de5551d
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
707089c9677a5eb7c4f3d8a16b02ec9dc546df8a0149f70500eb4b243f91eca4
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7251ca7331baeeed7a01d64a83576009be8f8725fe8fb9623e15fd6cb81c4fd8
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
731ed9c89c55236ccc0b9bee61ea67e591148c3e817c22ddde85949514320519
7390a77512e1f754109ed4c5b9fdbde5ce75995715b6591d76bcdfa5d8dabb6b
7392d5fb5a93e6ebeb34ef8d792c05f4a31aa159c710fa438a2c3fc4d27654f3
742218418825c467e8e4e0170169db13bb6fbfb17767569859cdef2fb4ec8206
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
770bc7e3f89c29f64fcc3b9550d726090a2c3b962cddadcca3a0e916c633ded8
778a75f574d4ac82244806e85dde44bb61eb23b52781053f396fbd73ce1e3f4d
7841c411f0c8fd37063fc45350d46c7d57df36c8732b3b28ce10cfffd9d449ae
78c7015ec74697a95138d01c5374a3e70e12e49b303301b1061e15bc2b2e88ab
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
818a0d78e6ded09d23a415354ed7f322684692f6bf99e46ec192449a04a9fe4e
8279c9b8af14e35af6b55b8b40552358fc5a50fe20e61e2b1b72fa5a2496ef99
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862365d3fea82c70020cbe200d25d4b4f8e9872354afb9f2c52f5074a890d8d5
865537e14bcb78bcee40f11f9e39426192a3311330af2bddf99a61c1313ce3ae
867ce2c7c6507b0f0df8a3c3854179e7fa7e1719b9dc9bb546af56680ba92b82
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a20b2af360827b13534d10ab4bdeb5b99792e4627ea2abc1dc17217abb81c35
8a818d86ec7cfb1a650a673d07b4b21ea0e5fe4f62d513bc393f56ba60b85c18
8aa0d96baff449a5185c7ed9bca394a2b5913fe72e309af7793325a6199bd068
8adbd6accc5869225f9f6a12000e75881c423ee7a5d99e111a74b30510a2a59b
8af20cdd6b10d5f9fe83f433abff99500d8fa28be52633469cbfa89a945cde8b
8ba51371bb2bd3ee1e41e8ab3760a91298faa006ec3d6766eec0e42f68050e55
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db7da9fc42780bb6c7617c9388e729793aa7da49a74d54eec76d7bd48bb2f34
8fb5a5b8900ae2d32ee29fc6d5f5986a76f8ad0bd4e7e48ed18b855531308c49
8fe4cd7d1cb2b0ec01c9a9ae9ad91da6b4abff345aa4860b579204167a7b296a
916d3bceff420084aa790b79bdd4032d90f5b73bb2e957c7baab89683de368eb
919bdbce970f9a971e812cb5f5c0e48dc582c51a283248ee2fb2a383c99a07dc
93a80b3a020cac043c4ec8f051cd262bba0c8ea050c1b6a39dc840928aab79c6
93c59cb89743de68fcff795f287fb78af69cdcba38929c71c57af3962300160a
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
950ebeff5f79c79d6af5b6a56d7bf6dee00ec8a3ad108f8d0f5856f9a8107ead
95ac7683dc2b8c5626ada4b325c1ccbdcf1f486f665b06f08473fdbac5ea5e41
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b5887a042f550e1cb989e1da2752b2c8f833545aea584625966b83eab853296
9b6534892fcdfa6dd275dd8600e81e7a2cb82d8eee3b9842b73be4e001b0b91c
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9d1783882336150ddeb0d05ee2eea2f34c56ae057e75749c11ea7e595d311cf8
9e2d2386381aa28c25f50c7ffde0e1fa4f700d097ae055df4648183d0ec774ec
9e8634a9ef8ef5609497d5ff52548c9bd94499c7bcd7291beb3475617b5e7b49
9f4bf45630ec0760aa8823551c7db71ed218faf7d177a01f24a653486b356dbe
9f7cf90e4c059a050cfc2214197a9b4d17dfedf5a47fb52058978f2b189edc74
a030f8ca7f67cffb7bc76517dbe1c5f891a2cbe70894ca81f4453f914fbca07c
a051637b7b87936b23acaa0a6e2bbfed758a4bc38b8fc6db906960d6b8c8b9cd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2059db77763b3aa4ee083a35a0ed37dbd9ae2d832eee8fbe77118c3562af5ea
a21e10f5497ce6ba1e76f468123589d175db2d98893fb6f2823b10ca5096bc8e
a26a3296e5bc5cfdef4a954bc895272bda0f8f9012353577a3e33d9bdad22503
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c79f45d87616162a05d4d9210502ea4578e8b6a28192731ea4311e30e26bae
a51c1b5473154fdf404dfa5ca8a8e95e4f702619ad005ee84d2bd21b25b65b9a
a6d0f2453cebee6688a661e52432b77db542b6667c01a8035f360bdc5c1b3693
a79a3ccb691f88c66e176df1d1d1bf854bb60ae1845f762c393c5a117ecc2614
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acd6c8069b0345a5c70e53d00ad7be4d18bd0db39bbf8299dacd619885fefd39
ad87a49a715d6c67ddbe7b2d1f22a7e157a63c4b534c1337cf96475bcad44fa5
ae9ae3dfd2efbb210fb9ebb54bcafead289c060ed4d30fb85b1a81276ce5733e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb06cee92026a44c629b5b199bf775283a5853537c89eb03cf33730206bffdd
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b49ff1e834c5636820386a75fc0622da8e51ef724a2e3c124aab439419f7d380
b5e1dce3f360295382fcd8ab5f59913ff723068b50866bc0c71418b6342e04d7
b5eecc6b0b45f2a9c5f7e6af1d261da602ffd214db154d2ab7b25c2eeb37f3a7
ba5a2163e85179a25680ed144a7be87bda09be67c0116593ebcd327f5bfa655f
bb9c02f801e3f9e0927d9cea4fe530538ebf750242a8553de9d25dfad0de65ec
bcd9af3e1932795db7aba0b0f0c9337ec0b9528fb40fe3f68cd0c89b20f7cc05
bd8772f76149e69b93d328a33ae387f5e17c2110cfe320f88b78ee6cc2a36d50
be4003e425250aa444ac148f67b886ccba9205c3e939b8a470061b9211132033
c01abac27bd4a33fcfc21f720a2164ea25386019613f36cd085347389a21571e
c059812d3e35848abe7f09f6dc9e0e4d808ec13e9c33408ea912de84169d4666
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c308cb0e1fcbe1b505ef6dac80828729bb54e448d4361b8962202379d0bd1684
c62f1184b1f0b5c608acb8dc4dac436bf7e0bb608d309c58c531169a679a3279
c698d485be7c94c54fd3ac70d785ee25434943949049330ab1b32a94dca6d336
c6b1310b9c8cddf8cfc3eb13fd083d86929e9dd81032277b2768cd46c5ad6acf
c8bedb722c1f159a5cc9dc38888e303c86bffeb09761a6c7e0b754601c84bfc2
c915e862cdfc1fa39894f26158dc759319af56703b281f37586a6841631a65bd
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
c9d1f6dcdd5f0bf2d10af5387b2daba6bbd9889723a8b1ff9f4f7b4e101cec6a
ca1b9f2f35c7cc3801123ed4970d3dfc4b75525a3b9fde41dd6bfbe0e4d67e2d
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cbbda5fac6618da4be9f03098dc394e81f435c51622e306605849c2ac2942fd3
cc2e0d435e43e42de2de4baf2b50193d407a20e500b937018eb858b66756ca33
cdf358c3a68450a8a7283e91fe4aeeac26d1d578e8771ad058762e5c00a8038b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0a7a7e70dc6920d0bc596b6fc4038418ddc4c46f9cc234ba4b5486eb4365963
d0f6a7aca8287c91000ba19cb004208deb2707f4df981731371ef9d1ce93bd75
d1e6dbc8b6d2496ca8e40b81a47d1824a2846d6998bd0e4b83495e8df24b6f65
d28d3a79049e41b15c46b44756d8702c2206a4b3ef4a1aaa82a82d0534155246
d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480
d48b87ba8e7642c658bb96fb3bca5b64573e1f991215d9615d6fa5c2e5c6cc62
d4b9beb1775d109ba8e355206ab56f8a21bb40012230ab1f100057f07d3e3c3b
d51848dfe30e981f74071a5695b66f8c8fb0457d8ad79029c1ff10868613d380
d5fe0c902ca8e8dd8172363c372774e72cd185a43fae05933b7c7ead2c7383ef
d60251a1010fea87c831bd4a1f8fb6f5dde2e10a66e74ae6a7dbd912dbcc7b9a
d7482409e7a199ef6d62842b9f343b06983943f7d6a5d98db8ad06d9400fbe0d
d7bf1261e672c5afc37b74ac6c95aced2f2cbdea540dde4ebd3e3de1e7f8239f
d7f44b4d408c7bccfe295eb4232dd969c1c3b55ed98c45e3d31957eadb3b6891
d8ce3bee6cddb292b9da13b4738dbf153da752851dec30d1b3dbb870a495af82
d93e759bd0fe63a1ba638e63e00840aa294edbb5ef3ceacb5e53662089f59884
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daedb0cc7f4c099993b09c71abc4438883410c58ad857b8a9b67d72ae67243d5
db6bb051e2aac4e3e37259c67d5daa302dc4c5fc0b093183939e9f07507abc58
db72f9f8bcbcd02a044d9fbe7c7ca19bf533e377b15437786b8094f3316da31d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de281fc61e74b7f839ab771fd2f8b9d63a05ace688090e75ba4705ee1222b3aa
de99d2f0b9808baf9f33babc83d47755e072cf4cf767b83be95815c2c358212d
e24bf9323421c2b11b7a89a8f42e60a3235a37cd0aace40274802259a3871335
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4d1535b9eb3f5c1675c6959754e8faa289b9668e16dbf5eb3979eb7e4e17a69
e5ba36a730fd970bbeab751c8abcc96efb872eb67fc617f55f290027a93b5921
e6abe0c7f422cdd6dafa8a0cc156eac2aa2086a4fac4c29d9a9583148092b91e
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e8143d2ce4883c14ad30cc19e04d311470c3d54b5ba49ddfba2e337947888efb
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
eb2616e0c123e90ba1d656898ada1eacc807062d23866d4dbf250df7838c23cc
eb364c7f2d591189ec69cd14387bc8b3419bf5bf467bba354151ec26d014e857
ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269
edc4fc19380a0605e9eabe99eebc54e641f87c98f34f141be16b404a5cf03238
ee038399ef018218ca4c7675eecd9fcd407cea41dd3999aa047cf912a856146d
ee0c09fc616d6c86b4e21d2bc10127f02e508c1ca02ab4febb64c34f6e0c51fc
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9221eb1c975251bc16c32e59a127389cdddd98b9bdb64d053ce6a0ffc1cd95
f0368283c4da773f9d46ab430144d565bfb656f3e70b4ac7ee37d43d0169815a
f357b94ac5523cd92dc0a806279fd9341de3a48c5eb50fac4edf44fe85882c73
f43f849d129139e7cdd7ad315cb09d7cfaff8e05b528d2f1568fccd984c82ca9
f636aefad2c70674b7de1837ac69eb7caaccd67b7ac38998db45d9f654c438a2
f63ed25bf42f8dd42cf3bf798a5a6f59a4ade035885440658177e490eebfdbe5
f67a652c0bfce9ea8481b3b820bb1b41aea7790a61b9ae97cfea762a516ce233
f741381fc4ac623c2033b6fecc170ad9c6883e7448083ee157a2449e9d6b85e4
fa92512bfdaeac894f6a39dc3900f5d160fd109f67604e6c6e87136b5fbb485e
fb0d29a0e37e475f9a96298f57393125f1b909871e800c36d4b6e8cb8bcfe776
fb5a72788789a4ff6bf456538e306c510058038769dcf490ffc1a1cd04cc2ae6
fb8c3b3d39f1fb2abc56e8f497b744797814bca689eb709ca7f66a42c0d27736
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fcc998a1ff603a695df3744087b54d390c3213b8a56c8e4f5548a8d6c2caee65
fe344300cddaecf1bc0da6bac520501dc510d8ebdc1264fd167617c3500cd339
febfeb086079964a2f08b3c275f2b35669e3c3b20ff459dc0d59dc3834574389