urlscan.io logo urlscan.io
SecurityTrails logo

www.mestocards.com Open in urlscan Pro
2a00:1450:4001:829::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mestocards.com/?m=1
Submission: On October 28 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 8 countries across 54 domains to perform 231 HTTP transactions. The main IP is 2a00:1450:4001:829::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.mestocards.com.
TLS certificate: Issued by GTS CA 1D4 on September 3rd 2021. Valid for: 3 months.
This is the only time www.mestocards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
28 151.139.241.23 33438 (HIGHWINDS2)
7 2a00:1450:400... 15169 (GOOGLE)
1 2 213.186.33.2 16276 (OVH)
1 91.121.164.142 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 164.132.167.149 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 194.150.236.190 44976 (HIWIT_AS)
3 151.101.130.133 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 145.239.193.145 16276 (OVH)
14 54.38.64.100 16276 (OVH)
1 7 185.86.137.114 201081 (SMARTADSE...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:2638::1c 44788 (ASN-CRITE...)
1 145.239.192.166 16276 (OVH)
1 51.38.120.206 16276 (OVH)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2620:116:800d... 16509 (AMAZON-02)
1 52.210.129.48 16509 (AMAZON-02)
1 65.9.58.151 16509 (AMAZON-02)
2 9 2.18.234.21 16625 (AKAMAI-AS)
5 2600:9000:211... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 37.252.172.249 29990 (ASN-APPNEX)
5 5 142.250.185.162 15169 (GOOGLE)
3 8 3.33.220.150 16509 (AMAZON-02)
2 2 63.32.159.255 16509 (AMAZON-02)
1 1 3.8.243.222 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 2 51.89.20.87 16276 (OVH)
1 2600:9000:211... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.133.55 15169 (GOOGLE)
4 4 2.19.35.65 16625 (AKAMAI-AS)
8 104.109.78.125 16625 (AKAMAI-AS)
44 151.101.1.44 54113 (FASTLY)
1 54.217.215.116 16509 (AMAZON-02)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 51.15.145.116 12876 (Online SAS)
4 18.200.182.178 16509 (AMAZON-02)
9 141.226.228.48 200478 (TABOOLA-AS)
1 2600:9000:211... 16509 (AMAZON-02)
5 34.243.225.216 16509 (AMAZON-02)
1 13.35.253.50 16509 (AMAZON-02)
5 69.173.144.139 26667 (RUBICONPR...)
1 2 185.86.138.143 201081 (SMARTADSE...)
1 1 37.252.172.45 29990 (ASN-APPNEX)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
1 18.197.204.221 16509 (AMAZON-02)
3 2600:1f18:612... 14618 (AMAZON-AES)
4 4 185.94.180.126 35220 (SPOTX-AMS)
3 18.192.203.176 16509 (AMAZON-02)
2 151.101.129.44 54113 (FASTLY)
1 185.86.139.95 201081 (SMARTADSE...)
1 52.200.17.196 14618 (AMAZON-AES)
2 159.89.90.7 14061 (DIGITALOC...)
1 52.48.181.137 16509 (AMAZON-02)
1 2 209.54.177.54 16509 (AMAZON-02)
1 1 66.155.71.25 13768 (COGECO-PEER1)
1 18.156.0.31 16509 (AMAZON-02)
1 72.251.232.229 29791 (VOXEL-DOT...)
2 2 135.125.160.160 16276 (OVH)
1 141.226.224.32 200478 (TABOOLA-AS)
2 185.94.180.124 35220 (SPOTX-AMS)
231 59
3    2a00:1450:4001:829::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.mestocards.com
8    2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
28    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
7    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
2    213.186.33.2 (France)

ASN16276 (OVH, FR)
PTR: cluster002.ovh.net
www.espace-turf.com
1    91.121.164.142 (France)

ASN16276 (OVH, FR)
PTR: ns360576.ip-91-121-164.eu
nsm09.casimages.com
6    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
lh5.googleusercontent.com
lh4.googleusercontent.com
lh3.googleusercontent.com
1    2606:4700:3031::ac43:92f9 (United States)

ASN13335 (CLOUDFLARENET, US)
www.gralon.net
2    164.132.167.149 (France)

ASN16276 (OVH, FR)
PTR: sp1.gralon.net
logo.gralon.net
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
1    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.top-pmu.com
3    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
14    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
7    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
eqx.smartadserver.com
1    2a02:26f0:6c00::210:ba0b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    51.38.120.206 (Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
9    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    52.210.129.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
p.cpx.to
1    65.9.58.151 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-151.fra56.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
9    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    2600:9000:211e:b200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
2    37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
8    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    63.32.159.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-159-255.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    3.8.243.222 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-243-222.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    51.89.20.87 (Germany)

ASN16276 (OVH, FR)
PTR: p19.id5-sync.com
id5-sync.com
1    2600:9000:211e:b000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    34.120.133.55 (United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    2.19.35.65 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    104.109.78.125 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
44    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
c3.taboola.com
wf.taboola.com
1    54.217.215.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-215-116.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
3    2606:4700:10::6814:b25 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.ayads.co
sac.ayads.co
geoworker.ayads.co
1    51.15.145.116 (France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-116.rev.poneytelecom.eu
kvt.cookieless-data.com
4    18.200.182.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
antenna.ayads.co
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
1    2600:9000:211e:7200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
5    34.243.225.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-225-216.eu-west-1.compute.amazonaws.com
s.cpx.to
1    13.35.253.50 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-50.fra6.r.cloudfront.net
audit-tcfv2.quantcast.mgr.consensu.org
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
1    37.252.172.45 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    18.197.204.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-204-221.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
3    2600:1f18:612b:4200:787a:99c3:22c2:11ca (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
4    185.94.180.126 (Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    18.192.203.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-203-176.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
1    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    52.200.17.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-17-196.compute-1.amazonaws.com
ioms.bfmio.com
2    159.89.90.7 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
serverc.aivdesk.com
1    52.48.181.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-181-137.eu-west-1.compute.amazonaws.com
optchk.ayads.co
2    209.54.177.54 (Osaka, Japan)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    66.155.71.25 (Southampton, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    18.156.0.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    72.251.232.229 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    135.125.160.160 (United States)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    185.94.180.124 (Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
Apex Domain
Subdomains		 Transfer
56 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
am-trc-events.taboola.com
imprammp.taboola.com
c3.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
pips.taboola.com
cds.taboola.com
1 MB
28 themoneytizer.com
ads.themoneytizer.com
424 KB
17 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
44 KB
14 tmyzer.com
c.tmyzer.com
4 KB
10 smartadserver.com
ww1097.smartadserver.com
eqx.smartadserver.com
sync.smartadserver.com
prg.smartadserver.com
6 KB
9 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
3 KB
8 ayads.co
ads.ayads.co
sac.ayads.co
antenna.ayads.co
geoworker.ayads.co
optchk.ayads.co
101 KB
8 casalemedia.com
as-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
8 adsrvr.org
match.adsrvr.org
3 KB
7 consensu.org
quantcast.mgr.consensu.org
test.quantcast.mgr.consensu.org
audit-tcfv2.quantcast.mgr.consensu.org
267 KB
7 blogspot.com
1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
390 KB
6 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
5 KB
6 cpx.to
p.cpx.to
s.cpx.to
8 KB
6 googleusercontent.com
lh6.googleusercontent.com
lh5.googleusercontent.com
lh4.googleusercontent.com
lh3.googleusercontent.com
160 KB
6 blogger.com
www.blogger.com
197 KB
5 doubleclick.net
cm.g.doubleclick.net
1 KB
4 bidswitch.net
pool.grid-data.bidswitch.net
x.bidswitch.net
880 B
3 tremorhub.com
taboola-supply-partners.tremorhub.com
547 B
3 gstatic.com
www.gstatic.com
4 KB
3 adnxs.com
ib.adnxs.com
secure.adnxs.com
3 KB
3 googleapis.com
translate.googleapis.com
ajax.googleapis.com
110 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 paypalobjects.com
www.paypalobjects.com
8 KB
3 gralon.net
www.gralon.net
logo.gralon.net
9 KB
3 mestocards.com
www.mestocards.com
25 KB
2 dyntrk.com
gu.dyntrk.com
850 B
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 aivdesk.com
serverc.aivdesk.com
1 KB
2 pubmatic.com
image2.pubmatic.com
629 B
2 id5-sync.com
id5-sync.com
2 KB
2 demdex.net
dpm.demdex.net
2 KB
2 blogblog.com
resources.blogblog.com
827 B
2 espace-turf.com
www.espace-turf.com
1 KB
1 adgrx.com
cm.adgrx.com
408 B
1 yahoo.com
ups.analytics.yahoo.com
234 B
1 sitescout.com
pixel-sync.sitescout.com
299 B
1 bfmio.com
ioms.bfmio.com
652 B
1 cookieless-data.com
kvt.cookieless-data.com
491 B
1 adleadevent.com
adtrack.adleadevent.com
529 B
1 rlcdn.com
api.rlcdn.com
330 B
1 quantcount.com
rules.quantcount.com
1 KB
1 mathtag.com
pixel.mathtag.com
722 B
1 agkn.com
aa.agkn.com
382 B
1 indexww.com
js-sec.indexww.com
13 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 quantserve.com
secure.quantserve.com
10 KB
1 onetag-sys.com
onetag-sys.com
823 B
1 leadplace.fr
tag.leadplace.fr
6 KB
1 criteo.com
gum.criteo.com
362 B
1 sascdn.com
ced-ns.sascdn.com
24 KB
1 themoneytizer.net
g.themoneytizer.net
271 B
1 top-pmu.com
www.top-pmu.com
13 KB
1 google.com
translate.google.com
27 KB
1 casimages.com
nsm09.casimages.com
13 KB
231 54
Domain Requested by
28 ads.themoneytizer.com www.mestocards.com
ads.themoneytizer.com
15 images.taboola.com www.mestocards.com
vidstat.taboola.com
14 c.tmyzer.com ads.themoneytizer.com
13 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
8 cdn.taboola.com www.mestocards.com
cdn.taboola.com
8 eus.rubiconproject.com ww1097.smartadserver.com
eus.rubiconproject.com
am-match.taboola.com
imprammp.taboola.com
8 match.adsrvr.org 3 redirects js-sec.indexww.com
imprammp.taboola.com
am-match.taboola.com
ssum.casalemedia.com
6 mwzeom.zeotap.com spl.zeotap.com
www.mestocards.com
6 www.blogger.com www.mestocards.com
www.blogger.com
5 token.rubiconproject.com www.mestocards.com
eus.rubiconproject.com
5 s.cpx.to p.cpx.to
www.mestocards.com
5 cm.g.doubleclick.net 5 redirects
5 quantcast.mgr.consensu.org www.mestocards.com
quantcast.mgr.consensu.org
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 sync.search.spotxchange.com 4 redirects
4 antenna.ayads.co www.mestocards.com
4 secure-assets.rubiconproject.com 4 redirects
4 ww1097.smartadserver.com 1 redirects ww1097.smartadserver.com
www.mestocards.com
3 x.bidswitch.net imprammp.taboola.com
am-match.taboola.com
3 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
3 am-vid-events.taboola.com www.mestocards.com
vidstat.taboola.com
3 eqx.smartadserver.com www.mestocards.com
3 www.gstatic.com www.mestocards.com
translate.googleapis.com
3 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
3 www.google-analytics.com www.mestocards.com
www.google-analytics.com
3 www.paypalobjects.com www.mestocards.com
3 lh5.googleusercontent.com www.mestocards.com
3 1.bp.blogspot.com www.mestocards.com
3 www.mestocards.com www.mestocards.com
www.blogger.com
2 search.spotxchange.com vidstat.taboola.com
2 gu.dyntrk.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 ssum.casalemedia.com 1 redirects am-match.taboola.com
2 serverc.aivdesk.com vidstat.taboola.com
2 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
2 image2.pubmatic.com 2 redirects
2 sync.smartadserver.com 1 redirects www.mestocards.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 imprammp.taboola.com www.mestocards.com
vidstat.taboola.com
2 15.taboola.com cdn.taboola.com
2 trc.taboola.com cdn.taboola.com
2 id5-sync.com 1 redirects www.mestocards.com
2 dpm.demdex.net 2 redirects
2 ib.adnxs.com 2 redirects
2 translate.googleapis.com
2 logo.gralon.net 1 redirects www.mestocards.com
2 4.bp.blogspot.com www.mestocards.com
2 resources.blogblog.com www.mestocards.com
2 3.bp.blogspot.com www.mestocards.com
2 www.espace-turf.com 1 redirects www.mestocards.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 sync.taboola.com ssum.casalemedia.com
1 cm.adgrx.com ssum.casalemedia.com
1 ups.analytics.yahoo.com ssum.casalemedia.com
1 pixel-sync.sitescout.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 optchk.ayads.co ads.ayads.co
1 geoworker.ayads.co ads.ayads.co
1 ioms.bfmio.com vidstat.taboola.com
1 prg.smartadserver.com vidstat.taboola.com
1 pool.grid-data.bidswitch.net www.mestocards.com
1 secure.adnxs.com 1 redirects
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 c3.taboola.com www.mestocards.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 am-trc-events.taboola.com www.mestocards.com
1 kvt.cookieless-data.com ads.ayads.co
1 sac.ayads.co www.mestocards.com
1 ads.ayads.co 1 redirects
1 as-sec.casalemedia.com js-sec.indexww.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 api.rlcdn.com js-sec.indexww.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 rules.quantcount.com secure.quantserve.com
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com www.mestocards.com
1 g.themoneytizer.net ads.themoneytizer.com
1 www.top-pmu.com www.mestocards.com
1 lh3.googleusercontent.com www.mestocards.com
1 lh4.googleusercontent.com www.mestocards.com
1 translate.google.com www.mestocards.com
1 www.gralon.net 1 redirects
1 lh6.googleusercontent.com www.mestocards.com
1 nsm09.casimages.com www.mestocards.com
231 94
Subject Issuer Validity Valid
www.mestocards.com
GTS CA 1D4		 2021-09-03 -
2021-12-02		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.themoneytizer.com
GoGetSSL RSA DV CA		 2021-02-14 -
2022-03-17		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.casimages.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-04 -
2022-05-05		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
top-pmu.com
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-29 -
2021-12-13		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
c.tmyzer.com
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2021-09-12 -
2022-09-12		 a year crt.sh
onetag-sys.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-02 -
2022-02-02		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2021-05-17 -
2022-06-15		 a year crt.sh
kvt.cookieless-data.com
R3		 2021-10-03 -
2022-01-01		 3 months crt.sh
*.ayads.co
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-08-04		 2 years crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-09		 a year crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-03-06 -
2022-03-06		 2 years crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.bfmio.com
Amazon		 2021-05-16 -
2022-06-14		 a year crt.sh
*.aivdesk.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh

This page contains 14 frames:

Primary Page: https://www.mestocards.com/?m=1
Frame ID: ED9692DECF69B5E04DA97FF8708D68ED
Requests: 132 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1635419419856
Frame ID: E25BC74AD14C01FCB3B601E1896CA547
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258&cmp=0
Frame ID: 29A85785401D5C02817320D5494380D8
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: C1090491A992D0527D5AC1976ABFC97C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 809F38D149AB66A0066DFE965D754EFA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: D55A7DD791C9442FCD8AE97B1B459D4B
Requests: 52 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=A452EAF421631425881333606&cicmp=1337627&cijs=1&dast=V7eVkCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG0FaTVYMGmmymG0Wo8lqtxgsR6PBbDLbLWFiFovFaLhajcaaxWIxmsxWwykYbOFzurvbsIGm0-Fz3et1v99d7fKc_h6H5eS5a_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCgOBLu6fJcHCaX3R8AAA8KIAAAAhghADrRbSIAAAAAIwAAAAAkAAKJhSUADneLJgAAAXzGl_ehJwAAAAd1Mk_bLP____8xAHnvTTIAFGkbNwY9AA8-AA9CAAAAH0M-s16edBWS7UQFq0WMAAAAAJxeoD2OJnVCZVH1____bwVwBQAQwGd8eY-bdXNSzBoGAAAAMLZAD4vfb3bYNX63y_7_________zf7PANCEkLhS0oII9MLVeEauFdZ-AQEA2N4NAOBNAC7mAOwAAAAA7v7____zAAAAAPYo2V6r8exR1vsMtvA53d31m7DFaDWZbJbD2XIxGQxHw9FofwK5GuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQa4kHVuXQ-r07Fg_m4nPvahY8MN5yLdnPJYDjXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
Frame ID: D9D66590839F70155423E7CB7B655AAC
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334925&crid=5477625&dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&cmcv=&pix=undefined&cb=1635419420914&uv=3053&tms=1635419420914&abt=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!ufm!vzr_vA&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D7337F8CDE208420241629282625&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: BECA7F60C86703495B29AD5102464A32
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: E8FBDB548DBA87D91DB931E9D52044EC
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 87213AD9F01BFE4DFE87175C724B615F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: DCE01652F5166B246F8E188E3A3B10BB
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 5B3CBE741CCD286341C2D308DD9B92BD
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 9DC03EFCD7CBCDD295435FAB76CD37A5
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Frame ID: A6609A879147B1D516E606DE3A6354A6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Blog Entièrement Gratuit Mestocards du Quinté

Page Statistics

231
Requests

89 %
HTTPS

28 %
IPv6

54
Domains

94
Subdomains

59
IPs

8
Countries

3345 kB
Transfer

10505 kB
Size

43
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.espace-turf.com/button.php?u=mestocards HTTP 302
  • https://www.espace-turf.com/images/3.png
Request Chain 23
  • https://www.gralon.net/plogo-gralon-164300.gif HTTP 302
  • https://logo.gralon.net/plogo-gralon-164300.gif HTTP 302
  • https://logo.gralon.net/plogo-gralon.gif
Request Chain 57
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 85
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d3-fcda-432f-5628-0a50f1b0f0da%26reqId%3Dcc26284b-9a86-452d-502d-26dfe6bcca50%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=1840280569231006636&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMNQLfxw6MzNpPvVSmiPvN0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Request Chain 87
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d3-fcda-432f-5628-0a50f1b0f0da%26reqId%3Dcc26284b-9a86-452d-502d-26dfe6bcca50%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d3-fcda-432f-5628-0a50f1b0f0da%26reqId%3Dcc26284b-9a86-452d-502d-26dfe6bcca50%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=588c2729-e027-43f8-ae98-1fbf2c04fcdb&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Request Chain 88
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d3-fcda-432f-5628-0a50f1b0f0da%26reqId%3Dcc26284b-9a86-452d-502d-26dfe6bcca50%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d3-fcda-432f-5628-0a50f1b0f0da%26reqId%3Dcc26284b-9a86-452d-502d-26dfe6bcca50%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=64651939655593692743338291400120045275&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Request Chain 89
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=Iotf95Ii%2Bz%2FBTzlHbP7JxXTtUQ8Xrig%2F%2BS41iYitP1U%3D
Request Chain 90
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d3-fcda-432f-5628-0a50f1b0f0da%26reqId%3Dcc26284b-9a86-452d-502d-26dfe6bcca50%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=def8617a-851c-4e00-891d-a43ca2390ceb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Request Chain 95
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
Request Chain 107
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 112
  • https://ads.ayads.co/ajs.php?zid=34704 HTTP 302
  • https://sac.ayads.co/sublime/34704
Request Chain 163
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D68c35a0e-27b1-4fda-b3f6-840379a9ec1e&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e&gdpr=0&cklb=1
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e&google_gid=CAESEGq6jjJai2dO_ceMxeKg9r4&google_cver=1
Request Chain 166
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26hn_ver%3D20%26fid%3D68c35a0e-27b1-4fda-b3f6-840379a9ec1e HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=1840280569231006636&pid=12773&ref=&hn_ver=20&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
Request Chain 167
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=588c2729-e027-43f8-ae98-1fbf2c04fcdb&dsp=TTD
Request Chain 168
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D68c35a0e-27b1-4fda-b3f6-840379a9ec1e HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D68c35a0e-27b1-4fda-b3f6-840379a9ec1e HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9062D18F-155E-4508-8D3D-B79C3D283A9C&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
Request Chain 172
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=a4047901-37df-11ec-b4b0-1a4ab9540106 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a4045ab7-37df-11ec-8929-16ae82d30406&orig=video&us_privacy=1---gdpr=1&
Request Chain 176
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=a4045b05-37df-11ec-8929-16ae82d30406 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a4045ab7-37df-11ec-8929-16ae82d30406&orig=video&us_privacy=1---gdpr=1&
Request Chain 178
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 179
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 201
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 202
  • https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Request Chain 214
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB&dcc=t
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECs1PEXefq_ZqVGgJ7ApR8s&google_cver=1
Request Chain 217
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXqFHTLJy7JTI5ajsO6j6QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJejN8ddPo-_8CNs6P3ePvs&google_cver=1&gdpr=1
Request Chain 218
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638011421
Request Chain 221
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

231 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mestocards.com/ 		105 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ac1ccd31792cf0ef9095db79967c752a728bf09d44ab63a2a9c9cf03e835cdd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
expires
Thu, 28 Oct 2021 11:10:19 GMT
date
Thu, 28 Oct 2021 11:10:19 GMT
cache-control
private, max-age=0
last-modified
Thu, 28 Oct 2021 01:57:29 GMT
etag
W/"4ef01282c85f1936d47424d6ee97e07b2498a591df871e8ae115ca12cb5542a6"
x-robots-tag
all,noarchive,noodp
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22251
server
GSE
1667664774-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 05:08:01 GMT
x-content-type-options
nosniff
age
21738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36164
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 20:55:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 28 Oct 2022 05:08:01 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=31
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:22 GMT
requestform.js
ads.themoneytizer.com/s/ 		144 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
75a3eb4dd9c41cb210678e6c0c63dfab0e68cd7b41c0f93830668795b66cea07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=39
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
requestform.js
ads.themoneytizer.com/s/ 		131 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=16680&formatId=39
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
9f483d95a3ae3ec1568e733a6b10c146d6581d7fb35fbf44b6cb9d7972aaa38f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
15060
expires
Thu, 04 Nov 2021 11:10:19 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:59 GMT
requestform.js
ads.themoneytizer.com/s/ 		144 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=1
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
0965c813b847b2d16700539c468e138d9f06cb5557f870c9a6b82a8c090091b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=34
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:10:03 GMT
requestform.js
ads.themoneytizer.com/s/ 		140 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=34
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4e02d37077b94b11e5c20e73780940dbaa4a480a1e4949b64d0132d0cd5f8480

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:56 GMT
requestform.js
ads.themoneytizer.com/s/ 		138 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=6
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
6ad239cf88e093a68583a0dbb36d51546aecf3173643b63da6ddabd1a1efe9c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
15681
expires
Thu, 04 Nov 2021 11:10:19 GMT
Exelturf.gif
1.bp.blogspot.com/-toVlSHzFLVY/WxD7TPSteKI/AAAAAAAAAuk/cChy9wVpGZogEyWO5qEw2p_x0RGXZJxDQCLcBGAs/s1600/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-toVlSHzFLVY/WxD7TPSteKI/AAAAAAAAAuk/cChy9wVpGZogEyWO5qEw2p_x0RGXZJxDQCLcBGAs/s1600/Exelturf.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
78036050ca64c88f592631cf715269635c88191655e7c21f5434e3c27836e897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 09:32:05 GMT
x-content-type-options
nosniff
age
5894
content-disposition
inline;filename="Exelturf.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16130
x-xss-protection
0
server
fife
etag
"v2ea"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Oct 2021 06:29:55 GMT
3.png
www.espace-turf.com/images/
Redirect Chain
  • https://www.espace-turf.com/button.php?u=mestocards
  • https://www.espace-turf.com/images/3.png
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.espace-turf.com/images/3.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Server
213.186.33.2 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster002.ovh.net
Software
Apache /
Resource Hash
d6788654c3196661e23320c3e7cdfe99d79c7ce919e5cde4ca2d360c919f3eb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
last-modified
Thu, 18 Aug 2016 17:10:12 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
1211
expires
Thu, 28 Oct 2021 11:25:20 GMT

Redirect headers

location
https://www.espace-turf.com/images/3.png
date
Thu, 28 Oct 2021 11:10:19 GMT
server
Apache
x-powered-by
PHP/5.6
content-type
text/html; charset=UTF-8
19123003402124533116576776.png
nsm09.casimages.com/img/2019/12/30// 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsm09.casimages.com/img/2019/12/30//19123003402124533116576776.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.164.142 , France, ASN16276 (OVH, FR),
Reverse DNS
ns360576.ip-91-121-164.eu
Software
Apache /
Resource Hash
ea7532287ca26f44233095072fdcf6e5db368e315016ddac859c91e2f1b023f0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:24:54 GMT
Last-Modified
Mon, 30 Dec 2019 15:05:44 GMT
Server
Apache
ETag
"94ff743-30da-59aed2d796673"
Strict-Transport-Security
max-age=31556926
Content-Type
image/png
Access-Control-Allow-Origin
https://www.casimages.com
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12506
Expires
Fri, 28 Oct 2022 11:24:54 GMT
Turfderniere.gif
3.bp.blogspot.com/-K-7S9AehsR4/Wt-iTofj-6I/AAAAAAAAAow/7CM9WK8ntmIpsNvkRORxPQNiiVe--r86gCLcBGAs/s1600/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-K-7S9AehsR4/Wt-iTofj-6I/AAAAAAAAAow/7CM9WK8ntmIpsNvkRORxPQNiiVe--r86gCLcBGAs/s1600/Turfderniere.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ca6c6248a3c499d7099515bce35d91fd1c60aa5ebb642352cfb4652c3f0b7f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 08:40:44 GMT
x-content-type-options
nosniff
age
8975
content-disposition
inline;filename="Turfderniere.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6922
x-xss-protection
0
server
fife
etag
"v28d"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 05 Oct 2021 18:17:27 GMT
Prono-du-jour%2B28.jpg
1.bp.blogspot.com/-wmcyw1UIh1o/YXm7Qv-gFnI/AAAAAAAAois/FkSQcskNWZEPCKAqJ_fQ_KI2NNaVGndPgCNcBGAsYHQ/w452-h640/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-wmcyw1UIh1o/YXm7Qv-gFnI/AAAAAAAAois/FkSQcskNWZEPCKAqJ_fQ_KI2NNaVGndPgCNcBGAsYHQ/w452-h640/Prono-du-jour%2B28.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
41b82806db61db808f4a3e9d68430dc3b2580b60e69f882b6d7b65d0a60bdad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:16:25 GMT
x-content-type-options
nosniff
age
3234
content-disposition
inline;filename="Prono-du-jour 28.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104450
x-xss-protection
0
server
fife
etag
"va22c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 28 Oct 2021 20:53:29 GMT
letriangle.gif
3.bp.blogspot.com/-SsQYRLB7Y3M/WvHBDjh7P9I/AAAAAAAAAqw/id8UiRSmobADRAexfbQD_t7l2C5yLSOpQCEwYBhgL/s1600/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-SsQYRLB7Y3M/WvHBDjh7P9I/AAAAAAAAAqw/id8UiRSmobADRAexfbQD_t7l2C5yLSOpQCEwYBhgL/s1600/letriangle.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
964b2a54bd84ec954555059e464fa907120819ab3a08bb58b7f3235009a61d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 09:35:36 GMT
x-content-type-options
nosniff
age
5683
content-disposition
inline;filename="letriangle.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25745
x-xss-protection
0
server
fife
etag
"v2ac"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Oct 2021 09:59:09 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:58 GMT
requestform.js
ads.themoneytizer.com/s/ 		144 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=19
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
97d1ee38890979ce4d59708f132b44c14f862b97b1a044385976bb3549378783

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
icon18_email.gif
resources.blogblog.com/img/ 		164 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_email.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:59:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Oct 2021 04:50:53 GMT
server
sffe
age
562273
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
164
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 28 Oct 2021 22:59:06 GMT
logo_468x60.gif
4.bp.blogspot.com/-hFuLtcLsI0w/XKNHQsEy56I/AAAAAAAAFqo/H6hpF6ZuPKcpkJ5ETOLGgHf0PDhcOR92ACLcBGAs/s468/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-hFuLtcLsI0w/XKNHQsEy56I/AAAAAAAAFqo/H6hpF6ZuPKcpkJ5ETOLGgHf0PDhcOR92ACLcBGAs/s468/logo_468x60.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
44ddd662154d74049c0e225cf8ffd6de8252d36bcdf95ee11e2fe8e4cbbd9a4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 09:12:47 GMT
x-content-type-options
nosniff
age
7052
content-disposition
inline;filename="logo_468x60.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
62798
x-xss-protection
0
server
fife
etag
"v16ac"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Oct 2021 06:29:55 GMT
T-AgHbAyI_AC7YiRABiDvnqXGplgIU29TgRTfgORkMHeg-fwZqiynBWo5RKbuozq4HRUeHa1iVrgOwDmI4r4_FGNNhippe67o9OdQaCHbHAAjqomE1TVK-lJQIJIXyE4T0PQQ9o=s0-d
lh6.googleusercontent.com/proxy/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/T-AgHbAyI_AC7YiRABiDvnqXGplgIU29TgRTfgORkMHeg-fwZqiynBWo5RKbuozq4HRUeHa1iVrgOwDmI4r4_FGNNhippe67o9OdQaCHbHAAjqomE1TVK-lJQIJIXyE4T0PQQ9o=s0-d
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
968dad02a7e1420bdf8ab3109ae97d2621a336caa918dbcd553ddc15e7c7e5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:04:19 GMT
x-content-type-options
nosniff
server
fife
age
3960
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42936
x-xss-protection
0
expires
Fri, 29 Oct 2021 10:04:19 GMT
B4Hp4avZYiqOyKOIQokcOqGxUUBXncdGGbj-NB8QygoQe-lwGdXR9-k1TkjUbx6nBBsV6rB928-kqFMFqRC8_31flf-8Fg=s0-d
lh5.googleusercontent.com/proxy/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/B4Hp4avZYiqOyKOIQokcOqGxUUBXncdGGbj-NB8QygoQe-lwGdXR9-k1TkjUbx6nBBsV6rB928-kqFMFqRC8_31flf-8Fg=s0-d
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c1ebf0cfa731ab6c1c044cf5423597c43b6cb6d33e6fb35e817c4afd798d3fd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:16:25 GMT
x-content-type-options
nosniff
server
fife
age
3234
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2003
x-xss-protection
0
expires
Fri, 29 Oct 2021 10:16:25 GMT
plogo-gralon.gif
logo.gralon.net/
Redirect Chain
  • https://www.gralon.net/plogo-gralon-164300.gif
  • https://logo.gralon.net/plogo-gralon-164300.gif
  • https://logo.gralon.net/plogo-gralon.gif
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logo.gralon.net/plogo-gralon.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Server
164.132.167.149 , France, ASN16276 (OVH, FR),
Reverse DNS
sp1.gralon.net
Software
Apache /
Resource Hash
8eb3393fdefbb4858cfd08a16826e254db919dd0b4778e72f5bb05b329212319

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Last-Modified
Thu, 02 Jun 2016 19:25:14 GMT
Server
Apache
ETag
"1e17-5345090c3a20c"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7703

Redirect headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
Apache
Vary
User-Agent
Content-Type
text/html; charset=UTF-8
Location
https://logo.gralon.net/plogo-gralon.gif
Cache-control
public, no-cache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1
jzp6dGV4R1B7aNGHNnqPm7FvJBdNO18YhTdUZGRj81IDX_9DtXMig6H7x4n5nu26zybdl6DjGXQjBUs8MnKo52_LkM2X17Q=s0-d
lh5.googleusercontent.com/proxy/ 		165 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/jzp6dGV4R1B7aNGHNnqPm7FvJBdNO18YhTdUZGRj81IDX_9DtXMig6H7x4n5nu26zybdl6DjGXQjBUs8MnKo52_LkM2X17Q=s0-d
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
48e15ee97ae2838f110be60c6174f23fb7b8bc6fec53c81a02d87de35fc86488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:16:25 GMT
x-content-type-options
nosniff
server
fife
age
3234
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165
x-xss-protection
0
expires
Fri, 29 Oct 2021 10:16:25 GMT
element.js
translate.google.com/translate_a/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b79d9db28c5b61c1d6474cf18ea078dcbb88299a48a9ad6783d86bbaab8f4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdcrOUQJ5A0XjUsDeGZ-_eqsZk56vM_zvjI3xTdiUKL5x2z-1iESwhvjOCa2o9gugg","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcrOUQJ5A0XjUsDeGZ-_eqsZk56vM_zvjI3xTdiUKL5x2z-1iESwhvjOCa2o9gugg"}]}
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdcrOUQJ5A0XjUsDeGZ-_eqsZk56vM_zvjI3xTdiUKL5x2z-1iESwhvjOCa2o9gugg"
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=20
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:37 GMT
requestform.js
ads.themoneytizer.com/s/ 		144 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=20
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
5b05f626dad635b029ebd6f4989747d840821623450792926569314c283f599f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:44 GMT
requestform.js
ads.themoneytizer.com/s/ 		144 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=2
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
3525951505a9ab7489c99527b26d5512a2d823f435c8cc14c47f84f86d05bc6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=3
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:56 GMT
requestform.js
ads.themoneytizer.com/s/ 		144 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=3
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
6bb9fa938894a51bcc3af12dbace92e05976377aa25363cb8758894eb7f567ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
0qZhGknJvXeCW1ip3i4zC9rAvAS-W3ifY_Newv7Gz77o75xfcjvt1ufB_KIhTNu2lTqaJMHallWCt3zxgVWk9_iMgpdwg59aHow=s0-d
lh4.googleusercontent.com/proxy/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/0qZhGknJvXeCW1ip3i4zC9rAvAS-W3ifY_Newv7Gz77o75xfcjvt1ufB_KIhTNu2lTqaJMHallWCt3zxgVWk9_iMgpdwg59aHow=s0-d
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a5cca543bef8bdce745b85c727df2749655d907fe30721f07c36a68bff8785fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:04:24 GMT
x-content-type-options
nosniff
server
fife
age
3955
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11295
x-xss-protection
0
expires
Fri, 29 Oct 2021 10:04:24 GMT
TUZ57eXQkOlIRvA7ChwQBJKpf1mmc7KDnycf3Ogr6S9a6exXBuRUyzOQZ4Gd3mxyNVd9f75wcJixQPwrkTj3d9YA8CPdScA=s0-d
lh3.googleusercontent.com/proxy/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/TUZ57eXQkOlIRvA7ChwQBJKpf1mmc7KDnycf3Ogr6S9a6exXBuRUyzOQZ4Gd3mxyNVd9f75wcJixQPwrkTj3d9YA8CPdScA=s0-d
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6aee6599b678ca65aed3d15778767ba321e52449814c92099fd47584eb545814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 08:16:28 GMT
x-content-type-options
nosniff
server
fife
age
10431
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87141
x-xss-protection
0
expires
Fri, 29 Oct 2021 08:16:28 GMT
rEjsNrc9J9X5ZBith9KvrMKpN5WPHdVwsSwYG5jVSRw6eQ0QR31L-er34XoobGa5CsjBbxZKsHLMtQohgK9P9uRdJSJ7HA=s0-d
lh5.googleusercontent.com/proxy/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/rEjsNrc9J9X5ZBith9KvrMKpN5WPHdVwsSwYG5jVSRw6eQ0QR31L-er34XoobGa5CsjBbxZKsHLMtQohgK9P9uRdJSJ7HA=s0-d
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8a4af905a3cd200ef3ec11044beff81c4f016c72379da956d73ac0a9adf1bd70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:16:25 GMT
x-content-type-options
nosniff
server
fife
age
3234
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19818
x-xss-protection
0
expires
Fri, 29 Oct 2021 10:16:25 GMT
NADO-PRONO-2020.gif
4.bp.blogspot.com/-NC59P8iKT6E/X6LAHUdGBGI/AAAAAAAAAQU/cSF6UwSekdEloMZVPs44nKVMx9ah04qwwCK4BGAYYCw/s1110/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-NC59P8iKT6E/X6LAHUdGBGI/AAAAAAAAAQU/cSF6UwSekdEloMZVPs44nKVMx9ah04qwwCK4BGAYYCw/s1110/NADO-PRONO-2020.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
87c3db3bd069cab6ee7dfed7229409ee72ff9501b2aa3117fb0c750afff69c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 09:00:01 GMT
x-content-type-options
nosniff
age
7818
content-disposition
inline;filename="NADO-PRONO-2020.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
102987
x-xss-protection
0
server
fife
etag
"v106"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Oct 2021 06:29:55 GMT
pmuvoyance.gif
www.top-pmu.com/img5/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.top-pmu.com/img5/pmuvoyance.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
f5e308ac2a006bbb916f5ccc4eda6230f7a6a3d79ff1e9c5cd7e2cef7b7bf2bf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:23 GMT
Last-Modified
Thu, 24 Sep 2020 16:09:05 GMT
Server
Apache
ETag
"92d12c-33dc-5b0116b51aa40"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
13276
btn_buynowCC_LG.gif
www.paypalobjects.com/fr_FR/FR/i/btn/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/fr_FR/FR/i/btn/btn_buynowCC_LG.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e80cccdcc04421b317d4153a34721a65e5f0ffe33fd85302a6671bd8f09eaac
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=4835 idim=192x47 ifmt=gif ofsz=3712 odim=192x47 ofmt=gif
paypal-debug-id
1720c38c51199
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
3712
x-served-by
cache-sjc10071-SJC, cache-fra19161-FRA
x-timer
S1635419420.013016,VS0,VE1
etag
"K+pwJL0lOcz1Nmz78kGJz6nFl8XWNGwheLxzNQhSmGs"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
24, 1
pixel.gif
www.paypalobjects.com/fr_FR/i/scr/ 		42 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/fr_FR/i/scr/pixel.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
74753e1a3910a
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
42
x-served-by
cache-sjc10045-SJC, cache-fra19161-FRA
x-timer
S1635419420.013158,VS0,VE1
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
114, 1
btn_donateCC_LG.gif
www.paypalobjects.com/fr_FR/FR/i/btn/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/fr_FR/FR/i/btn/btn_donateCC_LG.gif
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
351b661f5071324acb495bdb9e3a33e9f0dd03053d2f3a951223887de7c4a0cd
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=5180 idim=196x47 ifmt=gif ofsz=3984 odim=196x47 ofmt=gif
paypal-debug-id
a145cdf0223a3
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
3984
x-served-by
cache-sjc10047-SJC, cache-fra19161-FRA
x-timer
S1635419420.013231,VS0,VE1
etag
"YdzC77islEuvylzNBFyXzIjE8sd149f8AW9OINkpLHQ"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
32, 1
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=16
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:56 GMT
requestform.js
ads.themoneytizer.com/s/ 		137 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=16
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
54c76c3ed8080d28a9380e937ff80c918f780b793671e716d7c004e643b8d24b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
15547
expires
Thu, 04 Nov 2021 11:10:19 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=15
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:47 GMT
requestform.js
ads.themoneytizer.com/s/ 		137 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=15
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
0f11b3aad5f3399f4c8fb088b5fafbc07f1e694a3e78eae41f34378b00b44807

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:10:15 GMT
requestform.js
ads.themoneytizer.com/s/ 		144 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=28
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
33534b7788433eca29ba936345295a56744ea4b340bf47d44ee60c91d59c2dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=5
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
content-length
2128
expires
Thu, 04 Nov 2021 11:09:40 GMT
requestform.js
ads.themoneytizer.com/s/ 		138 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=5
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4beff6cc9460db3c269d6bff107189217e78e137a074d34ce2179e06e1a8db91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:19 GMT
cookienotice.js
www.mestocards.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mestocards.com/js/cookienotice.js
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/?m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 08:51:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 04 Nov 2021 11:10:19 GMT
1140752822-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1140752822-widgets.js
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e119c886aca66524af218d0cfa2acec625e20faa8fc3a116f19bf422353b983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 01:52:37 GMT
x-content-type-options
nosniff
age
119862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
158134
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 08:51:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 27 Oct 2022 01:52:37 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
4185
date
Thu, 28 Oct 2021 10:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 28 Oct 2021 12:00:34 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5530972576527352122&zx=46e35d3e-8e2c-49a5-b72e-f77e13786ae3
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 11:10:19 GMT
server
GSE
date
Thu, 28 Oct 2021 11:10:19 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 		403 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 03:35:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Oct 2021 14:51:37 GMT
server
sffe
age
200081
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
403
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 02 Nov 2021 03:35:38 GMT
Mestocardsduquinte_1200X211-1.jpg
1.bp.blogspot.com/-pcGHgqMbSI8/W0B5XopU5jI/AAAAAAAABTk/TkmQisR7WHIXlN0V8NV16S42o3ERXuQvwCK4BGAYYCw/s1600/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-pcGHgqMbSI8/W0B5XopU5jI/AAAAAAAABTk/TkmQisR7WHIXlN0V8NV16S42o3ERXuQvwCK4BGAYYCw/s1600/Mestocardsduquinte_1200X211-1.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7b9666f953c12db45b1e4b229e18eb97dfd6e6b4d43f7494bea3f6af4db5bc97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 09:08:25 GMT
x-content-type-options
nosniff
age
7314
content-disposition
inline;filename="Mestocardsduquinte_1200X211-1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
78794
x-xss-protection
0
server
fife
etag
"v53a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 23 Sep 2021 16:58:23 GMT
/
g.themoneytizer.net/g/ 		26 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:0D85_91EFC191:01BB_617A851B_66D94C7:2CF99
X-IPLB-Instance
29820
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
nginx
etag
"604b9fc7-981e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
16267
expires
Thu, 04 Nov 2021 11:09:32 GMT
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=31&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:19 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31F7_36264064:01BB_617A851B_BFF0A0C:9916
X-IPLB-Instance
20686
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
81 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8fceb9666c98db92674eadc3bf22b5811f633e794c6400d43d9e1075e9d7618d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Oct 2021 07:37:07 GMT
Server
AkamaiNetStorage
ETag
"dd8f4c5a387008ec698123592c1e7a85:1634197388.862531"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23942

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Thu, 28 Oct 2021 11:10:19 GMT
content-length
0
sync
gum.criteo.com/ 		49 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 28 Oct 2021 11:10:19 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1675
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:53 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
4E2FD01E:F591_91EFC0A6:01BB_617A851C_1A799389:232FC
ETag
"6167dbf9-15ab"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame E25B 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1635419419856
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 29A8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4048fbb5d329592ca974e0c137e410a0955c2a03816ba2c18c07c061b93bc836

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/

Response headers

date
Thu, 28 Oct 2021 11:10:19 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.mestocards.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a53b78ea9484ee0-FRA
content-encoding
br
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
content-encoding
gzip
etag
"f5gpBRZmwYYTVm3LkZ0l2w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 04 Nov 2021 11:10:20 GMT
px.js
p.cpx.to/p/12773/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12773/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2a9aa39e9aa2ecfff607f62081828e2d1ce3c04d098e7a0f57ce1810aeed147c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
3479
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.151 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-151.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 03:08:06 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
28935
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
9bIrUmvZwENG5tE481kAdajpss4useFiGnobsw5wqnvzBxzYa31KMQ==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Oct 2021 11:01:51 GMT
Server
Apache
ETag
"da1b07-930b-5cf67a34b7bdb"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3152
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Thu, 28 Oct 2021 12:02:52 GMT
prebid.js
ads.themoneytizer.com/moneybid4_40/build_rb/dist/ 		553 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_40/build_rb/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4e02c645453b50e3c726d649a0bfd39705e1a98be1471c2b59e5234935697edb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 07:54:58 GMT
server
nginx
etag
"61498fd2-8a234"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
175278
expires
Thu, 04 Nov 2021 11:09:41 GMT
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:19 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31F7_36264064:01BB_617A851B_BFF0A0F:9916
X-IPLB-Instance
20686
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.mestocards.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.mestocards.com/choice.js
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
214ecc0569a53af492e04cdd586d2adaa563a639460053c5feb8290a743edb6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 28 Oct 2021 11:10:21 GMT
content-encoding
gzip
last-modified
Tue, 22 Dec 2020 17:08:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"90e40f5ed7460d6c3e68229f430bb97e"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
PnM05ctzNkut1zU2Cb1SobfeYDIdfIPokv8cQTzROMv7YbCFrK0FEA==
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=34&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31FF_36264064:01BB_617A851B_C0333A3:23E8F
X-IPLB-Instance
24857
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31FD_36264064:01BB_617A851B_C035B90:193D6
X-IPLB-Instance
38442
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
geo
rbx
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=19&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:22 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:3205_36264064:01BB_617A851B_63E91D4:2FDD
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
share_buttons_20_3.png
www.blogger.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/share_buttons_20_3.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 03:12:40 GMT
x-content-type-options
nosniff
age
547059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5080
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 02:50:35 GMT
server
sffe
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 29 Oct 2021 03:12:40 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.RV3A34uh8TA.O/d=1/rs=AN8SPfqmSladw1raM41W46mpn8urLo37Ag/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="rosetta"
expires
Thu, 28 Oct 2021 11:58:05 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.RV3A34uh8TA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqmSladw1raM41W46mpn8urLo37Ag/ 		222 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.RV3A34uh8TA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqmSladw1raM41W46mpn8urLo37Ag/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.RV3A34uh8TA.O/d=1/rs=AN8SPfqmSladw1raM41W46mpn8urLo37Ag/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07343edc07ec00fa9191a67d9614e5864c14e4d874e3f84dbc63f226b7d6c852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77587
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 21:13:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="rosetta"
expires
Fri, 28 Oct 2022 08:58:06 GMT
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=20&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31F7_36264064:01BB_617A851C_BFF0A13:9916
X-IPLB-Instance
20686
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=2&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:320B_36264064:01BB_617A851B_C04E5C3:118AE
X-IPLB-Instance
38439
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=3&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31FF_36264064:01BB_617A851C_C0333AD:23E8F
X-IPLB-Instance
24857
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=19&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31F7_36264064:01BB_617A851C_BFF0A15:9916
X-IPLB-Instance
20686
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=16&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31FD_36264064:01BB_617A851C_C035B93:193D6
X-IPLB-Instance
38442
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
authorization.css
www.blogger.com/dyn-css/ 		1 B
111 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5530972576527352122&zx=46e35d3e-8e2c-49a5-b72e-f77e13786ae3
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 11:10:20 GMT
server
GSE
date
Thu, 28 Oct 2021 11:10:20 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:320B_36264064:01BB_617A851C_C04E5C5:118AE
X-IPLB-Instance
38439
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=28&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31F7_36264064:01BB_617A851C_BFF0A16:9916
X-IPLB-Instance
20686
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=506615783&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mestocards.com%2F%3Fm%3D1&ul=en-us&de=UTF-8&dt=Blog%20Enti%C3%A8rement%20Gratuit%20Mestocards%20du%20Quint%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=909928995&gjid=748057353&cid=1447697047.1635419420&tid=UA-92282602-1&_gid=1002661928.1635419420&_r=1&_slc=1&z=1010520104
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mestocards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=506615783&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mestocards.com%2F%3Fm%3D1&ul=en-us&de=UTF-8&dt=Blog%20Enti%C3%A8rement%20Gratuit%20Mestocards%20du%20Quint%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1210254962&gjid=1704283123&cid=1447697047.1635419420&tid=UA-92282602-1&_gid=1002661928.1635419420&_r=1&z=1957964761
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mestocards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 29A8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d3-fcda-432f-5628-0a50f1b0f0da%2...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=1840280569231006636&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=1840280569231006636&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6a53b7903c084ee0-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:20 GMT
X-Proxy-Origin
78.47.208.30; 78.47.208.30; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
78b3fec6-e982-48d0-a7a7-edd7ef34302a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=1840280569231006636&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 29A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMNQLfxw6MzNpPvVSmiPvN0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26d...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEMNQLfxw6MzNpPvVSmiPvN0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6a53b7904c204ee0-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEMNQLfxw6MzNpPvVSmiPvN0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
450
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 29A8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d3-fcda-432f-5628-0a50f1b0f0da%26reqId%3Dcc26284b-9a86-452d-502d-26dfe6...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d3-fcda-432f-5628-0a50f1b0f0da%26reqId%3Dcc26284b-9a86-452d-502d-26dfe6...
  • https://mwzeom.zeotap.com/mw?cid=588c2729-e027-43f8-ae98-1fbf2c04fcdb&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=588c2729-e027-43f8-ae98-1fbf2c04fcdb&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6a53b790dd0d4ee0-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=588c2729-e027-43f8-ae98-1fbf2c04fcdb&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
449
mw
mwzeom.zeotap.com/ Frame 29A8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=64651939655593692743338291400120045275&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca5...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=64651939655593692743338291400120045275&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6a53b7914dfc4ee0-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v019-0dab1dc84.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
f44LIQ3NS7Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=64651939655593692743338291400120045275&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/ Frame 29A8
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=Iotf95Ii%2Bz%2FBTzlHbP7JxXTtUQ8Xrig%2F%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=Iotf95Ii%2Bz%2FBTzlHbP7JxXTtUQ8Xrig%2F%2BS41iYitP1U%3D
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6a53b7905c3c4ee0-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=Iotf95Ii%2Bz%2FBTzlHbP7JxXTtUQ8Xrig%2F%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 29A8
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D3b69c0d...
  • https://mwzeom.zeotap.com/mw?cid=def8617a-851c-4e00-891d-a43ca2390ceb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26df...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=def8617a-851c-4e00-891d-a43ca2390ceb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6a53b7908c6e4ee0-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
MT3 4044 0c7f252 master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=def8617a-851c-4e00-891d-a43ca2390ceb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Thu, 28 Oct 2021 11:10:19 GMT
cmp.min.js
spl.zeotap.com/ Frame 29A8 		541 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3089c92ccfd19041c044c16f7caee17805f746c6b9af7ed1c15a8fced1c41f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6a53b78fdb704ee0-FRA
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Thu, 28 Oct 2021 11:10:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=5&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:320B_36264064:01BB_617A851C_C04E5C9:118AE
X-IPLB-Instance
38439
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=11786&f=5&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=11786&formatId=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:20 GMT
Server
nginx
X-IPLB-Request-ID
4E2FD01E:31FF_36264064:01BB_617A851C_C0333B2:23E8F
X-IPLB-Instance
24857
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
stats
www.mestocards.com/b/ 		410 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mestocards.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmD2bdcUiJx-UiFzNDis-qW5GJRZOB1Hlwjw18bUMerJ1JkzABTRqe-aTAmgEKGSYuCN6Xp_dQHhNKUmyU-OAByEfRcMow
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1140752822-widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0a1d9fa87938e058bec1d7ddac224d2ae04457ce709e68ee654d132bd21efee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/?m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
content-length
250
x-xss-protection
1; mode=block
expires
Thu, 28 Oct 2021 11:10:20 GMT
1.gif
id5-sync.com/c/12/0/9/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Server
51.89.20.87 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p19.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:19 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
Date
Thu, 28 Oct 2021 11:10:19 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:00:26 GMT
content-encoding
gzip
age
594
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
NbiQlq88tOkCZSl4OQTVByERsRQgsRIyHNHsp23RyWqnotnrXTTvlQ==
truncated
/ Frame C109 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acf3a01aa1b63a4ab6cca270b4fa30cb7c574166ac4897b25dfa71117cecc637

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:55:09 GMT
x-content-type-options
nosniff
age
911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 28 Oct 2022 10:55:09 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 17:45:53 GMT
x-content-type-options
nosniff
age
235467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 25 Oct 2022 17:45:53 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 19:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
488562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 22 Oct 2022 19:27:38 GMT
identity
api.rlcdn.com/api/ 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.mestocards.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
7d4295c22e3708320e27460f95a093bad9cae343d4bf47f0311ab9e2dd3fb9ab

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mestocards.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 27 Nov 2021 11:10:20 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 09:49:57 GMT
x-content-type-options
nosniff
age
4823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 28 Oct 2022 09:49:57 GMT
ac
ww1097.smartadserver.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=165318&pgid=829401&fmtid=26326&async=1&visit=m&tmstp=3835605632&tag=sas_26326&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.mestocards.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/config.js?nwid=1097
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
1430a224b5176ac4ff2b13277a1a52f056f6afacce51d33e970077e7543a4ef8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b21%3b63
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
4526291
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
ww1097.smartadserver.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=165318&pgid=829401&fmtid=26325&async=1&visit=s&tmstp=3835605632&tag=sas_26325&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.mestocards.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/config.js?nwid=1097
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6a144c015e730f48da35f4e11ed11a1337c80334a5064482f1c6e40779d20ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:19 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b19%3b72
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10341916
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
cmp
spl.zeotap.com/ Frame 29A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=3b69c0d3-fcda-432f-5628-0a50f1b0f0da&reqId=cc26284b-9a86-452d-502d-26dfe6bcca50&uc=2&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a53b7904c1e4ee0-FRA
usync.html
eus.rubiconproject.com/ Frame 809F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=165318&pgid=829401&fmtid=26326&async=1&visit=m&tmstp=3835605632&tag=sas_26326&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.mestocards.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Oct 2021 11:10:20 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date
Thu, 28 Oct 2021 11:10:20 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
tbframe.js
cdn.taboola.com/shared/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/shared/tbframe.js
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding
gzip
etag
"0c6cdb6c2f89bf98124c3679a3412fb6"
age
11899
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
3897
x-amz-id-2
eCMgx+O6Lrddh3zOBu9bpC7/Z+CBYeHdp+eMw3+6E4pwnEzBnSD/Rd94ImbfDQT+8ljdp7AOEi4=
x-served-by
cache-fra19135-FRA
last-modified
Thu, 14 Apr 2016 14:04:36 GMT
server
AmazonS3
x-timer
S1635419420.256034,VS0,VE0
date
Thu, 28 Oct 2021 11:10:20 GMT
vary
Accept-Encoding
x-amz-request-id
BGJZHR2JCJWQ7QFS
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/x-javascript
abp
21
x-cache-hits
980
aip
eqx.smartadserver.com/h/ 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eqx.smartadserver.com/h/aip?uii=234012884493714097&tmstp=3835605632&ckid=0&pubid=21&systgt=%24qc%3d1314162586%3b%24ql%3dHigh%3b%24qpc%3d10243%3b%24qt%3d25_632_5967t%3b%24dma%3d0%3b%24b%3d16950%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d18%3b%24wpc%3d165%3b%24wpc%3d817%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d1273%3b%24wpc%3d1894%3b%24wpc%3d5179&acd=1635419420205&envtype=0&hol_cpm=0&opid=c9f3332c-aa7a-410a-9a51-5c228f0b7321&opdt=1635419420205&siteid=165318&tgt=%24dt%3d1t&gdpr=1&visit=V&statid=19&imptype=0&pgDomain=https%3a%2f%2fwww.mestocards.com%2f&capp=0&mcrdbt=1&insid=8698524&imgid=0&pgid=829401&fmtid=26326&isLazy=0
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
notifyme.php
adtrack.adleadevent.com/ 		0
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.215.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-215-116.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Oct 2021 11:10:20 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.mestocards.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
headerstats
as-sec.casalemedia.com/ 		0
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.mestocards.com%2F%3Fm%3D1&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:20 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.30], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.mestocards.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Thu, 28 Oct 2021 11:10:20 GMT
34704
sac.ayads.co/sublime/
Redirect Chain
  • https://ads.ayads.co/ajs.php?zid=34704
  • https://sac.ayads.co/sublime/34704
420 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sac.ayads.co/sublime/34704
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Server
2606:4700:10::6814:b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663da5c421727af323d163ff34dbb3083a01e46bf05dc30166ff78d3a6ea44b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Thu, 28 Oct 2021 11:10:20 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
cf-ray
6a53b7911d14697b-FRA
expires
Thu, 28 Oct 2021 12:10:20 GMT

Redirect headers

date
Thu, 28 Oct 2021 11:10:20 GMT
cf-cache-status
HIT
server
cloudflare
age
4119
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://sac.ayads.co/sublime/34704
cache-control
public, max-age=86400
cf-ray
6a53b790dc66697b-FRA
expires
Fri, 29 Oct 2021 11:10:20 GMT
aip
eqx.smartadserver.com/h/ 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eqx.smartadserver.com/h/aip?uii=236546159284111542&tmstp=3835605632&ckid=0&pubid=19&systgt=%24qc%3d1314162586%3b%24ql%3dHigh%3b%24qpc%3d10243%3b%24qt%3d25_632_5967t%3b%24dma%3d0%3b%24b%3d16950%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d18%3b%24wpc%3d165%3b%24wpc%3d817%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d1273%3b%24wpc%3d1894%3b%24wpc%3d5179&acd=1635419420226&envtype=0&hol_cpm=0&opid=41b395b2-2cf2-43d5-8186-3bce86daa387&opdt=1635419420226&siteid=165318&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=19&imptype=0&pgDomain=https%3a%2f%2fwww.mestocards.com%2f&capp=1&mcrdbt=1&insid=10341916&imgid=0&pgid=829401&fmtid=26325&isLazy=0
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:19 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
stats-flipper.png
www.blogger.com/img/widgets/ 		233 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/widgets/stats-flipper.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2911f4e04096744757ceab7a895e0ee51494b6feaefaef9f1870272b3dc2dcca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 02:36:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Oct 2021 21:53:41 GMT
server
sffe
age
30820
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
233
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 04 Nov 2021 02:36:40 GMT
loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame D55A 		1 MB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f56367ea7b65fc2dd5774848780dcd2852230d6a2cbc2483fd4f752cd70d2f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
N7Hy4CbWCXWJhBlarkAW3ntpXxPi0WHa
content-encoding
gzip
etag
"0364ac2ecb22177467a8075f3b8060ae"
age
3592
x-cache
HIT
content-length
240994
x-amz-id-2
MUsNJQayQzi+wuXQ2KdQ4lXYSS1KiNuvP0NtTpgl5T2DYZWlsOQ4rW4NNlNGGIwkNhUAWdUfypA=
x-served-by
cache-fra19135-FRA
last-modified
Thu, 28 Oct 2021 10:09:41 GMT
server
AmazonS3
x-timer
S1635419420.292309,VS0,VE0
date
Thu, 28 Oct 2021 11:10:20 GMT
vary
Accept-Encoding
x-amz-request-id
PZEV6T8C1PWAHS5G
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
90
x-cache-hits
229
usync.js
eus.rubiconproject.com/ Frame 809F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ca92d77c2d1c7c39f86a0feab4223131bea068006d0c58a75c9e951132e07731

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Oct 2021 21:13:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36254
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9393
Expires
Thu, 28 Oct 2021 21:14:34 GMT
impl.20211027-2-RELEASE.js
cdn.taboola.com/libtrc/ Frame D55A 		595 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8236a4d608808856af09b9251e7b8a7d581597e8cca68a092b3573fc0b3ce294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
7vhNL0B8bVW0vN4pxY_zaSSQnaNY7M1g
content-encoding
br
etag
"7ed1ae8a8cb1174d3e699b09b794d5f0"
age
8891
x-cache
HIT
content-length
124015
x-amz-id-2
O47Db7h+2R0ik5fOogWPFlEuCG3nEUS+4MxNhLF9fk9IfMv7L056N4vM6/G9uPcaJg7Z/dbXRnU=
x-served-by
cache-fra19135-FRA
last-modified
Wed, 27 Oct 2021 08:41:28 GMT
server
AmazonS3-br
x-timer
S1635419420.371132,VS0,VE0
date
Thu, 28 Oct 2021 11:10:20 GMT
vary
Accept-Encoding
x-amz-request-id
FG5B6XSBGRMPV5YN
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
21
x-cache-hits
28286
json
trc.taboola.com/themonetizer-mestocards/trc/3/ Frame D55A 		17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-mestocards/trc/3/json?tim=11%3A10%3A20.418&lti=deflated&data=%7B%22id%22%3A699%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1635415777927%2C%22vi%22%3A1635419420417%2C%22cv%22%3A%2220211027-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.mestocards.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.mestocards.com%2F%3Fm%3D1%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1230%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A1230%2C%22dh%22%3A150%2C%22qs%22%3A%22%3Fm%3D1%22%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-tm%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22165318%20Below%20Article%20Monetizer%22%2C%22orig_uip%22%3A%22165318%20Below%20Article%20Monetizer%22%2C%22cd%22%3A8%2C%22mw%22%3A1214%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C165318%20Below%20Article%20Monetizer%3Dthumbnails-tm%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
db0e85ab85beb558bfaf3be4ca549643142d34df0f7da4ae29d98ea6b2220d0c

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
97
date
Thu, 28 Oct 2021 11:10:20 GMT
content-encoding
gzip
server
nginx
x-timer
S1635419420.428565,VS0,VE97
x-served-by
cache-fra19135-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.mestocards.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cmp2.js
quantcast.mgr.consensu.org/tcfv2/23/ 		266 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.mestocards.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
content-encoding
br
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:37 GMT
server
AmazonS3
etag
W/"1d55b13d85c9837da884d1e8594cc025"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
x-amz-cf-id
TCA6bpRZf1WeHeT4SvHTHXCFtLH1by0FfMgqmj8WAAyrcRjSrBuP7w==
tfa-eid.20211027-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D55A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211027-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85344bb97aa113a5a5cea00cdd7c3aa1d317a49641bfeff51b31de9260f99c25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
yRFK8tjxsOfl.p6kjlNhQBzMacXFlxyl
content-encoding
gzip
etag
"d90d45d594cf3fab21bed023e53e84a7"
age
55
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5062
x-amz-id-2
Om2igoQ7NxB2p7Hu8idrWfmT/NJfIwqlxtqwv2lndebC7FZxA9F5AS7qzN56ALeJUZWt9z58lvU=
x-served-by
cache-fra19135-FRA
last-modified
Wed, 27 Oct 2021 08:53:30 GMT
server
AmazonS3
x-timer
S1635419421.553190,VS0,VE0
date
Thu, 28 Oct 2021 11:10:20 GMT
vary
Accept-Encoding
x-amz-request-id
EXWN9JBQQY5PTQ40
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
21
x-cache-hits
186
sha256.20211027-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D55A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211027-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fcc8641a1a3950e4b44ffd383ce04caeccfc2e78f28d7928bfc926800d43d4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
GvqzWcPKzAlS88aEYafw41ZTDe0LwL.i
content-encoding
gzip
etag
"a6ff97d69833df8c11fdd2a54751c40d"
age
16
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2590
x-amz-id-2
B1M6zHkKiksaW2WA1QppshaN8HljcxzHz40sQ25pmeVxUe0Gcz0BrgRsn5SU37S/WedzZtEU/n0=
x-served-by
cache-fra19135-FRA
last-modified
Wed, 27 Oct 2021 08:54:11 GMT
server
AmazonS3
x-timer
S1635419421.553285,VS0,VE0
date
Thu, 28 Oct 2021 11:10:20 GMT
vary
Accept-Encoding
x-amz-request-id
KFN02J0WXCXJSWAC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
21
x-cache-hits
38
tb
15.taboola.com/ Frame D55A 		29 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=themonetizer-mestocards&unitType=226&tbloc=&pageType=text&pstn=165318%20Below%20Article%20Monetizer&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.mestocards.com%2F&encoded=1&uid=9e022b73-bcac-4d0f-ba32-6b268d8b98a7-tuct8740a9c&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1635419420569&tagid=&cntry=DE&platform=1&sesid=097803b8bd783386b31df0c04cc8aa6d&itemid=/&viewid=1635419420417&geolat=&geoing=&deviceifa=&appid=&sd=v2_097803b8bd783386b31df0c04cc8aa6d_9e022b73-bcac-4d0f-ba32-6b268d8b98a7-tuct8740a9c_1635419420_1635419420_CNawjgYQ44lJGIHu37TMLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGjtxY_Nk8uW5EJwAA&ri=ed29c7139125c67f02d57c2964f9dc34&appname=&cdb=&gdprApplies=true&rid=&sii=3547756622263999874&oee=true&tpubid=1197283&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=HE&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1196587&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
77fa7aaebbf0709f3d12cefb4528ebb3d43ce91a8652d1e0a89bb4431081a95a

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
content-encoding
gzip
access-control-allow-origin
https://www.mestocards.com
machineid
1415
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19135-FRA
pragma
no-cache
server
nginx
x-timer
S1635419421.573066,VS0,VE17
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20211027-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D55A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211027-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ef46d4692db1b99469930ee2bb6339f68e5d29c4a7a2b25bc405c3a7624c79e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Y1OzxZVszW82d_QwBXeMKPsEDYnXL4yQ
content-encoding
gzip
etag
"56e104e49f9b7a0bba40d6b7f7a8c9ec"
age
39
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5340
x-amz-id-2
D0dUkBuocF4FXD54Oi5oOwdhiJfCWCrWU03p13kgHuLh8fIGw3AoeWCwUxOsgo9diAfsmbNok9w=
x-served-by
cache-fra19135-FRA
last-modified
Wed, 27 Oct 2021 08:53:15 GMT
server
AmazonS3
x-timer
S1635419421.572915,VS0,VE0
date
Thu, 28 Oct 2021 11:10:20 GMT
vary
Accept-Encoding
x-amz-request-id
9ES9BSZJ60XT3J1D
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
21
x-cache-hits
37
fa7ca468d6dff49f3ccd6652c0770180.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa7ca468d6dff49f3ccd6652c0770180.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b74cdfe176480d1fbe5a766f6252e9d3ce049cd60d1b9b156e4919341a3c814

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
1754543
edge-cache-tag
525841870715292677405746326340599604542,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
462
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa7ca468d6dff49f3ccd6652c0770180.png
content-length
11296
x-request-id
ef2c386b497f0c67ef2d57d19c8cc2e0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 18 Sep 2021 04:05:50 GMT
server
nginx
x-timer
S1635419421.582731,VS0,VE1
etag
"ee71d03d173916ba8b210da769ef57d3"
x-served-by
cache-wdc5570-WDC, cache-dca17758-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
50ebfc90f445287684fca7d2163c1bba.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50ebfc90f445287684fca7d2163c1bba.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08c994f872116b41cb4b4ee836aeaa57b0ee8cb283a91ecf11744ee6174db568

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
3039498
edge-cache-tag
344589528005863460673819885138368819272,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
176
expiration
expiry-date="Mon, 27 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50ebfc90f445287684fca7d2163c1bba.jpg
content-length
41028
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 27 Aug 2021 02:37:51 GMT
server
nginx
x-timer
S1635419421.582874,VS0,VE1
etag
"0bb2a1cab75680dc46c25d493704ebb5"
x-served-by
cache-wdc5545-WDC, cache-dca17764-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
fdee546c40c9b421b4c1457fe9205156.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdee546c40c9b421b4c1457fe9205156.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
31f84ee71ea5bf581c43952c3f9782637ff26352b5187cf55605ece14b85acea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
1174646
edge-cache-tag
303271274627231483387037947395946900948,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
107
expiration
expiry-date="Sat, 06 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdee546c40c9b421b4c1457fe9205156.jpg
content-length
19460
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 06 Oct 2021 11:00:25 GMT
server
nginx
x-timer
S1635419421.582579,VS0,VE1
etag
"307377cc3e3c81f120ad8021bca92138"
x-served-by
cache-wdc5520-WDC, cache-dca17720-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
d9ac528689b3cb16947faa3c6b99d689.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9ac528689b3cb16947faa3c6b99d689.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9fed990cafbb2625b3be0e0d10b1693f33949586eab2fff831cb595004a1481

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
1101350
edge-cache-tag
329426120860858638678938982954969901460,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
446
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9ac528689b3cb16947faa3c6b99d689.png
content-length
24180
x-request-id
82d531d471a0bd9259dc04ad8aeb8a24
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 15 Oct 2021 16:07:05 GMT
server
nginx
x-timer
S1635419421.582994,VS0,VE1
etag
"d8390ff709f8d0840837510f10a8fa57"
x-served-by
cache-wdc5522-WDC, cache-dca17723-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
e991983c-00e6-4f9a-92f6-c6d9cff99831.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//bdmml.com/content/ Frame D55A 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//bdmml.com/content/e991983c-00e6-4f9a-92f6-c6d9cff99831.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
039aa430b4d29f5fb8d1af81fb0bb76d20a14db34c941bdabb7e7e2eab90a47b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
790211
edge-cache-tag
360347436777304051791851763042117500237,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
95
expiration
expiry-date="Mon, 08 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//bdmml.com/content/e991983c-00e6-4f9a-92f6-c6d9cff99831.jpg
content-length
8366
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 08 Oct 2021 13:05:40 GMT
server
nginx
x-timer
S1635419421.583306,VS0,VE1
etag
"706d294dfee030c24784a56af9d80a6f"
x-served-by
cache-wdc5569-WDC, cache-dca17732-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bef84f170ee40815cbbbaac84e3eb6ec8322f95f96999f81217c80f9e6a323b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
3035520
edge-cache-tag
322089413535885002890087190934422546620,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
104
expiration
expiry-date="Sun, 10 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length
26516
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 09 Sep 2021 03:34:40 GMT
server
nginx
x-timer
S1635419421.583465,VS0,VE1
etag
"13c18d4614565e13d67ec5fdc3a1a9f1"
x-served-by
cache-wdc5530-WDC, cache-dca12926-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
tbp
15.taboola.com/ Frame D55A 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
23585132be3d8576392bcf3b435c4503a95ce449044d135e9c9fc211484dca7e

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
content-encoding
gzip
access-control-allow-origin
https://www.mestocards.com
machineid
1451
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19135-FRA
pragma
no-cache
server
nginx
x-timer
S1635419421.583657,VS0,VE23
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
3b35c7d8b8442cc5db116628e7988f34.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b35c7d8b8442cc5db116628e7988f34.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d77f808f4ac1b28790944ad17fbba07ead59ab7464a0d055468e14742f569274

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
2972591
edge-cache-tag
624779610713053548722406857103780491129,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
78
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b35c7d8b8442cc5db116628e7988f34.png
content-length
65814
x-request-id
0450f23ee59faeb9ad42b5619f43dba0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 16 Sep 2021 19:15:32 GMT
server
nginx
x-timer
S1635419421.591104,VS0,VE1
etag
"68334f206a04b6eefa7c1b7a290dceef"
x-served-by
cache-wdc5566-WDC, cache-dca17771-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
cc7533d4f7acde91766dece1a2d570d8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc7533d4f7acde91766dece1a2d570d8.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
608e49e4887d0dc620f93be16a1320f1a8d48695f3ae3f31c5fab8ea97b1133f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
90510
edge-cache-tag
498788517830976408592631900738428962436,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
108
expiration
expiry-date="Mon, 08 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc7533d4f7acde91766dece1a2d570d8.png
content-length
15838
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 08 Oct 2021 08:52:05 GMT
server
nginx
x-timer
S1635419421.593082,VS0,VE1
etag
"82ac9d683b4ffd2398aeb46c13d41b34"
x-served-by
cache-wdc5520-WDC, cache-dca17759-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
c
kvt.cookieless-data.com/api/v1/public/p/28662/d/33/ 		286 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kvt.cookieless-data.com/api/v1/public/p/28662/d/33/c?url=https%3A%2F%2Fwww.mestocards.com%2F&args_country=FR&args_device=desktop&args_zone_id=34704&callback=sublimeCb1635419420586
Requested by
Host: ads.ayads.co
URL: https://ads.ayads.co/ajs.php?zid=34704
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 , France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-116.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
c6553fced2c467e6dcab22c00b23521497d5c25f81facc22cfec9b330c418eac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx/1.11.3
Connection
keep-alive
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Type
text/javascript; charset=UTF-8
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=wf&t=1635419419418.8&ver=20211028082101&device=d&puid=p203810577518466100&suid=s881350685255523422&z=34704&gc=0&gm=0&ga=0&gs=0&e=l&tse=1635419420594&et=1175&tfz=10&sqid=1&bw=1600&bh=1200
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
server
nginx
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		154 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc5453423408c64912bcee0b8c17daf0a1a046f1bde073600c3a106770212049

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 03:00:33 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
29388
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 28 Oct 2021 03:00:27 GMT
server
AmazonS3
etag
W/"c70cf8156fbfeefb12258748cf539900"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
m1cWYdqtWsw9HfjVyL4RnJvxnvjUkk_frWKxtfEQcWiMZeulpF1zfg==
fa7ca468d6dff49f3ccd6652c0770180.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa7ca468d6dff49f3ccd6652c0770180.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b74cdfe176480d1fbe5a766f6252e9d3ce049cd60d1b9b156e4919341a3c814

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
1754543
edge-cache-tag
525841870715292677405746326340599604542,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
462
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa7ca468d6dff49f3ccd6652c0770180.png
content-length
11296
x-request-id
ef2c386b497f0c67ef2d57d19c8cc2e0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 18 Sep 2021 04:05:50 GMT
server
nginx
x-timer
S1635419421.618063,VS0,VE0
etag
"ee71d03d173916ba8b210da769ef57d3"
x-served-by
cache-wdc5570-WDC, cache-dca17758-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.5.1/ Frame D55A 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.5.1/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee0abb0d0b5d2733ea770a94fac8e7b51342171dc3aa2f5d9acfb11efe874e7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront), 1.1 varnish
age
874707
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
28198
x-served-by
cache-fra19135-FRA
last-modified
Thu, 23 Sep 2021 05:31:44 GMT
server
AmazonS3
x-timer
S1635419421.629116,VS0,VE0
etag
"1a53526211839e799b82946db5090f26"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Hg6ivrB2pQXN2UXP6J3QsuebBw9Eo0j_L_VokZy1Qnv0Sg7Qw0D-9Q==
x-cache-hits
59804
debug
am-trc-events.taboola.com/themonetizer-mestocards/log/2/ Frame D55A 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/themonetizer-mestocards/log/2/debug?tim=11%3A10%3A20.625&type=warn&msg=video%20debug%3A%20Response%20videoCallbackData%20text%20is%20not%20empty%20&llvl=2&id=2647&cv=20211027-2-RELEASE&lt=deflated&pct=1
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
10631
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ Frame D55A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront), 1.1 varnish
age
1285304
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-fra19135-FRA
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1635419421.631287,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
Sk-dQ-vXqlkymfouDYO0ROLJleZN_EmWEBrNrUZpeGf8tabSmNbJwg==
x-cache-hits
277772
50ebfc90f445287684fca7d2163c1bba.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50ebfc90f445287684fca7d2163c1bba.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08c994f872116b41cb4b4ee836aeaa57b0ee8cb283a91ecf11744ee6174db568

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
3039498
edge-cache-tag
344589528005863460673819885138368819272,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
176
expiration
expiry-date="Mon, 27 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50ebfc90f445287684fca7d2163c1bba.jpg
content-length
41028
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 27 Aug 2021 02:37:51 GMT
server
nginx
x-timer
S1635419421.652399,VS0,VE0
etag
"0bb2a1cab75680dc46c25d493704ebb5"
x-served-by
cache-wdc5545-WDC, cache-dca17764-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
fdee546c40c9b421b4c1457fe9205156.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdee546c40c9b421b4c1457fe9205156.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
31f84ee71ea5bf581c43952c3f9782637ff26352b5187cf55605ece14b85acea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
1174646
edge-cache-tag
303271274627231483387037947395946900948,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
107
expiration
expiry-date="Sat, 06 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdee546c40c9b421b4c1457fe9205156.jpg
content-length
19460
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 06 Oct 2021 11:00:25 GMT
server
nginx
x-timer
S1635419421.652494,VS0,VE0
etag
"307377cc3e3c81f120ad8021bca92138"
x-served-by
cache-wdc5520-WDC, cache-dca17720-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
d9ac528689b3cb16947faa3c6b99d689.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9ac528689b3cb16947faa3c6b99d689.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9fed990cafbb2625b3be0e0d10b1693f33949586eab2fff831cb595004a1481

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
1101350
edge-cache-tag
329426120860858638678938982954969901460,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
446
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9ac528689b3cb16947faa3c6b99d689.png
content-length
24180
x-request-id
82d531d471a0bd9259dc04ad8aeb8a24
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 15 Oct 2021 16:07:05 GMT
server
nginx
x-timer
S1635419421.652553,VS0,VE0
etag
"d8390ff709f8d0840837510f10a8fa57"
x-served-by
cache-wdc5522-WDC, cache-dca17723-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
e991983c-00e6-4f9a-92f6-c6d9cff99831.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//bdmml.com/content/ Frame D55A 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//bdmml.com/content/e991983c-00e6-4f9a-92f6-c6d9cff99831.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
039aa430b4d29f5fb8d1af81fb0bb76d20a14db34c941bdabb7e7e2eab90a47b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
790211
edge-cache-tag
360347436777304051791851763042117500237,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
95
expiration
expiry-date="Mon, 08 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//bdmml.com/content/e991983c-00e6-4f9a-92f6-c6d9cff99831.jpg
content-length
8366
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 08 Oct 2021 13:05:40 GMT
server
nginx
x-timer
S1635419421.652648,VS0,VE0
etag
"706d294dfee030c24784a56af9d80a6f"
x-served-by
cache-wdc5569-WDC, cache-dca17732-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 2
8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bef84f170ee40815cbbbaac84e3eb6ec8322f95f96999f81217c80f9e6a323b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
3035520
edge-cache-tag
322089413535885002890087190934422546620,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
104
expiration
expiry-date="Sun, 10 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length
26516
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 09 Sep 2021 03:34:40 GMT
server
nginx
x-timer
S1635419421.652710,VS0,VE0
etag
"13c18d4614565e13d67ec5fdc3a1a9f1"
x-served-by
cache-wdc5530-WDC, cache-dca12926-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
st
imprammp.taboola.com/ Frame D9D6 		0
86 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=A452EAF421631425881333606&cicmp=1337627&cijs=1&dast=V7eVkCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG0FaTVYMGmmymG0Wo8lqtxgsR6PBbDLbLWFiFovFaLhajcaaxWIxmsxWwykYbOFzurvbsIGm0-Fz3et1v99d7fKc_h6H5eS5a_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCgOBLu6fJcHCaX3R8AAA8KIAAAAhghADrRbSIAAAAAIwAAAAAkAAKJhSUADneLJgAAAXzGl_ehJwAAAAd1Mk_bLP____8xAHnvTTIAFGkbNwY9AA8-AA9CAAAAH0M-s16edBWS7UQFq0WMAAAAAJxeoD2OJnVCZVH1____bwVwBQAQwGd8eY-bdXNSzBoGAAAAMLZAD4vfb3bYNX63y_7_________zf7PANCEkLhS0oII9MLVeEauFdZ-AQEA2N4NAOBNAC7mAOwAAAAA7v7____zAAAAAPYo2V6r8exR1vsMtvA53d31m7DFaDWZbJbD2XIxGQxHw9FofwK5GuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQa4kHVuXQ-r07Fg_m4nPvahY8MN5yLdnPJYDjXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish
x-served-by
cache-fra19135-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1635419421.652840,VS0,VE9
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 		727 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish
age
295129
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697428
x-amz-meta-mode
33188
content-encoding
br
content-length
135037
x-amz-id-2
R7UL94kG2HiQAtEkrEYE/heoUZOUgbvAnoVXd8zLt8ugqtk4mWSpT2+K3iCLbMJ+CITE7+FYECcdsLoTWgTwDQ==
x-served-by
cache-fra19135-FRA
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:50 GMT
server
AmazonS3-br
x-timer
S1635419421.652756,VS0,VE0
etag
"37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
MZ1KS47CH46547NH
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
16449
cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish
age
2278302
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697397
x-amz-meta-mode
33188
content-encoding
br
content-length
6493
x-amz-id-2
UqEr3qm5RfjvZkuVYH2+3RE9+L3aOIC/iBmkQutDGLBsmL6fIkf6k7+kTV2NXwwIZSz+HPQRRCk=
x-served-by
cache-fra19135-FRA
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:19 GMT
server
AmazonS3-br
x-timer
S1635419421.652930,VS0,VE0
etag
"083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
XY1S650H2M9RWQYJ
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
56091
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a1b760ffaaad5194e4918dc27bf1938a3e53328bffb83df2bcaf6482c86e1d2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 03:00:39 GMT
content-encoding
br
age
29382
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 21 Oct 2021 19:52:30 GMT
server
AmazonS3
etag
W/"ce2e4fb9fc40c4c0ec7bab6578115f67"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
Yiey4KudmKN67Y4sDLFJsLRxwfDFqUt8
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C2
content-type
application/json
x-amz-cf-id
g-SKhB-RAD116tgg2vHnLGx6LrDLq_rOMOK0K2ybhir4JwunSaH_HA==
PMS.js
vidstat.taboola.com/PMS/2.2.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age
2056557
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-fra19135-FRA
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1635419421.731749,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
hYmlhwUcMuy_jY0bhHen0eQYADyDybzLMR7x7dl3LWMvtY6DtLOx0A==
x-cache-hits
243829
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		290 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 03:00:38 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
29383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 28 Oct 2021 03:00:32 GMT
server
AmazonS3
etag
W/"245785af8ba94b258aadfcb233c26a42"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
bqXon_jMSgSQ7xASFflTpK4qakDyro_XuqMNV5U_oF7HnoB0kc_rug==
fire.js
s.cpx.to/ 		957 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12773&ref=&hn_ver=20&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12773/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.225.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-225-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c0212e56472554ab8aa70ccea68e34115b091d9f0d8df929311d4e3b51a5f30
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 28 Oct 2021 11:10:20 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
957
Expires
Tue, 19 Oct 2021 14:29:19 GMT
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/23/ 		469 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 19:26:27 GMT
content-encoding
br
age
56634
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:43 GMT
server
AmazonS3
etag
W/"b999c652510fc4edd897a1d667aaee33"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
rKQTsjpfWk084_CyCgN0uhKT1ejO8mPU2J71hmhqu2R0RDckEu-eCQ==
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 varnish
age
2460340
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-fra19135-FRA
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1635419421.791574,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5puIF1VtGsg5AgLD-YhuubmNu7Q6UPt-NFh936bEWE39Q7_EvHV1Mw==
x-cache-hits
694268
3b35c7d8b8442cc5db116628e7988f34.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		0
0
3b35c7d8b8442cc5db116628e7988f34.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b35c7d8b8442cc5db116628e7988f34.png
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d77f808f4ac1b28790944ad17fbba07ead59ab7464a0d055468e14742f569274

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish, 1.1 varnish
age
2972591
edge-cache-tag
624779610713053548722406857103780491129,559416217886463445044590959399784239708,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
78
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b35c7d8b8442cc5db116628e7988f34.png
content-length
65814
x-request-id
0450f23ee59faeb9ad42b5619f43dba0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 16 Sep 2021 19:15:32 GMT
server
nginx
x-timer
S1635419421.799220,VS0,VE0
etag
"68334f206a04b6eefa7c1b7a290dceef"
x-served-by
cache-wdc5566-WDC, cache-dca17771-DCA, cache-fra19135-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
svdzkjanwbnwod22oah4.mp4
c3.taboola.com/libtrc/static/video/v1634647611/ Frame D55A 		93 KB
93 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://c3.taboola.com/libtrc/static/video/v1634647611/svdzkjanwbnwod22oah4.mp4
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fa4b241e347026dcefb828fb288376dc0858a34eb2363cc3ea3d321d6ed5d9f

Request headers

Referer
https://www.mestocards.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Ue5gpDRJTcXNRyeeQhx_lJnNWptV7dwV
via
1.1 varnish
etag
"60729e68ce46612392b53b4277e735b6"
age
24
x-cache
HIT
Content-Range
bytes 0-95057/95058
x-amz-replication-status
COMPLETED
Content-Length
95058
x-amz-id-2
bY2f7liQIFAbbvf3lqpQ6n+xRCPwspCePA/AvUZblCIo46HbAR9qteoutcy6mxqr+uSRyB5zlMQ=
x-served-by
cache-fra19135-FRA
last-modified
Tue, 19 Oct 2021 12:46:55 GMT
server
AmazonS3
x-timer
S1635419421.806609,VS0,VE1
date
Thu, 28 Oct 2021 11:10:20 GMT
x-amz-request-id
R37TMZK0FZJ83NDW
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
21
x-cache-hits
0
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		80 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.mestocards.com%22%2C%22publisher%22%3A%22mestocards.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22gcG6vumx70W3iFQ40R5Jug%22%2C%22clientTimestamp%22%3A1635419420845%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-msn567js3cwb28005e69%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
80
last-modified
Tue, 26 Nov 2019 14:21:44 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
vary
Origin
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
sLIpJtVrGiQKmhQ0gXhnnUmlQT8NcOy5ktwvX3Pj70ijnV6MKUCXVQ==
khaos.jpg
token.rubiconproject.com/ Frame 809F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
st
imprammp.taboola.com/ Frame BECA 		1 KB
679 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334925&crid=5477625&dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&cmcv=&pix=undefined&cb=1635419420914&uv=3053&tms=1635419420914&abt=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!ufm!vzr_vA&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D7337F8CDE208420241629282625&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Thu, 28 Oct 2021 11:10:20 GMT
via
1.1 varnish
x-served-by
cache-fra19135-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1635419421.920947,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame E8FB 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/

Response headers

server
nginx
date
Thu, 28 Oct 2021 11:10:20 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3405
VideoBidRequestHandlerServlet
wf.taboola.com/ Frame D55A 		11 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=801&height=450&pubid=169497&tagid=953497&crid=5477625&noaop=3&sortOrderType=0&cb=1635419420919&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1291&pt=-269928987&tz=0&viewable=true&ddast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&dtagid=1787395&dpubid=360015&abtst=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!ufm!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fwww.mestocards.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
35de11888553a889bedd2687dcb7ba55519f214cb777f8963aab79f61d94776b

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
content-encoding
gzip
access-control-allow-origin
https://www.mestocards.com
machineid
1420
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19135-FRA
pragma
no-cache
server
nginx
x-timer
S1635419421.928677,VS0,VE310
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://{"adUnit">; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://serverc.aivdesk.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ Frame D55A 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66334925&crid=5477625&dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&cmcv=&pix=31589837&cb=1635419420914&uv=3053&tms=1635419420914&abt=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!ufm!vzr_vA&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1635419420285.8!ts:1635419420914&mntl=1
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:20 GMT
content-length
0
server
nginx
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D68c35a0e-27b1-4fda-b3f6-840379a9ec1e&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e&gdpr=0&cklb=1
0
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e&gdpr=0&cklb=1
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e&gdpr=0&cklb=1
pragma
no-cache
date
Thu, 28 Oct 2021 11:10:19 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
token
token.rubiconproject.com/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=67e691453d4f4fe2&gdpr=0
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
  • https://s.cpx.to/ca.png?dsp=dbm&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e&google_gid=CAESEGq6jjJai2dO_ceMxeKg9r4&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e&google_gid=CAESEGq6jjJai2dO_ceMxeKg9r4&google_cver=1
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Server
34.243.225.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-225-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 28 Oct 2021 11:10:20 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e&google_gid=CAESEGq6jjJai2dO_ceMxeKg9r4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26hn_ver%3D20%26fid%3D68c35a0e-27b1-4fda-b3f6-840379a9ec1e
  • https://s.cpx.to/an_fire?app_nexus_uid=1840280569231006636&pid=12773&ref=&hn_ver=20&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=1840280569231006636&pid=12773&ref=&hn_ver=20&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Server
34.243.225.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-225-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 28 Oct 2021 11:10:20 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 28 Oct 2021 11:10:20 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:20 GMT
X-Proxy-Origin
78.47.208.30; 78.47.208.30; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
874059ba-5c95-4576-96ae-946bd56520aa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=1840280569231006636&pid=12773&ref=&hn_ver=20&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=588c2729-e027-43f8-ae98-1fbf2c04fcdb&dsp=TTD
95 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=588c2729-e027-43f8-ae98-1fbf2c04fcdb&dsp=TTD
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Server
34.243.225.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-225-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 28 Oct 2021 11:10:21 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 28 Oct 2021 11:10:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=588c2729-e027-43f8-ae98-1fbf2c04fcdb&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D68c35a0e-27b1-4fda-b3f6-840379a9ec1e
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D68c35a0e-27b1-4fda-b3f6-840379a9ec1e
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9062D18F-155E-4508-8D3D-B79C3D283A9C&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9062D18F-155E-4508-8D3D-B79C3D283A9C&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Server
34.243.225.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-225-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 28 Oct 2021 11:10:21 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 28 Oct 2021 11:10:21 GMT

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9062D18F-155E-4508-8D3D-B79C3D283A9C&fid=68c35a0e-27b1-4fda-b3f6-840379a9ec1e
date
Thu, 28 Oct 2021 11:10:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
pool.grid-data.bidswitch.net/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.204.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-204-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame BECA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334925&crid=5477625&dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&cmcv=&pix=undefined&cb=1635419420914&uv=3053&tms=1635419420914&abt=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!ufm!vzr_vA&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D7337F8CDE208420241629282625&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame BECA 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334925&crid=5477625&dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&cmcv=&pix=undefined&cb=1635419420914&uv=3053&tms=1635419420914&abt=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!ufm!vzr_vA&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D7337F8CDE208420241629282625&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:787a:99c3:22c2:11ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame BECA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a4045ab7-37df-11ec-8929-16ae82d30406&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a4045ab7-37df-11ec-8929-16ae82d30406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334925&crid=5477625&dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&cmcv=&pix=undefined&cb=1635419420914&uv=3053&tms=1635419420914&abt=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!ufm!vzr_vA&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D7337F8CDE208420241629282625&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16021

Redirect headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a4045ab7-37df-11ec-8929-16ae82d30406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
126
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame BECA 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334925&crid=5477625&dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&cmcv=&pix=undefined&cb=1635419420914&uv=3053&tms=1635419420914&abt=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!ufm!vzr_vA&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D7337F8CDE208420241629282625&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.203.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-203-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame E8FB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame E8FB 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:787a:99c3:22c2:11ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame E8FB
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a4045ab7-37df-11ec-8929-16ae82d30406&orig=video&us_privacy=1---gdpr=1&
0
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a4045ab7-37df-11ec-8929-16ae82d30406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16021

Redirect headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a4045ab7-37df-11ec-8929-16ae82d30406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
80
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame E8FB 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.203.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-203-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 8721
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Oct 2021 11:10:21 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Thu, 28 Oct 2021 11:10:21 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.html
eus.rubiconproject.com/ Frame DCE0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334925&crid=5477625&dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&cmcv=&pix=undefined&cb=1635419420914&uv=3053&tms=1635419420914&abt=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!ufm!vzr_vA&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=D7337F8CDE208420241629282625&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Oct 2021 11:10:21 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Thu, 28 Oct 2021 11:10:21 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.js
eus.rubiconproject.com/ Frame 8721 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ca92d77c2d1c7c39f86a0feab4223131bea068006d0c58a75c9e951132e07731

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Oct 2021 21:13:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36253
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9393
Expires
Thu, 28 Oct 2021 21:14:34 GMT
usync.js
eus.rubiconproject.com/ Frame DCE0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ca92d77c2d1c7c39f86a0feab4223131bea068006d0c58a75c9e951132e07731

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Oct 2021 21:13:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36253
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9393
Expires
Thu, 28 Oct 2021 21:14:34 GMT
khaos.jpg
token.rubiconproject.com/ Frame 8721 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
prebid.js
vidstat.taboola.com/prebid/1.0.17/ Frame D55A 		124 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/prebid/1.0.17/prebid.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf37aaf6ede936d00f6d02f0a1ac9660c181c892ea5daecd8f2fedad95f5981c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 varnish
age
297360
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
40518
x-served-by
cache-fra19135-FRA
last-modified
Sun, 23 May 2021 16:29:48 GMT
server
AmazonS3
x-timer
S1635419421.279437,VS0,VE0
etag
"f16ef1776fdb1c1063496b7277c8e1cd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
SqppIiyyztXySalXns7wm7K5UoFcsICaFqcwFYofWRJ2gvEuYFy6uA==
x-cache-hits
9198
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/30_5_3/infra/ Frame D55A 		674 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_5_3/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9f7003b0ed44409fdce206d20689a59802f1ce27a0329de0d3347548a1e87cfd

Request headers

Referer
https://www.mestocards.com/
Origin
https://www.mestocards.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
via
1.1 varnish
age
169964
x-amz-meta-mtime
1635249354
x-cache
HIT
x-amz-meta-ctime
1635249355
x-amz-meta-mode
33188
content-encoding
br
content-length
120168
x-amz-id-2
3CtF3pCPrQ1FL0chtUPUsc52MMxvQiw0LEv1klREFxO/z19vkxvcavzAqlr8jfJjWiDXQ4NuOg0=
x-served-by
cache-fra19162-FRA
accept-ranges
bytes
last-modified
Tue, 26 Oct 2021 11:55:56 GMT
server
AmazonS3-br
x-timer
S1635419421.295063,VS0,VE0
etag
"5fad92231c6153f70ed2d8b359e2be5a"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
KGFFQ0FF13HMK9GM
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
8935
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_5_3/assets/css/ Frame D55A 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_5_3/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f1bf0b6b028fc1eda4de19632dd3eaf099ad0856deb1930e3b31b0f45a0d0b37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
via
1.1 varnish
age
169963
x-amz-meta-mtime
1635249408
x-cache
HIT
x-amz-meta-ctime
1635249409
x-amz-meta-mode
33188
content-encoding
br
content-length
8017
x-amz-id-2
UBoMJQpak7Nx6/Ti5I2oWsATyYR0axsb7i2PjvmduRwUkLg71d4NohtxWvmLyUxvGOAmhdL+v/Q=
x-served-by
cache-fra19135-FRA
accept-ranges
bytes
last-modified
Tue, 26 Oct 2021 11:56:50 GMT
server
AmazonS3-br
x-timer
S1635419421.280312,VS0,VE0
etag
"e38db0f3058d4c895fd51d9f52019aa3"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
KGF267BHGXTQAPQN
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
186342
khaos.jpg
token.rubiconproject.com/ Frame DCE0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
PMS.js
vidstat.taboola.com/PMS/3.2.2/ Frame D55A 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront), 1.1 varnish
age
1891645
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-fra19135-FRA
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1635419421.367221,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
JVAUVHZomFBOTYSmiRyONx061K0r8J89HAeMC4sUhok9f7gqiMDPAg==
x-cache-hits
785715
content14_10_18m.js
vidstat.taboola.com/ Frame D55A 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age
3209674
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-fra19135-FRA
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1635419421.421819,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Z1AaP1z8XWMbtLqmlcB4G4YTes4X6hGOLI8Z7E1BqJ1mwietJ_cWKQ==
x-cache-hits
1617168
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ Frame D55A 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 varnish
age
2460340
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-fra19135-FRA
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1635419421.423780,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5puIF1VtGsg5AgLD-YhuubmNu7Q6UPt-NFh936bEWE39Q7_EvHV1Mw==
x-cache-hits
694270
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v12.9.1/ Frame D55A 		572 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v12.9.1/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8e900b2a718a9cbf53a13a8381c9e5ecea69dbc78239373875a8c6b4338951f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
via
1.1 varnish
age
71696
x-amz-meta-mtime
1635347662
x-cache
HIT
x-amz-meta-ctime
1635347676
x-amz-meta-mode
33188
content-encoding
br
content-length
119558
x-amz-id-2
z0RG17Gh57Y2U+ai4Ee05nYBQTM7JjiGfmWdBWt/eMH28ls085G4Gi28v/FzQ20w96mwy+81TsE=
x-served-by
cache-fra19135-FRA
accept-ranges
bytes
last-modified
Wed, 27 Oct 2021 15:14:37 GMT
server
AmazonS3-br
x-timer
S1635419421.437014,VS0,VE0
etag
"c2a322fb377b96f08eb45bb312bb9b7e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
8MJS6C34YD7QZ75F
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
46501
sync
am-match.taboola.com/ Frame 5B3C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b7e9fb2352c527e5107c56a16e190fe4fdd244c958d1903e8f2e5d62c8c9dfff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/

Response headers

server
nginx
date
Thu, 28 Oct 2021 11:10:21 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3401
st
am-vid-events.taboola.com/ Frame D55A 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66334925&crid=5477625&dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&cmcv=&pix=31589837&cb=1635419421410&uv=3053&tms=1635419421410&su=&abt=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!t45!ufm_vA!vzr_vA&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1635419420285.8!ts:1635419421410&
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
content-length
0
server
nginx
d1fcca16-66f8-4416-9c5d-7abcfba448ec
https://www.mestocards.com/ Frame D55A 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.mestocards.com/d1fcca16-66f8-4416-9c5d-7abcfba448ec
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
d979219a-0182-45ef-bb60-9f2265ce15f8
https://www.mestocards.com/ Frame D55A 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.mestocards.com/d979219a-0182-45ef-bb60-9f2265ce15f8
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
v1
prg.smartadserver.com/prebid/ Frame D55A 		171 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.9.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:21 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b9%3b65
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.mestocards.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
getmu
ioms.bfmio.com/ Frame D55A 		49 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=801&height=450&v=1&pageurl=https%3A%2F%2Fwww.mestocards.com&i_type=out&stream=out&playback=2&cb=R0.1635419421504&us_privacy=1---&io_max_duration=30
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.9.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.17.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-17-196.compute-1.amazonaws.com
Software
/
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.mestocards.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
transfer-encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
5cd7e859f2d3840015f29aad
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ Frame D55A 		66 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5cd7e859f2d3840015f29aad?url=https%3A%2F%2Fwww.mestocards.com&playerWidth=801&playerHeight=450&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.9.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.89.90.7 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Server
nginx
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
https://www.mestocards.com
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length
66
generic
match.adsrvr.org/track/cmf/ Frame 5B3C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 5B3C 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:787a:99c3:22c2:11ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
x.bidswitch.net/ Frame 5B3C 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.203.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-203-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 9DC0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Oct 2021 11:10:21 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Thu, 28 Oct 2021 11:10:21 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usermatch
ssum.casalemedia.com/ Frame A660
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26u...
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8323864a85f324c5d644ecb492e79f22bcd7ab5b6d752fc815e98936adb4bd75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|64|206|41|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1675
Expires
Thu, 28 Oct 2021 11:10:21 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:21 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
428
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 28 Oct 2021 11:10:21 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:21 GMT
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame 9DC0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ca92d77c2d1c7c39f86a0feab4223131bea068006d0c58a75c9e951132e07731

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Oct 2021 21:13:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36253
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9393
Expires
Thu, 28 Oct 2021 21:14:34 GMT
khaos.jpg
token.rubiconproject.com/ Frame 9DC0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
bulk
trc.taboola.com/themonetizer-mestocards/log/3/ Frame D55A 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-mestocards/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 28 Oct 2021 11:10:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1635419422.583673,VS0,VE9
x-served-by
cache-fra19135-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.mestocards.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
/
geoworker.ayads.co/ 		1 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoworker.ayads.co/
Requested by
Host: ads.ayads.co
URL: https://ads.ayads.co/ajs.php?zid=34704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
server
cloudflare
sublime-worker
true
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cf-ray
6a53b7992a887043-FRA
content-length
1
/
optchk.ayads.co/ 		16 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://optchk.ayads.co/?callback=sublimeOptchk
Requested by
Host: ads.ayads.co
URL: https://ads.ayads.co/ajs.php?zid=34704
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.181.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-181-137.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
49120de5d47bd735b7fe51736fde6bfd75dcdadbe3862c7eff507f27214ad6c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:21 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
16
Expires
Sun, 01 Jan 2014 00:00:00 GMT
action
ww1097.smartadserver.com/track/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ww1097.smartadserver.com/track/action?pid=829401&acd=1635419420226&opid=41b395b2-2cf2-43d5-8186-3bce86daa387&opdt=1635419420226&sid=1&iid=10341916&cid=0&key=noad&value=passback&hol_cpm=0&pgDomain=https%3a%2f%2fwww.mestocards.com%2f
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
transfer-encoding
chunked
content-type
image/gif
aip
eqx.smartadserver.com/h/ 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eqx.smartadserver.com/h/aip?uii=236546159284111542&tmstp=3835605632&ckid=0&pubid=19&systgt=%24qc%3d1314162586%3b%24ql%3dHigh%3b%24qpc%3d10243%3b%24qt%3d25_632_5967t%3b%24dma%3d0%3b%24b%3d16950%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d18%3b%24wpc%3d165%3b%24wpc%3d817%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d1273%3b%24wpc%3d1894%3b%24wpc%3d5179&acd=1635419420226&envtype=0&hol_cpm=0&opid=41b395b2-2cf2-43d5-8186-3bce86daa387&opdt=1635419420226&siteid=165318&tgt=%24dt%3d1t&gdpr=1&pgid=829401&fmtid=26325&statid=19&visit=s
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:20 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame D55A 		254 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
12700
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by
cache-fra19135-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1635419422.660321,VS0,VE0
date
Thu, 28 Oct 2021 11:10:21 GMT
x-amz-request-id
E8X2YXVA73E9K5Z9
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
64
x-cache-hits
11796
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=wf&t=1635419419418.8&ver=20211028082101&device=d&puid=p203810577518466100&suid=s881350685255523422&z=34704&gc=0&gm=1&ga=1&gs=2&gv=2&e=p&gd&gdv&ctxs=783881263%3A5%2C800658834%3A5%2C912739291%3A2%2C1064870668%3A2%2C1262708518%3A10%2C1329966018%3A5%2C1346596566%3A10%2C2410578561%3A2%2C2629713481%3A2%2C2663121608%3A2%2C3144898050%3A2%2C3518155995%3A4%2C3971937415%3A2%2C3971937417%3A2&tse=1635419421670&et=2251&tfz=1085&sqid=2&bw=1600&bh=1200&ph=5681
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
server
nginx
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=wf&t=1635419419418.8&ver=20211028082101&device=d&puid=p203810577518466100&suid=s881350685255523422&z=34704&gc=0&gm=1&ga=1&gs=2&gv=2&e=ipb&tse=1635419421671&et=2252&tfz=1087&sqid=3
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
server
nginx
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=wf&t=1635419419418.8&ver=20211028082101&device=d&puid=p203810577518466100&suid=s881350685255523422&z=34704&gc=0&gm=1&ga=1&gs=2&gv=2&e=spb&tse=1635419421671&et=2253&tfz=1087&sqid=4
Requested by
Host: www.mestocards.com
URL: https://www.mestocards.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
server
nginx
dcm
s.amazon-adsystem.com/ Frame A660
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:22 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7EK27ZA5S5A6WYJABE80
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WFZ4HJYEV637XZQJWQ3Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A660
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECs1PEXefq_ZqVGgJ7ApR8s&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECs1PEXefq_ZqVGgJ7ApR8s&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 28 Oct 2021 11:10:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECs1PEXefq_ZqVGgJ7ApR8s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A660 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A660
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXqFHTLJy7JTI5ajsO6j6QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJejN8ddPo-_8CNs6P3ePvs&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJejN8ddPo-_8CNs6P3ePvs&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 28 Oct 2021 11:10:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJejN8ddPo-_8CNs6P3ePvs&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A660
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638011421
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638011421
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 28 Oct 2021 11:10:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Oct 2021 11:10:21 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638011421
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame A660 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 11:10:21 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bridge
cm.adgrx.com/ Frame A660 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.232.229 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:22 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
sjc-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame A660
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Oct 2021 11:10:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 28 Oct 2021 11:10:21 GMT

Redirect headers

date
Thu, 28 Oct 2021 11:10:21 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame A660 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?gdpr=1&taboola_hm=YXqFHTLJy7JTI5ajsO6j6QAABGwAAAAB&orig=video&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13770
cds-pips.js
cdn.taboola.com/scripts/ Frame D55A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1898
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19135-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1635419423.580819,VS0,VE0
date
Thu, 28 Oct 2021 11:10:22 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
64
x-cache-hits
8933
/
pips.taboola.com/ Frame D55A 		4 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 11:10:22 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19162-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.mestocards.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame D55A 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=9e022b73-bcac-4d0f-ba32-6b268d8b98a7-tuct8740a9c
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mestocards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 28 Oct 2021 11:10:22 GMT
Cache-Control
no-store
Server
nginx
Connection
close
OpportunityServlet
am-vid-events.taboola.com/ Frame D55A 		1 B
122 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_3/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mestocards.com
date
Thu, 28 Oct 2021 11:10:26 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
VideoBidRequestHandlerServlet
wf.taboola.com/ Frame D55A 		11 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=801&height=450&pubid=169497&tagid=953497&crid=5477625&noaop=3&sortOrderType=0&cb=1635419426512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1291&pt=-356955095&tz=0&viewable=true&ddast=V7RJYCFgP4BMH7GkqLqQT4BMH7GkqLqQUAAAAGBuIHHMTbbHYz4obEogyGo8lgMlrMJsvJcDKbrIbAQbzNZjcjbkgsymA4mgwmm8lgslztNqPNaAoeMVttFsOBhGX2-w4KyunpMbsMar7dZXpaX5Y3bKDpdPhc93rd73dXuzynv8dhOXnuGr_bLwcAAACAB4ApynyIH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAwAhJ4eDQAojoR7ujwXh8ll9wcAwIMCCACAAAYJQIHfUwnAhtHACQAAAAAAAAAAy____3_MAD1MswxACN1HD8CDD8ADUcFhESMAAAAApxdoj6NJnVBZVAEAEKRbAVwBAATwGV_ej4YBAAAAjC3Qw-L3mx12jd_tMgAAAAAAAAAAs_-zfzQhJK6UtCACvXC1X0AAgLVfQAAANnUDAHgTgAs6glYMBqsLiNkBAAAA3P3____rgcByNxxsJsaJyTfcbIaziWcxshk2htHGY1w4bCPv8WLdWGj5pAD2ecRstVkMBxKW2e87KCinp8fsMqj5dpfpaX1Z7jdhi9FqMtksh7PlYjIYjoaj0f4EcjXAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYXBkmk4lvs5Z4HB63aGSYuSUOz2Qtm1hmw5Fx4hwufGvR62M67kaDhXPjRcGAjL0ILtKJ6Ohy--0u09P6srzVLs_p73FYTp6LWKI5WaQT2WVfWO6Gg83EODH5hpvNcDbxLEY2w8Yw2niMC4dt5G-uDJPJxLdZSzwOj1s0MszcEodnspZNLLPhyDhxDhe-tej1MR13o8HCufE3ZpvVaLEcTQb7xmyzGi2Wo8lg36EzfFefs1Eaja08JpH12Y3aZOaDwmWweH8S02LanR1EJ9_RKXQ4l0Wd0XfrHr0GhefgUU3HZ7_ONa5-rRWV92BQxBLB6SKdiF7G00UskTwt0onKZFlufIvNcjFZbWy7mWEycu02luVsNHOOPJ7RRCxRmi7SiV6i_iPDDeei3VwyGM41g1UCAAAAAAAAAFjCnHkTAAAAgNNgZoPBYrVcAAmicV1gEAAAAAAAgN0YnpTs8cpuweLGjy_o6HL77S7T0_qyvNUuz-nvcVhOnisDSAitMG_2TBBrtVrWAAAAAtgAAAAB3Lp5CyCL5AA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&dtagid=1787395&dpubid=360015&abtst=adh5c-1_vA!adh5c_vA!expl_vE!lotc_vB!mprdctdt6_vA!t45!t45!ufm_vA!vzr_vA&mPre=0.025&cirf=https%3A%2F%2Fwww.mestocards.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.9.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c5c1baab349ec18446a875adf124a73b28058a32cd9166a6bae8d183a0913add

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 28 Oct 2021 11:10:26 GMT
content-encoding
gzip
access-control-allow-origin
https://www.mestocards.com
machineid
1478
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19135-FRA
pragma
no-cache
server
nginx
x-timer
S1635419427.516467,VS0,VE56
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://search.spotxchange.com>; rel=preconnect,<https://serverc.aivdesk.com>; rel=preconnect,<https://search.spotxchange.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
212394
search.spotxchange.com/vast/2.00/ Frame D55A 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/212394?VPAID=js&content_page_url=https%3A%2F%2Fwww.mestocards.com&player_width=801&player_height=450&cb=R0.1635419426608&content_id=main&playtime=30&custom[content][]=&custom[pub_lang]=fr&schain=1.0,1!taboola.com,1197283,1,-830294633&gdpr=1&gdpr_consent=&max_bitrate=2000&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.9.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 28 Oct 2021 11:10:26 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000322
X-SpotX-Timing-SpotMarket
0.013083
X-SpotX-Timing-Page-Mux
0.000328
X-SpotX-Timing-Page-Require
0.000536
X-fe
046
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
Content-Length
77
X-SpotX-Timing-Page
0.018149
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000437
Last-Modified
Thu, 28 Oct 2021 11:10:26 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.013083
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.mestocards.com
X-SpotX-Timing-Page-Misc
0.003398
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000019
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
5e8c5b9a12b21300172985c0
serverc.aivdesk.com/connections/5638c79739291a03009685cd/ Frame D55A 		66 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://serverc.aivdesk.com/connections/5638c79739291a03009685cd/5e8c5b9a12b21300172985c0?url=https%3A%2F%2Fwww.mestocards.com&playerWidth=801&playerHeight=450&param2=Taboola&userGdpr=1&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.9.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.89.90.7 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 28 Oct 2021 11:10:26 GMT
Server
nginx
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
https://www.mestocards.com
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length
66
204277
search.spotxchange.com/vast/2.00/ Frame D55A 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/204277?VPAID=js&content_page_url=https%3A%2F%2Fwww.mestocards.com&player_width=801&player_height=450&vid_duration=NaN&content_id=inline&allow_flash_creative=1&ad_mute=1&custom_skin=1&custom[content][]=&custom[pub_lang]=fr&schain=1.0,1!taboola.com,1197283,1,-830294633&gdpr=1&gdpr_consent=&playtime=30&max_bitrate=2000&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.9.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.mestocards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 28 Oct 2021 11:10:26 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000305
X-SpotX-Timing-SpotMarket
0.015755
X-SpotX-Timing-Page-Mux
0.000230
X-SpotX-Timing-Page-Require
0.000310
X-fe
063
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
Content-Length
77
X-SpotX-Timing-Page
0.018927
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000287
Last-Modified
Thu, 28 Oct 2021 11:10:26 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.015755
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.mestocards.com
X-SpotX-Timing-Page-Misc
0.002027
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
images.taboola.com
URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b35c7d8b8442cc5db116628e7988f34.png

Verdicts & Comments Add Verdict or Comment

282 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| GoogleAnalyticsObject function| ga object| adsbygoogle function| confiantWrap number| themoneytizer_async object| geo object| node object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url function| criteoCallback object| generic object| criteo_gum object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| target object| notifyme object| ix_lib object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility39287 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetRichAudienceZone function| GetGothamadsZone function| GetAdmixerZone function| GetAdyoulikeZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText object| _qevents boolean| moneycaching object| params number| nugg string| pubstack_ab function| Adcall_39287 function| refreshVisibility26322 function| Adcall_26322 function| __tcfapi function| __uspapi function| refreshVisibility48311 number| native_div function| Adcall_48311 function| refreshVisibility26328 object| sc function| Adcall_26328 function| refreshVisibility26711 function| Adcall_26711 function| googleTranslateElementInit function| MobileDetect object| md function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| refreshVisibility26706 function| Adcall_26706 function| tmzrChunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| placementBids string| nobidVersion object| nobid object| targetingParams function| Adcall_26325 undefined| Adcall_video object| pubstack_publica number| bidder_geo function| refreshVisibility26300 function| Adcall_26300 function| refreshVisibility26323 function| Adcall_26323 function| refreshVisibility26326 string| moneybid function| refreshVisibility30012 function| Adcall_30012 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| refreshVisibility26325 function| _Adcall_26325 function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt object| cookieChoices function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| moneytizergeo object| closure_lm_197555 object| libJsLeadPlace object| headertag object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode undefined| $ undefined| jQuery object| sas_snippets object| div object| _tbframe object| rpx_params string| id object| script object| trc_lighthouse-2piz92 object| TRC number| taboola_view_id object| sublime object| ayads function| sublimeCb1635419420586 object| regeneratorRuntime function| __tcfapiui object| cmTag undefined| define function| startCMTagMain object| _taboola object| scCGSHMRCache function| sublimeOptchk

43 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=lsJIHXVjUv3ixzHtxYNwZWj7ZDSt_cvztdlTnRSxpouu4p-sWUAqM6gQm1vlDA_Byq7icX-Ub3Lek0L3ecFDZ7mah7cnSGiCkBdjcPmkUk9wMf-IHdhHK5s3wspW5VGs4_-g4F2Go9Sj4NTt5GTM9uh5uK7qiYfemnBE1EAA3UY
.zeotap.com/ Name: zc
Value: 3b69c0d3-fcda-432f-5628-0a50f1b0f0da
.zeotap.com/ Name: zsc
Value: 4%C3R%8A%B8%B4%E4%BF%7D%9BI%98%5B%A3%FE%C7%10%93%5C%1C%0EX%DB%28%B1%FA%06%DB%A5%91%02%FB%88%9E%B8%EC%01%93N%F1%C2%E8%FEp%99%B9%5B%15%E2~%C1%C8%BFR%0Em%FD%7D%E4%F0%E5%02I.%9E%F0%D7%F6%ED%A9%604%C8+A%3E%A3u%949%40W%E6%0E%B9%60.%E9%E6S%EE%D9m%B4n%CA%0B%B4%81P%19%A0~_%3F
.mestocards.com/ Name: _ga
Value: GA1.2.1447697047.1635419420
.mestocards.com/ Name: _gid
Value: GA1.2.1002661928.1635419420
.mestocards.com/ Name: _gat_blogger
Value: 1
.mestocards.com/ Name: _gat
Value: 1
.adnxs.com/ Name: uuid2
Value: 1840280569231006636
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: 220ba9ed-d9d2-4435-9f94-fde46f7761ae#1635419420153#1
.id5-sync.com/ Name: callback
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUlqAJk__Bxj4HN20x-OIzlA9pgoTgJoVTRM7tBoyv79WyRZI_n_8_rUS_6MPXk
.agkn.com/ Name: ab
Value: 0001%3AfIQZw84f4Tiql3wmsh3UEuuNfnTjLBDU
.mathtag.com/ Name: uuid
Value: def8617a-851c-4e00-891d-a43ca2390ceb
.adsrvr.org/ Name: TDID
Value: 588c2729-e027-43f8-ae98-1fbf2c04fcdb
.demdex.net/ Name: demdex
Value: 64651939655593692743338291400120045275
.dpm.demdex.net/ Name: dpm
Value: 64651939655593692743338291400120045275
www.mestocards.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D9e022b73-bcac-4d0f-ba32-6b268d8b98a7-tuct8740a9c
.cpx.to/ Name: cpSess
Value: 67e691453d4f4fe2
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwja0Y20yIONOhAFOAFaBzBma2Npb3RgAg..
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16950%3b%24o%3d11100
.cpx.to/ Name: dsp_dbm
Value: CAESEGq6jjJai2dO_ceMxeKg9r4#1635419420959
.smartadserver.com/ Name: pid
Value: 5283109872280592032
.smartadserver.com/ Name: pdomid
Value: 9
.cpx.to/ Name: dsp_app_nexus
Value: 1840280569231006636#1635419420991
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9062D18F-155E-4508-8D3D-B79C3D283A9C
.cpx.to/ Name: dsp_TTD
Value: 588c2729-e027-43f8-ae98-1fbf2c04fcdb#1635419421022
.cpx.to/ Name: dsp_pubmatic
Value: 9062D18F-155E-4508-8D3D-B79C3D283A9C#1635419421059
.spotxchange.com/ Name: audience
Value: a4045ab7-37df-11ec-8929-16ae82d30406
.taboola.com/ Name: t_gid
Value: 96a98926-e53f-4d81-9644-89f4f554028c-tuct8740a9d
.casalemedia.com/ Name: CMID
Value: YXqFHTLJy7JTI5ajsO6j6QAA
.casalemedia.com/ Name: CMPS
Value: 3174
.casalemedia.com/ Name: CMPRO
Value: 1132
.casalemedia.com/ Name: CMST
Value: YXqFHWF6hR0A
.casalemedia.com/ Name: CMRUM3
Value: f1617a851d05a0&40617a851d2760no-consent&c4617a851d05a0&2d617a851d2760CAESEJejN8ddPo-_8CNs6P3ePvs&29617a851d05a0&ce617a851d05a0&27617a851d0b40&e6617a851d2760
serverc.aivdesk.com/ Name: 0b58a6c346cc9f7c8cb20cef799f47c3
Value: 0ll12Gbsu4XSvNnsGPEAbHEArcUx%2FEw%3D%3D
serverc.aivdesk.com/ Name: 1b86cc4086e01b547bb8e0a742d7abdf
Value: ows14qpiqerTR844TtYClIBGBEBdmgJSQ%3D%3D

1 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
15.taboola.com
3.bp.blogspot.com
4.bp.blogspot.com
aa.agkn.com
ads.ayads.co
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
antenna.ayads.co
api.rlcdn.com
as-sec.casalemedia.com
audit-tcfv2.quantcast.mgr.consensu.org
c.tmyzer.com
c3.taboola.com
cdn.taboola.com
cds.taboola.com
ced-ns.sascdn.com
cm.adgrx.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
eqx.smartadserver.com
eus.rubiconproject.com
g.themoneytizer.net
geoworker.ayads.co
gu.dyntrk.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
images.taboola.com
imprammp.taboola.com
ioms.bfmio.com
js-sec.indexww.com
kvt.cookieless-data.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
logo.gralon.net
match.adsrvr.org
mwzeom.zeotap.com
nsm09.casimages.com
onetag-sys.com
optchk.ayads.co
p.cpx.to
pips.taboola.com
pixel-sync.sitescout.com
pixel.mathtag.com
pool.grid-data.bidswitch.net
prg.smartadserver.com
quantcast.mgr.consensu.org
resources.blogblog.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
sac.ayads.co
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
serverc.aivdesk.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync-t1.taboola.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.taboola.com
taboola-supply-partners.tremorhub.com
tag.leadplace.fr
test.quantcast.mgr.consensu.org
token.rubiconproject.com
translate.google.com
translate.googleapis.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
wf.taboola.com
ww1097.smartadserver.com
www.blogger.com
www.espace-turf.com
www.google-analytics.com
www.gralon.net
www.gstatic.com
www.mestocards.com
www.paypalobjects.com
www.top-pmu.com
x.bidswitch.net
images.taboola.com
104.109.78.125
13.35.253.50
135.125.160.160
141.226.224.32
141.226.228.48
142.250.185.162
145.239.192.166
145.239.193.145
151.101.1.44
151.101.129.44
151.101.130.133
151.139.241.23
159.89.90.7
164.132.167.149
18.156.0.31
18.192.203.176
18.197.204.221
18.200.182.178
185.64.190.80
185.86.137.114
185.86.138.143
185.86.139.95
185.94.180.124
185.94.180.126
194.150.236.190
2.18.233.201
2.18.234.21
2.19.35.65
209.54.177.54
213.186.33.2
2600:1f18:612b:4200:787a:99c3:22c2:11ca
2600:9000:211e:7200:3:a4cd:8380:93a1
2600:9000:211e:b000:6:44e3:f8c0:93a1
2600:9000:211e:b200:9:46dc:4700:93a1
2606:4700:10::6814:b25
2606:4700:10::6816:1857
2606:4700:3031::ac43:92f9
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2009
2a00:1450:4001:829::2013
2a00:1450:4001:82b::2001
2a02:2638::1c
2a02:26f0:6c00::210:ba0b
3.33.220.150
3.8.243.222
34.120.133.55
34.243.225.216
37.252.172.249
37.252.172.45
51.15.145.116
51.38.120.206
51.89.20.87
52.200.17.196
52.210.129.48
52.48.181.137
54.217.215.116
54.38.64.100
63.32.159.255
65.9.58.151
66.155.71.25
69.173.144.139
72.251.232.229
91.121.164.142
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
039aa430b4d29f5fb8d1af81fb0bb76d20a14db34c941bdabb7e7e2eab90a47b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07343edc07ec00fa9191a67d9614e5864c14e4d874e3f84dbc63f226b7d6c852
08c994f872116b41cb4b4ee836aeaa57b0ee8cb283a91ecf11744ee6174db568
0965c813b847b2d16700539c468e138d9f06cb5557f870c9a6b82a8c090091b6
0a1d9fa87938e058bec1d7ddac224d2ae04457ce709e68ee654d132bd21efee6
0b74cdfe176480d1fbe5a766f6252e9d3ce049cd60d1b9b156e4919341a3c814
0b79d9db28c5b61c1d6474cf18ea078dcbb88299a48a9ad6783d86bbaab8f4f1
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f
0f11b3aad5f3399f4c8fb088b5fafbc07f1e694a3e78eae41f34378b00b44807
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
1430a224b5176ac4ff2b13277a1a52f056f6afacce51d33e970077e7543a4ef8
1e119c886aca66524af218d0cfa2acec625e20faa8fc3a116f19bf422353b983
1ef46d4692db1b99469930ee2bb6339f68e5d29c4a7a2b25bc405c3a7624c79e
1fa4b241e347026dcefb828fb288376dc0858a34eb2363cc3ea3d321d6ed5d9f
214ecc0569a53af492e04cdd586d2adaa563a639460053c5feb8290a743edb6e
23585132be3d8576392bcf3b435c4503a95ce449044d135e9c9fc211484dca7e
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2911f4e04096744757ceab7a895e0ee51494b6feaefaef9f1870272b3dc2dcca
2a1b760ffaaad5194e4918dc27bf1938a3e53328bffb83df2bcaf6482c86e1d2
2a9aa39e9aa2ecfff607f62081828e2d1ce3c04d098e7a0f57ce1810aeed147c
2c3089c92ccfd19041c044c16f7caee17805f746c6b9af7ed1c15a8fced1c41f
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fcc8641a1a3950e4b44ffd383ce04caeccfc2e78f28d7928bfc926800d43d4c
31f84ee71ea5bf581c43952c3f9782637ff26352b5187cf55605ece14b85acea
33534b7788433eca29ba936345295a56744ea4b340bf47d44ee60c91d59c2dd0
351b661f5071324acb495bdb9e3a33e9f0dd03053d2f3a951223887de7c4a0cd
3525951505a9ab7489c99527b26d5512a2d823f435c8cc14c47f84f86d05bc6b
35de11888553a889bedd2687dcb7ba55519f214cb777f8963aab79f61d94776b
365464596a5c65ba5f030f24682d1209a3a3752c2ddeef4ca875cd18e082e066
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f56367ea7b65fc2dd5774848780dcd2852230d6a2cbc2483fd4f752cd70d2f2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
4048fbb5d329592ca974e0c137e410a0955c2a03816ba2c18c07c061b93bc836
41b82806db61db808f4a3e9d68430dc3b2580b60e69f882b6d7b65d0a60bdad3
44ddd662154d74049c0e225cf8ffd6de8252d36bcdf95ee11e2fe8e4cbbd9a4c
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
48e15ee97ae2838f110be60c6174f23fb7b8bc6fec53c81a02d87de35fc86488
49120de5d47bd735b7fe51736fde6bfd75dcdadbe3862c7eff507f27214ad6c2
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4beff6cc9460db3c269d6bff107189217e78e137a074d34ce2179e06e1a8db91
4c0212e56472554ab8aa70ccea68e34115b091d9f0d8df929311d4e3b51a5f30
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e02c645453b50e3c726d649a0bfd39705e1a98be1471c2b59e5234935697edb
4e02d37077b94b11e5c20e73780940dbaa4a480a1e4949b64d0132d0cd5f8480
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c76c3ed8080d28a9380e937ff80c918f780b793671e716d7c004e643b8d24b
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5b05f626dad635b029ebd6f4989747d840821623450792926569314c283f599f
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
608e49e4887d0dc620f93be16a1320f1a8d48695f3ae3f31c5fab8ea97b1133f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
663da5c421727af323d163ff34dbb3083a01e46bf05dc30166ff78d3a6ea44b4
6a144c015e730f48da35f4e11ed11a1337c80334a5064482f1c6e40779d20ff4
6ad239cf88e093a68583a0dbb36d51546aecf3173643b63da6ddabd1a1efe9c3
6aee6599b678ca65aed3d15778767ba321e52449814c92099fd47584eb545814
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb9fa938894a51bcc3af12dbace92e05976377aa25363cb8758894eb7f567ed
72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4
75a3eb4dd9c41cb210678e6c0c63dfab0e68cd7b41c0f93830668795b66cea07
77fa7aaebbf0709f3d12cefb4528ebb3d43ce91a8652d1e0a89bb4431081a95a
78036050ca64c88f592631cf715269635c88191655e7c21f5434e3c27836e897
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7b9666f953c12db45b1e4b229e18eb97dfd6e6b4d43f7494bea3f6af4db5bc97
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
7d4295c22e3708320e27460f95a093bad9cae343d4bf47f0311ab9e2dd3fb9ab
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
7e80cccdcc04421b317d4153a34721a65e5f0ffe33fd85302a6671bd8f09eaac
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8236a4d608808856af09b9251e7b8a7d581597e8cca68a092b3573fc0b3ce294
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
8323864a85f324c5d644ecb492e79f22bcd7ab5b6d752fc815e98936adb4bd75
85344bb97aa113a5a5cea00cdd7c3aa1d317a49641bfeff51b31de9260f99c25
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26
87c3db3bd069cab6ee7dfed7229409ee72ff9501b2aa3117fb0c750afff69c69
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4af905a3cd200ef3ec11044beff81c4f016c72379da956d73ac0a9adf1bd70
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e900b2a718a9cbf53a13a8381c9e5ecea69dbc78239373875a8c6b4338951f8
8eb3393fdefbb4858cfd08a16826e254db919dd0b4778e72f5bb05b329212319
8fceb9666c98db92674eadc3bf22b5811f633e794c6400d43d9e1075e9d7618d
964b2a54bd84ec954555059e464fa907120819ab3a08bb58b7f3235009a61d81
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
968dad02a7e1420bdf8ab3109ae97d2621a336caa918dbcd553ddc15e7c7e5c7
97d1ee38890979ce4d59708f132b44c14f862b97b1a044385976bb3549378783
9f483d95a3ae3ec1568e733a6b10c146d6581d7fb35fbf44b6cb9d7972aaa38f
9f7003b0ed44409fdce206d20689a59802f1ce27a0329de0d3347548a1e87cfd
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5cca543bef8bdce745b85c727df2749655d907fe30721f07c36a68bff8785fa
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
a9fed990cafbb2625b3be0e0d10b1693f33949586eab2fff831cb595004a1481
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac1ccd31792cf0ef9095db79967c752a728bf09d44ab63a2a9c9cf03e835cdd4
acf3a01aa1b63a4ab6cca270b4fa30cb7c574166ac4897b25dfa71117cecc637
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b7e9fb2352c527e5107c56a16e190fe4fdd244c958d1903e8f2e5d62c8c9dfff
bef84f170ee40815cbbbaac84e3eb6ec8322f95f96999f81217c80f9e6a323b1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c1ebf0cfa731ab6c1c044cf5423597c43b6cb6d33e6fb35e817c4afd798d3fd6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5c1baab349ec18446a875adf124a73b28058a32cd9166a6bae8d183a0913add
c6553fced2c467e6dcab22c00b23521497d5c25f81facc22cfec9b330c418eac
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230
c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf
ca6c6248a3c499d7099515bce35d91fd1c60aa5ebb642352cfb4652c3f0b7f75
ca92d77c2d1c7c39f86a0feab4223131bea068006d0c58a75c9e951132e07731
cf37aaf6ede936d00f6d02f0a1ac9660c181c892ea5daecd8f2fedad95f5981c
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d6788654c3196661e23320c3e7cdfe99d79c7ce919e5cde4ca2d360c919f3eb2
d77f808f4ac1b28790944ad17fbba07ead59ab7464a0d055468e14742f569274
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db0e85ab85beb558bfaf3be4ca549643142d34df0f7da4ae29d98ea6b2220d0c
dc5453423408c64912bcee0b8c17daf0a1a046f1bde073600c3a106770212049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7532287ca26f44233095072fdcf6e5db368e315016ddac859c91e2f1b023f0
ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
ee0abb0d0b5d2733ea770a94fac8e7b51342171dc3aa2f5d9acfb11efe874e7a
f1bf0b6b028fc1eda4de19632dd3eaf099ad0856deb1930e3b31b0f45a0d0b37
f5e308ac2a006bbb916f5ccc4eda6230f7a6a3d79ff1e9c5cd7e2cef7b7bf2bf
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62