www.bigmir.net Open in urlscan Pro
52.222.214.80 Public Scan

URL: http://profile.bigmir.net/

URL: https://news.bigmir.net/
Title: Новини

URL: https://news.bigmir.net/ua/3916518-ukraine
Title: Україна

URL: https://news.bigmir.net/ua/3916519-world
Title: Міжнародні новини

URL: https://news.bigmir.net/ua/3916520-capital
Title: Столиця

URL: https://news.bigmir.net/ua/3916521-life
Title: Життя

URL: https://news.bigmir.net/ua/3916522-good-news
Title: Гарні новини

URL: http://sport.bigmir.net/
Title: Спорт

URL: http://sport.bigmir.net/football
Title: Футбол

URL: http://sport.bigmir.net/boks
Title: Бокс

URL: http://sport.bigmir.net/basketball
Title: Баскетбол

URL: http://sport.bigmir.net/hokey
Title: Хокей

URL: http://sport.bigmir.net/tenis
Title: Теніс

URL: https://finance.bigmir.net/
Title: Фінанси

URL: https://finance.bigmir.net/ua/2888093-news
Title: Економіка

URL: https://finance.bigmir.net/ua/2888095-business
Title: Бізнес

URL: https://finance.bigmir.net/ua/2888092-budget
Title: Особистий бюджет

URL: https://finance.bigmir.net/ua/2888096-realty
Title: Нерухомість

URL: https://finance.bigmir.net/ua/2888094-career
Title: Кар'єра та освіта

URL: https://auto.bigmir.net/
Title: Авто

URL: https://auto.bigmir.net/ua/5215874-autonews
Title: Авто новини

URL: https://auto.bigmir.net/ua/5215879-dtp
Title: ДТП

URL: https://auto.bigmir.net/ua/5215880-practice
Title: Автопоради

URL: https://auto.bigmir.net/ua/5215883-prikol
Title: Автоприколи

URL: https://auto.bigmir.net/ua/5215884-tests
Title: Тест-драйви

URL: http://techno.bigmir.net/
Title: Техно

URL: https://techno.bigmir.net/ua/5901890-technology
Title: Технології та Відкриття

URL: https://techno.bigmir.net/ua/5901891-discovery
Title: Космос

URL: https://techno.bigmir.net/ua/5901892-help
Title: Корисні поради

URL: https://techno.bigmir.net/ua/5901893-videogames
Title: Ігри

URL: https://afisha.bigmir.net/
Title: Афіша

URL: https://afisha.bigmir.net/2233213-gorod
Title: Місто

URL: https://afisha.bigmir.net/2233212-kino
Title: Кіно

URL: https://afisha.bigmir.net/2233211-muzyka
Title: Музика

URL: https://afisha.bigmir.net/ua/2233199-restorany
Title: Ресторани

URL: https://afisha.bigmir.net/2233198-iskusstvo
Title: Мистецтво

URL: https://afisha.bigmir.net/2233197-dosug
Title: Дозвілля

URL: https://afisha.bigmir.net/ua/dosug/7362108-dieta-pri-akne-kakie-produkty-polezny-a-chego-stoit-izbegat

URL: http://afisha.bigmir.net/
Title: Афіша

URL: https://news.bigmir.net/ua/ukraine/7362973-v-mariupole-fiksiruiut-aktivnoe-peremeshhenie-texniki-rossiian

URL: http://news.bigmir.net/
Title: Новини

URL: https://afisha.bigmir.net/ua/dosug/7362919-otets-andzheliny-dzholi-razocharovan-ee-zayavleniyami-v-podderzhku-palestintsev

URL: https://news.bigmir.net/ua/world/7362998-udar-po-korablyu-askold-v-kerchi-zastavit-rf-peredislotsirovat-flot-esche-dalshe-br

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7362781-nazvana-polza-ot-ezhednevnogo-poedaniya-supa

URL: https://news.bigmir.net/ua/world/7362903-ukraina-ostaetsia-na-pervom-meste-berbok

URL: https://afisha.bigmir.net/ua/dosug/7362134-kak-zaschitit-bizhuteriyu-ot-potemneniya-prostoj-lajfkhak

URL: https://news.bigmir.net/ua/ukraine/7362906-ignat-soobshhil-kakimi-bombami-rf-cashhe-bet-po-ukraine

URL: https://finance.bigmir.net/ua/budget/7362404-ukraintsam-umenshat-pensii-komu-i-kogda

URL: http://finance.bigmir.net/
Title: Фінанси

URL: https://news.bigmir.net/ua/ukraine/7362421-v-ukroboronprome-otsenili-uvelichenie-vypuska-oruzhiya

URL: https://afisha.bigmir.net/ua/muzyka/7363009-na-merajyu-keri-podali-v-sud-iz-za-plagiata-rozhdestvenskogo-khita-all-i-want-for-christmas-is-you

URL: https://afisha.bigmir.net/ua/dosug/7362935-edinstvennaya-zhena-elvisa-presli-priznalas-pochemu-ona-tak-i-ne-reshilas-na-vtoroj-brak

URL: https://techno.bigmir.net/ua/technology/7362300-predstavlen-paverbank-na-60-000-mach-v-vide-batarejki

URL: https://afisha.bigmir.net/ua/dosug/7362665-dumaete-tak-prosto-olga-sumskaya-pokazala-vozvraschenie-v-sportzal-s-docheryu

URL: http://otvet.bigmir.net/
Title: Питання-відповідь

URL: https://finance.bigmir.net/realty/lun
Title: Нерухомість

URL: http://market.umh.ua/
Title: Онлайн-магазин

URL: http://mail.bigmir.net/signin
Title: Пошта

URL: http://weather.bigmir.net/
Title: Погода

URL: https://news.bigmir.net/ua/ukraine/7363226-sbu-provodit-obyski-v-dvukh-khramakh-upts-mp-na-zakarpate-smi
Title: СБУ проводить обшуки в двох храмах УПЦ МП на Закарпатті - ЗМІ

URL: https://techno.bigmir.net/ua/discovery/7363182-tajna-stroitelstva-bolshogo-sfinksa-v-egipte-raskryta
Title: Таємницю будівництва Великого Сфінкса в Єгипті розгадано

URL: https://sport.bigmir.net/ua/boks/7363225-esli-ne-nokautiruiu-to-vybiu-vse-drmo-stivenson-obieiasnil-pocemu-uveren-v-pobede-nad-lomacenko
Title: "Якщо не нокаутую, то виб'ю все л*йно": Стівенсон пояснив, чому впевнений у перемозі над Ломаченком

URL: https://finance.bigmir.net/ua/budget/7363201-sberezheniya-ukraintsev-v-nalichnykh-dengakh-vyrosli
Title: Заощадження українців у готівці зросли

URL: https://afisha.bigmir.net/ua/dosug/7363137-eks-piarschitse-todorenko-do-sikh-por-pishut-iz-rf-po-povodu-semok-pevitsy-chto-ona-otvechaet
Title: Експіарниці Тодоренко досі пишуть із рф з приводу зйомок співачки: що вона відповідає

URL: https://finance.bigmir.net/ua/news/7363194-pochemu-nuzhno-sledit-za-tsvetom-gazovogo-plameni-otvet-naftogaz
Title: Чому потрібно стежити за кольором газового полум'я: відповідь Нафтогазу

URL: https://sport.bigmir.net/ua/football/europe/7363224-mikolenko-vosel-v-komandu-tura-apl-po-versii-whoscored
Title: Миколенко увійшов до команди туру АПЛ за версією WhoScored

URL: https://news.bigmir.net/ua/ukraine/7363181-daniya-vydelit-40-mln-evro-dlya-nikolaeva-mer
Title: Данія виділить 40 млн євро для Миколаєва - мер

URL: https://news.bigmir.net/ua/ukraine/7363156-imeet-novyj-simptom-na-rovenschine-zafiksirovali-novyj-subvariant-koronavirusa
Title: Має новий симптом: на Рівненщині зафіксували новий субваріант коронавірусу

URL: https://sport.bigmir.net/ua/football/europe/7363154-iaponskii-klub-provedet-blagotvoritelnyi-matc-s-saxterom
Title: Японський клуб проведе благодійний матч із Шахтарем

URL: https://finance.bigmir.net/ua/business/7363177-nike-podal-v-sud-na-new-balance-i-skechers-detali
Title: Nike подав до суду на New Balance та Skechers: деталі

URL: https://sport.bigmir.net/ua/boks/7363157-razmery-ne-igraiut-osobogo-znaceniia-promouter-rasskazal-v-cem-usik-prevosxodit-fiuri
Title: "Розміри не грають особливого значення": Промоутер розповів, чим Усик перевершує Ф'юрі

URL: https://afisha.bigmir.net/ua/dosug/7363110-tsarevna-lebed-vnuchka-rotaru-porazila-publiku-video-v-chernom-palto-na-goloe-telo
Title: "Царівна-Лебідь": онука Ротару вразила публіку відео в чорному пальті на голе тіло

URL: https://techno.bigmir.net/ua/technology/7363067-rejting-produktivnykh-smartfonov-kogo-priznali-luchshimi
Title: Рейтинг продуктивних смартфонів: кого визнали найкращими

URL: https://afisha.bigmir.net/ua/dosug/7363092-veduschij-khto-zverkhu-bogdan-sheludyak-rasskazal-o-simptomakh-svoego-redkogo-zabolevaniya
Title: Ведучий «Хто зверху?» Богдан Шелудяк розповів про симптоми свого рідкісного захворювання

URL: https://finance.bigmir.net/ua/news/7363114-vojna-v-ukraine-rf-polnostyu-unichtozhila-zapovednuyu-zonu-dzharylgachskogo-natsparka
Title: Війна в Україні: РФ повністю знищила заповідну зону Джарилгацького нацпарку

URL: https://news.bigmir.net/ua/ukraine/7363112-vsu-unichtozhili-rossijskij-solntsepek-i-dve-gaubitsy
Title: ЗСУ знищили російський Солнцепьок та дві гаубиці

URL: https://news.bigmir.net/ua/ukraine/7363111-v-krivom-roge-progremel-vzryv-vo-vremya-trevogi
Title: У Кривому Розі пролунав вибух під час тривоги

URL: https://news.bigmir.net/ua/ukraine/7363094-farion-raskritikovala-russkoyazychnykh-voennykh-ombudsmen-obratilsya-v-sbu
Title: Фаріон розкритикувала російськомовних військових: омбудсман звернувся до СБУ

URL: https://afisha.bigmir.net/ua/kino/7363062-peltrou-vyskazalas-o-pauze-v-karere-i-nazvala-aktera-kotoryj-mozhet-vernut-ee-v-kino
Title: Пелтроу висловилася про паузу в кар'єрі та назвала актора, який може повернути її до кіно

URL: https://sport.bigmir.net/ua/football/europe/7363089-dovbik-popal-v-komandu-nedeli-la-ligi-po-versiiam-whoscored-i-sofascore
Title: Довбик потрапив в команду тижня Ла Ліги за версіями WhoScored і SofaScore

URL: https://finance.bigmir.net/ua/rates/7363091-kto-mozhet-poluchit-lgoty-na-kommunalnye-uslugi
Title: Хто може отримати пільги на комунальні послуги

URL: https://techno.bigmir.net/ua/technology/7362996-vladeltsy-telegram-kanalov-mogut-delat-podarki-podpischikam
Title: Власники Telegram-каналів можуть робити подарунки підписникам

URL: https://sport.bigmir.net/ua/tenis/7363074-sventek-stala-pobeditelnicei-itogovogo-turnira-wta-i-vernula-status-pervoi-raketki-mira
Title: Швьонтек стала переможницею Підсумкового турніру WTA та повернула статус першої ракетки світу

URL: https://news.bigmir.net/ua/world/7363054-pervaya-gruppa-ukraintsev-poluchila-razreshenie-na-evakuatsiyu-iz-gazy-posol
Title: Перша група українців отримала дозвіл на евакуацію з Гази, - посол

URL: https://finance.bigmir.net/ua/business/7363044-banki-blokiruyut-scheta-pochemu-finansisty-eto-delayut
Title: Банки блокують рахунки: чому фінансисти це роблять

URL: https://news.bigmir.net/ua/ukraine/7356666-lekarstva-utiliziruj-planetu-spasaj-farmak-i-apteka-dobrogo-dnya-prizyvayut-kievlyan-sdavat-prosrochennye-lekarstva
Title: АктуальноЛіки утилізуй — планету рятуй! «Фармак» та «Аптека Доброго Дня» закликають киян здавати протерміновані ліки

URL: https://news.bigmir.net/ua/ukraine/7362981-pogranicniki-obezvredili-cetyre-vrazeskix-fpv-drona
Title: Прикордонники знешкодили чотири ворожі FPV-дрони

URL: https://news.bigmir.net/ua/capital/7363019-v-kieve-na-blokpostu-voditel-sbil-voennuyu
Title: У Києві на блокпосту водій збив військову

URL: https://afisha.bigmir.net/ua/dosug/7362968-prikhodko-otreagirovala-na-skandalnoe-video-s-potapom-v-dubae
Title: Приходько відреагувала на скандальне відео з Потапом у Дубаї

URL: https://techno.bigmir.net/ua/technology/7362976-a-sam-govoril-chto-ii-opasen-ilon-mask-zapuskaet-chat-bot-grok
Title: А сам казав, що ШІ небезпечний: Ілон Маск запускає чат-бот Grok

URL: https://news.bigmir.net/ua/ukraine/7362967-poteri-armii-rf-v-vojne-prevysili-306-tysyach-chelovek-genshtab
Title: Втрати армії РФ у війні перевищили 306 тисяч осіб, - Генштаб

URL: https://finance.bigmir.net/ua/news/7363136-vybory-v-ukraine-zelenskij-sdelal-zayavlenie
Title: Вибори в Україні: Зеленський зробив заяву

URL: https://sport.bigmir.net/ua/football/europe/7362975-sbrosis-ee-s-mosta-fanaty-mudrika-otreagirovali-na-uxazivaniia-mixaila-za-rossiiankoi
Title: Скинеш її з мосту: фанати Мудрика відреагували на "залицяння" Михайла до росіянки

URL: https://news.bigmir.net/ua/ukraine/7362956-rf-derzit-cetyre-korablia-v-cernom-more
Title: РФ тримає чотири кораблі у Чорному морі

URL: https://techno.bigmir.net/ua/technology/7362937-v-rf-zayavili-chto-polyarnoe-siyanie-v-ukraine-svyazano-s-sekretnym-oruzhiem
Title: У РФ заявили, що полярне сяйво в Україні пов'язане із секретною зброєю

URL: https://news.bigmir.net/ua/ukraine/7362936-rf-udarila-iz-artillerii-po-nikopolyu-povrezhden-khram-est-postradavshij
Title: РФ вдарила з артилерії по Нікополю: пошкоджено храм, є постраждалий

URL: https://news.bigmir.net/ua/ukraine/7362928-rossiiane-miniruiut-kriticeskuiu-infrastrukturu-v-xersonskoi-oblasti-gur
Title: Росіяни мінують критичну інфраструктуру на Херсонщині - ГУР

URL: https://news.bigmir.net/ua/ukraine/7362913-v-krymu-zaiavili-cto-oblomki-sbitogo-drona-ranili-grazdanskogo
Title: У Криму заявили, що уламки збитого дрона поранили цивільного

URL: https://news.bigmir.net/ua/world/7362603-v-rossii-predlozhili-sozdat-ministerstvo-schastya
Title: В Росії запропонували створити “міністерство щастя”

URL: https://news.bigmir.net/ua/world/7362588-polskie-perevozchiki-nachali-blokirovat-granitsu-s-ukrainoj-gpsu
Title: Польські перевізники почали блокувати кордон з Україною, - ДПСУ

URL: https://news.bigmir.net/ua/ukraine/7362566-vspyshka-gepatita-a-zafiksirovana-tolko-na-vinnitchine-v-ostalnykh-oblastyakh-edinichnye-sluchai
Title: Спалах Гепатиту А зафіксовано лише на Вінниччині, в решті областей - поодинокі випадки

URL: https://news.bigmir.net/ua/ukraine/7362540-nardepu-nikolaenko-soobschili-o-podozrenii-iz-za-smertelnogo-dtp-na-zhitomirschine
Title: Нардепу Ніколаєнку повідомили про підозру через смертельне ДТП на Житомирщині

URL: https://news.bigmir.net/ua/capital/7362507-prodaval-narkotiki-na-ostanovke-v-kieve-razoblachili-voditelya-marshrutki
Title: Продавав наркотики на зупинці: у Києві викрили водія маршрутки

URL: https://news.bigmir.net/ua/world/7362445-ukraina-polucit-strelkovoe-oruzie-iz-francii
Title: Україна отримає стрілецьку зброю із Франції

URL: https://news.bigmir.net/ua/life/7362469-zaluzhnyj-pishet-dissertatsiyu-v-odesskoj-yuridicheskoj-akademii-tema-zasekrechena
Title: Залужний пише дисертацію в Одеській юридичній академії: тема засекречена

URL: https://news.bigmir.net/ua/ukraine/7362423-po-vsej-ukraine-obyavili-vozdushnuyu-trevogu-chto-izvestno
Title: По всій Україні оголосили повітряну тривогу: що відомо

URL: https://news.bigmir.net/ua/ukraine/7362409-voennye-khoteli-zabrat-muzhchinu-iz-bolnitsy-v-voenkomat-v-khmelnitskom-ttsk-prokommentirovali-video
Title: Військові хотіли забрати чоловіка з лікарні до військкомату: у Хмельницькому ТЦК прокоментували відео

URL: https://news.bigmir.net/ua/ukraine/7362364-okkupanty-vyvezli-zivotnyx-iz-zapovednika-askaniia-nova-v-rossiiu-cns
Title: Окупанти вивезли тварин з заповідника Асканія-Нова до Росії - ЦНС

URL: https://news.bigmir.net/ua/world/7362275-smi-uznali-o-resenii-putina-otnositelno-vyborov
Title: ЗМІ дізналися про рішення Путіна відносно виборів

URL: https://news.bigmir.net/ua/ukraine/7362299-v-vozdushnykh-silakh-pokazali-nochnoe-unichtozhenie-shakhedov-v-odesskoj-oblasti
Title: У Повітряних силах показали нічне знищення “Шахедів” на Одещині

URL: https://news.bigmir.net/ua/ukraine/7362222-vsu-za-nedeliu-unictozili-10-batalyonov-rossiian
Title: ЗСУ знищили 10 батальйонів росіян за тиждень

URL: https://news.bigmir.net/ua/world/7362255-v-kazakhstane-anonsirovali-vizit-putina
Title: У Казахстані анонсували візит Путіна

URL: https://news.bigmir.net/ua/world/7362220-inflyatsiya-v-rf-privedet-k-uvelicheniyu-raskhodov-na-vojnu-protiv-ukrainy-br
Title: Інфляція в РФ призведе до збільшення витрат на війну проти України, - БР

URL: https://news.bigmir.net/ua/ukraine/7362168-okkupanty-planiruiut-remontirovat-doma-v-lnr-za-scet-grazdanskix-oga
Title: Окупанти планують ремонтувати будинки в "ЛНР" коштом цивільних - ОДА

URL: https://news.bigmir.net/ua/ukraine/7362197-udar-po-128-j-brigade-v-zaporozhe-v-ogshb-prokommentirovali-tragediyu
Title: Удар по 128-й бригаді на Запоріжжі: в ОГШБ прокоментували трагедію

URL: https://news.bigmir.net/ua/ukraine/7362136-zelenskii-predlozil-rade-prodlit-voennoe-polozenie-i-mobilizaciiu
Title: Зеленський запропонував Раді продовжити воєнний стан і мобілізацію

URL: https://news.bigmir.net/ua/ukraine/7362153-v-shpole-17-letnij-voditel-sbil-dvukh-detej-malchik-skonchalsya-na-meste-ego-sestru-gospitalizirovali
Title: У Шполі 17-річний водій збив двох дітей: хлопчик помер на місці, його сестру госпіталізували

URL: https://news.bigmir.net/ua/capital/7362135-tragediya-v-kievskom-metro-na-stantsii-pochajna-umer-muzhchina
Title: Трагедія у київському метро: на станції Почайна помер чоловік

URL: https://finance.bigmir.net/ua/news/7363030-tseny-na-khleb-v-ukraine-snizilis
Title: Ціни на хліб в Україні знизилися

URL: https://finance.bigmir.net/ua/business/7362997-glavy-mirovykh-bankov-predupredili-o-vozmozhnom-krizise
Title: Глави світових банків попередили про можливу кризу

URL: https://finance.bigmir.net/ua/business/7362473-kurs-valyut-na-7112023-dollar-podeshevel
Title: Курс валют на 7.11.2023: долар подешевшав

URL: https://finance.bigmir.net/ua/business/7362466-obemy-snyatiya-nalichnykh-s-kart-ukrainskikh-bankov-za-rubezhom-snizilis
Title: Обсяги зняття готівки з карток українських банків за кордоном знизилися

URL: https://finance.bigmir.net/ua/budget/7362436-v-kabmine-predlozhili-esche-odin-istochnik-dlya-vyplaty-subsidij
Title: У Кабміні запропонували ще одне джерело для виплати субсидій

URL: https://finance.bigmir.net/ua/news/7362315-natsbank-ne-planiruet-snizhat-uchetnuyu-stavku-v-2024-godu
Title: Нацбанк не планує знижувати облікову ставку у 2024 році

URL: https://finance.bigmir.net/ua/news/7362221-ukrainu-mozhet-ozhidat-ekonomicheskij-krizis-minfin
Title: На Україну може очікувати економічна криза: Мінфін

URL: https://finance.bigmir.net/ua/budget/7362254-v-irlandii-sokratyat-pomosch-ukrainskim-bezhentsam
Title: В Ірландії скоротять допомогу українським біженцям

URL: https://finance.bigmir.net/ua/news/7362100-skolko-raket-proizvodit-rossiya-otvet
Title: Скільки ракет виробляє Росія: відповідь

URL: https://finance.bigmir.net/ua/budget/7362088-voennoe-polozhenie-i-mobilizatsiyu-v-ukraine-snova-prodlyat
Title: Військовий стан та мобілізацію в Україні знову продовжать

URL: https://finance.bigmir.net/ua/budget/7362051-kak-oformit-invalidnost-vo-vremya-voennogo-polozheniya-otvet-minzdrava
Title: Як оформити інвалідність під час воєнного стану: відповідь МОЗ

URL: https://finance.bigmir.net/ua/news/7362033-missiya-mvf-nachala-rabotu-v-ukraine-detali
Title: Місія МВФ розпочала роботу в Україні: деталі

URL: https://finance.bigmir.net/ua/business/7360512-kurs-valyut-na-6112023-dollar-podeshevel
Title: Курс валют на 6.11.2023: долар подешевшав

URL: https://finance.bigmir.net/ua/realty/7360486-dostupnoe-zhile-dlya-molodezhi-kabmin-prodlit-programmu
Title: Доступне житло для молоді: Кабмін продовжить програму

URL: https://finance.bigmir.net/ua/budget/7360464-shtraf-politsii-skolko-stoit-osporit-v-ukraine
Title: Штраф поліції: скільки коштує оскаржити в Україні

URL: https://finance.bigmir.net/ua/budget/7360450-pravila-bystrykh-kreditov-v-ukraine-perepishut
Title: Правила "швидких кредитів" в Україні перепишуть

URL: https://finance.bigmir.net/ua/news/7360423-nbu-mozhet-snizit-uchetnuyu-stavku-usloviya-daty
Title: НБУ може знизити облікову ставку: умови, дати

URL: https://finance.bigmir.net/ua/budget/7360409-vykhod-na-pensiyu-v-2024-godu-kakoj-trudovoj-stazh-nuzhen
Title: Вихід на пенсію у 2024 році: який трудовий стаж потрібен

URL: https://finance.bigmir.net/ua/news/7360291-vozmozhen-li-defitsit-elektroenergii-v-ukraine-otvet
Title: Чи можливий дефіцит електроенергії в Україні: відповідь

URL: https://finance.bigmir.net/ua/news/7360280-chto-budet-s-tsenami-na-produkty-v-ukraine-prognoz
Title: Що буде з цінами на продукти в Україні: прогноз

URL: https://finance.bigmir.net/ua/business/7360302-biznes-v-ukraine-ukhudshil-delovye-ozhidaniya
Title: Бізнес в Україні погіршив ділові очікування

URL: https://finance.bigmir.net/ua/rates/7360078-moratorij-na-povyshenie-kommunalnykh-tarifov-kogda-otmenyat
Title: Мораторій на підвищення комунальних тарифів: коли скасують

URL: https://finance.bigmir.net/ua/news/7360044-kabmin-odobril-proekt-gosbyudzheta-ukrainy
Title: Кабмін схвалив проект держбюджету України

URL: https://finance.bigmir.net/ua/business/7359551-kurs-valyut-na-3112023-dollar-stabilizirovalsya
Title: Курс валют на 3.11.2023: долар стабілізувався

URL: https://finance.bigmir.net/ua/business/7359542-kak-izmenenie-uchetnoj-stavki-v-ukraine-povliyaet-na-depozity
Title: Як зміна облікової ставки в Україні вплине на депозити

URL: https://finance.bigmir.net/ua/news/7359448-dtek-vyigral-sud-v-gaage-protiv-rossii
Title: ДТЕК виграв суд у Гаазі проти Росії

URL: https://finance.bigmir.net/ua/news/7359410-ukraina-vo-vremya-vojny-podnyalas-v-mirovom-rejtinge-demokratij
Title: Україна під час війни піднялася у світовому рейтингу демократій

URL: https://finance.bigmir.net/ua/business/7359440-nbu-prodal-rekordnyj-s-leta-2022-goda-obem-dollarov
Title: НБУ продав рекордний з літа обсяг доларів

URL: https://finance.bigmir.net/ua/business/7359424-nestle-popala-v-spisok-sponsorov-vojny-napk
Title: Nestle потрапила до списку спонсорів війни НАЗК

URL: https://finance.bigmir.net/ua/business/7359293-v-germanii-odobrili-uproschenie-trudoustrojstva-bezhentsev
Title: У Німеччині схвалили спрощення працевлаштування біженців

URL: https://finance.bigmir.net/ua/news/7359231-chto-budet-s-tsenami-v-ukraine-prognoz-minekonomiki
Title: Що буде з цінами в Україні: прогноз Мінекономіки

URL: https://finance.bigmir.net/ua/business/7359198-uroven-kriminala-v-ukraine-snizilsya-na-15-procent
Title: Рівень криміналу в Україні знизився на 15%

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7362734-uchenye-nashli-novyj-sposob-opredelyat-vozrast-lyudej
Title: Учені знайшли новий спосіб визначати вік людей

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7362719-spetsialisty-vychislili-prichiny-obmorokov
Title: Фахівці вирахували причини непритомності

URL: https://techno.bigmir.net/ua/videogames/7362653-eto-interesno-ps5-slim-za-450-500-doll-razobrali-na-video-na-detali
Title: Це цікаво: PS5 Slim за 450/500 дол розібрали на відео на деталі

URL: https://techno.bigmir.net/ua/technology/7362570-naskolko-lyudi-dovolnykh-gadzhetami-apple-rejting
Title: Наскільки люди задоволені гаджетами Apple - рейтинг

URL: https://techno.bigmir.net/ua/discovery/7362443-v-rovno-raskopana-elitnaya-usadba-vremen-kievskoj-rusi
Title: У Рівному розкопано елітну садибу часів Київської Русі

URL: https://techno.bigmir.net/ua/technology/7362367-vysotnyj-razvedchik-dlya-raketnykh-udarov-v-rf-nachali-letat-samolety-m-55-geofizika
Title: Висотний розвідник для ракетних ударів: у РФ почали літати літаки М-55 "Геофізика"

URL: https://techno.bigmir.net/ua/technology/7362175-kakie-versii-android-sejchas-stoyat-na-smartfonakh-v-raznykh-stranakh
Title: Які версії Android зараз популярні

URL: https://techno.bigmir.net/ua/discovery/7362070-mir-mozhet-pogibnut-do-kontsa-veka-prognoz
Title: Світ може загинути до кінця століття - прогноз

URL: https://techno.bigmir.net/ua/technology/7362034-otsenka-naroda-kakie-smartfony-lyudi-lyubyat-bolshe-vsego
Title: Оцінка народу: які смартфони люди люблять найбільше

URL: https://techno.bigmir.net/ua/videogames/7361981-takoj-kompyuter-u-bolshinstva-lyudej-v-mire-dannye-steam
Title: Такий комп'ютер має більшість людей у світі - дані Steam

URL: https://techno.bigmir.net/ua/discovery/7361960-nukemap-skolko-budet-zhertv-posle-yadernogo-udara-po-moskve-i-piteru
Title: Nukemap: скільки буде жертв після ядерного удару по Москві та Пітеру

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7360720-odna-bessonnaya-noch-vliyaet-na-depressiyu
Title: Одна безсонна ніч впливає на депресію

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7360717-poyavilsya-novyj-sposob-dlya-borby-s-boleznyu-altsgejmera
Title: З'явився новий спосіб для боротьби з хворобою Альцгеймера

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7360657-yubilejnye-apple-watch-zakhotyat-kupit-mnogie
Title: Ювілейні Apple Watch захочуть купити багато хто

URL: https://techno.bigmir.net/ua/discovery/7360645-v-kievskoj-oblasti-arkheologi-raskopali-zolotoj-klad
Title: У Київській області археологи розкопали золотий скарб

URL: https://techno.bigmir.net/ua/technology/7360629-nazvany-novye-smartfony-samye-moschnye-na-rynke
Title: Названо нові смартфони, найпотужніші на ринку

URL: https://techno.bigmir.net/ua/discovery/7360547-byli-prikovany-k-grobu-v-polshe-najdeno-kladbische-vampirov
Title: Були прикуті до труни: у Польщі знайдено кладовище "вампірів"

URL: https://techno.bigmir.net/ua/technology/7360446-esche-na-odnikh-smartfonakh-zamenyayut-android
Title: Ще один виробник вирішив замінити Android

URL: https://techno.bigmir.net/ua/technology/7360402-nadvodnye-drony-sonobot-5-iz-germanii-chto-oni-mogut-foto
Title: Надводні дрони Sonobot 5 з Німеччини Україні: що вони можуть, фото

URL: https://techno.bigmir.net/ua/discovery/7360232-lyudi-nachnut-massovo-pitatsya-nasekomymi-uchenye
Title: Людям варто почати харчуватися комахами - вчені

URL: https://techno.bigmir.net/ua/technology/7360187-naskolko-windows-11-ne-lyubyat-v-mire-naglyadnye-foto
Title: Наскільки Windows 11 не люблять у світі: наочні фото

URL: https://techno.bigmir.net/ua/technology/7360109-s-nachalom-vojny-250-tys-ukraintsev-ushli-na-frilans
Title: З початком війни понад 250 тис українців пішли на фріланс

URL: https://techno.bigmir.net/ua/technology/7360027-google-chrome-perestanet-obnovlyatsya-na-starykh-smartfonakh
Title: Google Chrome перестане оновлюватися на старих смартфонах

URL: https://techno.bigmir.net/ua/technology/7360012-android-nazvali-instrumentom-massovoj-slezhki
Title: Android назвали інструментом масового стеження

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7359838-kakie-produkty-vyzyvayut-u-lyudej-mozgovoj-tuman
Title: Які продукти викликають у людей "мозковий туман"

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7359817-nabor-vesa-pri-beremennosti-svyazan-s-riskom-smerti-v-buduschem
Title: Набір ваги під час вагітності пов'язаний із ризиком смерті в майбутньому

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7359803-u-muzhchin-kotorye-lyubyat-polzovatsya-smartfonom-stradaet-sperma
Title: У чоловіків, які люблять користуватися смартфоном, страждає сперма

URL: https://techno.bigmir.net/ua/meditsina-i-zdorove/7359777-nagrevayut-i-nanosyat-na-kozhu-v-ukraine-raznesli-populyarnyj-metod-lecheniya
Title: Нагрівають і наносять на шкіру: в Україні рознесли популярний метод лікування

URL: https://techno.bigmir.net/ua/technology/7359734-seksualnaya-revolyutsiya-kak-rabotaet-pervyj-v-mire-kiberbordel
Title: Сексуальна революція: як працює перший у світі кібербордель

URL: https://techno.bigmir.net/ua/technology/7359619-novaya-krylataya-raketa-dlya-su-57-okkupantov-kakie-kharakteristiki-imeet-i-v-chem-ee-ugroza
Title: Нова крилата ракета для Су-57 окупантів: які характеристики має та загрозу

URL: https://techno.bigmir.net/ua/technology/7359481-top-luchshikh-nedorogikh-smartfonov-chto-mozhno-vybrat-sebe
Title: ТОП найкращих недорогих смартфонів - що можна вибрати собі

URL: https://techno.bigmir.net/ua/technology/7359368-pochemu-slozhno-obespechit-mobilnuyu-svyaz-pri-blekautakh-kommentarij-eksperta
Title: Чому складно забезпечити мобільний зв'язок під час блекаутів - коментар експерта

URL: https://techno.bigmir.net/ua/discovery/7359332-vo-vsem-vinovaty-lyudi-uchenye-zagovorili-o-novoj-opasnosti-dlya-zemli
Title: У всьому винні люди: вчені заговорили про нову небезпеку для Землі

URL: https://sport.bigmir.net/ua/boks/7362926-fiuri-ne-budet-gotov-na-23-dekabria-promouter-britanca-podtverdil-perenos-boia-s-usikom
Title: "Ф'юрі не буде готовий на 23 грудня": Промоутер британця підтвердив перенесення бою з Усиком

URL: https://sport.bigmir.net/ua/football/europe/7362870-mudrik-polucil-srednie-ocenki-za-matc-s-tottenxemom
Title: Мудрик отримав середні оцінки за матч із Тоттенгемом

URL: https://sport.bigmir.net/ua/football/europe/7362856-celsi-razgromil-tottenxem-v-matce-apl-so-scetom
Title: Челсі з Мудриком у складі розгромив знекровлений Тоттенгем

URL: https://sport.bigmir.net/ua/football/europe/7362843-futbolist-celsi-mixail-mudrik-vyzval-skval-kritiki-svoim-kommentariem-v-instagram
Title: Мудрик у Instagram запропонував "зустрітися на мосту" російської моделі

URL: https://sport.bigmir.net/ua/football/europe/7362828-liverpul-i-iuventus-v-oxote-za-zvezdoi-napoli-zelinskim-ianvarskii-transfer-na-gorizonte
Title: Ліверпуль та Ювентус посперечаються за зірку Наполі

URL: https://sport.bigmir.net/ua/football/europe/7362812-londonskoe-derbi-tottenxem-protiv-celsi-v-11-m-ture-apl
Title: Мудрик залишився в запасі на матч проти Тоттенхема

URL: https://sport.bigmir.net/ua/football/championleague/7362780-pusic-gotov-k-barselone-opredelilsia-s-sostavom-i-izucaet-ukrainskii-pusic-gotov-k-barselone-opredelilsia-s-sostavom-i-izucaet-ukrainskii
Title: Пушич: Дайте мені півроку, і я говоритиму українською мовою

URL: https://sport.bigmir.net/ua/football/europe/7362779-byvsii-glava-nokia-planiruet-kupit-futbolnyi-klub-inter
Title: Колишній топ-менеджер Nokia планує купити Інтер

URL: https://sport.bigmir.net/ua/football/ukraine/7362773-spasatelnyi-gol-karabina-obespecivaet-ruxu-niciu-v-matce-protiv-oboloni-spasatelnyi-gol-karabina-obespecivaet-ruxu-niciu-v-matce-protiv-oboloni
Title: Рух вирвав нічию у матчі проти Оболоні

URL: https://sport.bigmir.net/ua/football/europe/7362760-zlatan-ibragimovic-vozvrashhenie-v-milan-v-novoi-roli
Title: Особисте прохання власника клубу: Ібрагімович може повернутися до Мілана

URL: https://sport.bigmir.net/ua/football/europe/7362738-arsenal-gotovit-15-millionnyi-transfer-belgiiskogo-talanta-vermerena
Title: Арсенал та Барселона в гонитві за талантом з Антверпена

URL: https://sport.bigmir.net/ua/football/championleague/7362736-saxter-i-barselona-gotoviatsia-k-resaiushhemu-matcu-ligi-cempionov-1405-bolelshhikov-v-ozidanii
Title: Барселона забронювала понад тисячу квитків для своїх фанатів на матч із Шахтарем

URL: https://sport.bigmir.net/ua/football/ukraine/7362708-polese-i-krivbass-razdelili-ocki-v-kliucevom-matce-13-go-tura-upl
Title: Битва лідерів УПЛ: Полісся та Кривбас зіграли внічию

URL: https://sport.bigmir.net/ua/football/europe/7362675-barselona-gotovitsia-k-rasstavaniiu-s-alonso-i-roberto-detali-predstoiashhix-izmenenii-v-komande
Title: Два футболісти можуть покинути Барселону після закінчення контрактів

URL: https://sport.bigmir.net/ua/football/europe/7362676-puiol-gotov-obsudit-povedenie-vinisiusa-zuniora-on-zasluzivaet-vosxishheniia
Title: Легенда Барселони - про Вінісіуса: Йому потрібно змінити поведінку

URL: https://sport.bigmir.net/ua/football/europe/7362639-ancelotti-gotov-prodlit-kontrakt-s-realom-otkazav-brazilii
Title: Анчелотті готовий відмовити збірній Бразилії на користь Реалу

URL: https://sport.bigmir.net/ua/football/europe/7362615-niukasla-odolevaet-arsenal-gordon-zabivaet-zorzinyo-otkazyvaetsia-pozimat-ruki
Title: Одноклубника Зінченка звинуватили у відсутності поваги

URL: https://sport.bigmir.net/ua/football/europe/7362614-vozmozen-li-perexod-v-barselonu-vse-vozmozno-georgii-sudakov
Title: Судаков відреагував на чутки про трансфер до Барселони

URL: https://sport.bigmir.net/ua/football/europe/7362571-novicok-bundesligi-xaidenxaim-vedet-peregovory-s-dzeromom-boatengom
Title: Новачок Бундесліги веде переговори з екс-футболістом Баварії

URL: https://sport.bigmir.net/ua/football/europe/7362552-matteus-gotov-vypit-piva-s-tuxelem-moia-rol-kritikovat
Title: Маттеус готовий випити пива з Тухелем: "Моя робота - критикувати"

URL: https://sport.bigmir.net/ua/football/europe/7362523-rekordnaia-prazdnovatelnaia-golevaia-feeriia-16-zeltyx-kartocek-v-cesskom-futbole
Title: Рекордна феєрія: команда із Чехії отримала 16 жовтих карток

URL: https://sport.bigmir.net/ua/football/europe/7362470-travma-vynudila-pavara-pokinut-pole-vozvrashhenie-ozidaetsia-ne-ranee-konca-goda
Title: Захисник Інтера вибув до кінця року

URL: https://sport.bigmir.net/ua/football/ukraine/7362386-nikogda-ne-zabudu-sidorcuk-trogatelno-prokommentiroval-otstavku-lucesku-iz-dinamo
Title: "Ніколи не забуду": Сидорчук зворушливо прокоментував відставку Луческу з Динамо

URL: https://sport.bigmir.net/ua/football/europe/7362365-fanaty-milana-gotoviat-akciiu-protiv-svoego-byvsego-golkipera
Title: Фанати Мілана готують акцію проти свого колишнього голкіпера

URL: https://sport.bigmir.net/ua/football/other-countries/7362351-molodoi-bolelshhik-boka-xuniors-pokoncil-s-soboi-posle-porazeniia-kluba-v-finale-kubka-libertadores
Title: Молодий уболівальник Бока Хуніорс наклав на себе руки після поразки клубу у фіналі Кубка Лібертадорес

URL: https://sport.bigmir.net/ua/football/europe/7362338-saudovskaia-liga-zainteresovana-v-kapitane-miu
Title: Саудівська ліга зацікавлена в капітані МЮ

URL: https://sport.bigmir.net/ua/boks/7362298-progreis-sdelal-prognoz-na-boi-usik-fiuri
Title: Прогрейс зробив прогноз на бій Усик - Ф'юрі

URL: https://sport.bigmir.net/ua/football/europe/7362272-na-otrestavrirovannom-kamp-nou-poiavitsia-kolumbarii-dlia-fanatov
Title: На відреставрованому Камп Ноу з'явиться колумбарій для фанатів

URL: https://sport.bigmir.net/ua/football/other-countries/7362273-fanaty-portlenda-vystupili-protiv-vozmoznogo-naznaceniia-fila-nevilla
Title: Фанати Портленда виступили проти можливого призначення Філа Невілла

URL: https://sport.bigmir.net/ua/football/ukraine/7362240-rux-obolon-onlain-transliaciia-matca-cempionata-ukrainy
Title: Рух - Оболонь: онлайн-трансляція матчу чемпіонату України

URL: https://sport.bigmir.net/ua/football/ukraine/7362204-dnepr-1-aleksandriia-onlain-transliaciia-matca-cempionata-ukrainy
Title: Дніпро-1 - Олександрія: онлайн-трансляція матчу чемпіонату України

URL: https://sport.bigmir.net/ua/football/ukraine/7362186-borba-za-cempionstvo-onlain-transliaciia-matca-polese-krivbass-v-cempionate-ukrainy
Title: Боротьба за чемпіонство: онлайн-трансляція матчу Полісся - Кривбас у чемпіонаті України

URL: https://sport.bigmir.net/ua/boks/7362165-cisora-sdelal-smelyi-prognoz-na-vozmoznyi-boi-s-ngannu
Title: Чісора зробив сміливий прогноз на можливий бій з Нганну

URL: https://afisha.bigmir.net/ua/dosug/7362335-supermodel-khajdi-klum-poyavilas-na-svetskom-meropriyatii-v-plate-ukrainskogo-brenda

URL: https://auto.bigmir.net/ua/autonews/autoworld/7362638-top-10-populyarnykh-avto-kotorye-vezut-v-ukrainu-iz-za-rubezha-rejting

URL: http://auto.bigmir.net/
Title: Авто

URL: https://auto.bigmir.net/ua/autonews/law/7362589-v-ukraine-razreshat-zabirat-broshennye-avto-u-vladeltsev-bez-resheniya-suda

URL: https://auto.bigmir.net/ua/autonews/autoworld/7362557-polskie-perevozchiki-perekryli-dvizhenie-na-trekh-kpp-na-granitse

URL: https://auto.bigmir.net/ua/dtp/7361985-v-kieve-stolknulis-dva-velosipedista-ne-oboshlos-bez-postradavshikh

URL: https://auto.bigmir.net/ua/dtp/7360215-smertelnoe-dtp-s-deputatom-na-trasse-kiev-chop-chto-izvestno

URL: https://mediadim.com.ua/donate/
Title: Допомогти Bigmir)net

URL: https://z.cdn.umh.ua/go?z=1251227032&m=1571298478&c=2087788163&p0=1498993105&p1=1454040516&u=4071ca9d42f5f96f&t=1699359724&n=3180852644133407468&h=3019021239

URL: https://www.facebook.com/bigmir.net/
Title: Bigmir.net

URL: https://twitter.com/BigmirNet

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bigmir.net/ HTTP 301
http://www.bigmir.net/ HTTP 301
https://www.bigmir.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6061574857477564043&gdpr=0&gdpr_consent=

Request Chain 96

https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTIwS1h4Z25QYlRUbEtXaWFVaWs5LUJxZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGEyMEtYeGduUGJUVGxLV2lhVWlrOS1CcWciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGEyMEtYeGduUGJUVGxLV2lhVWlrOS1CcWciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGEyMEtYeGduUGJUVGxLV2lhVWlrOS1CcWciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=1361606161466983843&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGEyMEtYeGduUGJUVGxLV2lhVWlrOS1CcWciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=a20KXxgnPbTTlKWiaUik9-Bqg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
https://a.audrte.com/match?uid=6177029572012779073&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 97

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dsmartadserver%26bsw_param%3D2af17206-4c39-4426-b0d9-b0bc126fb13d%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=1e747e1545ea4a15ab7e846ea505998d&ssp=smartadserver&bsw_param=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=0&gdpr_consent=

Request Chain 98

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=6177029572012779073&gdpr_pd=0&gdpr=0&gdpr_consent=

Request Chain 100

https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=69541446abac1f5098d755fedbe14aca&gdpr=0&gdpr_consent=0

Request Chain 101

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1361606161466983843&gdpr=0&gdpr_consent=

Request Chain 103

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177029572012779073&gdpr=0&gdpr_consent=

Request Chain 104

https://gaua.hit.gemius.pl/_1699359724594/rexdot.js?l=100&sendf=24&id=oqJKuLb4q92bD8o1_dIkKeVEjzLdCJugqj2nCiBOT1j.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.bigmir.net%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=thRqM29bcwZTbKJyL29ghu3r3rPGkWp8Wx1D.vMcraX.h7UD4N5G7Nc0fmlTErn.1ox7Ew8kDHVMmIPHf0nziIWb0Zqm/S2iy4k6FkWk9P/&fpdata=4YEVYnEUKnksg2O7sfWnxORb9G0MVBLZSKakNFJySRP.X7&ltime=238&fr=1&ref=&inner=_ver%3D344%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=654a2bec14d2bc9b&brts=1699359724&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1699359724594/rexdot.js?l=100&sendf=24&id=oqJKuLb4q92bD8o1_dIkKeVEjzLdCJugqj2nCiBOT1j.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.bigmir.net%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=thRqM29bcwZTbKJyL29ghu3r3rPGkWp8Wx1D.vMcraX.h7UD4N5G7Nc0fmlTErn.1ox7Ew8kDHVMmIPHf0nziIWb0Zqm/S2iy4k6FkWk9P/&fpdata=4YEVYnEUKnksg2O7sfWnxORb9G0MVBLZSKakNFJySRP.X7&ltime=238&fr=1&ref=&inner=_ver%3D344%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=654a2bec14d2bc9b&brts=1699359724&fpcap=

Request Chain 115

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WGsO_Vw8X_9DPwyqC2kXqFZoCqlDPwKoXW-7ABsW

Request Chain 116

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177029572012779073&gdpr=0&gdpr_consent=

Request Chain 117

https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f6cb461-fdbc-40e4-8120-3eab33f46660&gdpr_consent=null&gdpr=0

Request Chain 131

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6177029572012779073&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6177029572012779073&gdpr=0&gdpr_consent=&dcc=t

Request Chain 132

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09c52204002845bc6b2526cf&gdpr=0&gdpr_consent=

Request Chain 133

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1699359724844 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=5537389448 HTTP 302
https://sync.1rx.io/usersync/turn/3902553163541891453?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003

Request Chain 146

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 151

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b49ab052-7da8-4ace-8c47-5f133b21373c

Request Chain 153

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=fd0e52bab8704110

Request Chain 155

https://sync.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D HTTP 308
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-uwene47UrBtCPXf8FQCt9vN18qJy8rJIQCotljcP&gpp={gpp}&gpp_sid={gpp_sid}

Request Chain 157

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2632159300098532563

Request Chain 158

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2632159300098532563

Request Chain 159

https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310531%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D%26extuid%3D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=

Request Chain 160

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1699359724845 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3593311417 HTTP 302
https://sync.1rx.io/usersync/turn/3974610757579819389?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003

Request Chain 161

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=2632159300098532563

Request Chain 163

https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f6cb461-fdbc-40e4-8120-3eab33f46660&gdpr_consent=null&gdpr=0

Request Chain 165

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WGsO_Vw8X_9DPwyqC2kXqFZoCqlDPwKoXW-7ABsW

Request Chain 166

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3NzAyOTU3MjAxMjc3OTA3Mw==&gdpr=0&gdpr_consent=

Request Chain 173

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=b49ab052-7da8-4ace-8c47-5f133b21373c&p_id=23

Request Chain 175

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=377f896e-ea24-4e72-b19b-0deaaa93bf1a&gdpr=0&gdpr_consent= HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-Zj4VROrGyU8bxS6Xd1medN6sqDd5clefiiYp7g&gdpr=0&gdpr_consent= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=2af17206-4c39-4426-b0d9-b0bc126fb13d&p_id=15

Request Chain 181

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D144401b13976ccf6%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=144401b13976ccf6&uid=2632159300098532563

Request Chain 182

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D144401b13976ccf6%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=144401b13976ccf6&uid=ua-2705ce22-8736-3473-960c-20398ba589a5

Request Chain 186

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D144401b13976ccf6 HTTP 302
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=144401b13976ccf6

Request Chain 187

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 189

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1

Request Chain 193

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=Efk0iW3jenXZYLKIXdtw&pi=admatic&tc=1

Request Chain 194

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D HTTP 303
https://sync.console.adtarget.com.tr/csync?t=a&ep=749789&extuid=1361606161466983843&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]

Request Chain 195

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d0bd0817c6ef7715

Request Chain 199

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=3c3a7b71-dc70-4b36-85af-0591a0393a5f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Request Chain 206

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3734704e-e462-46c4-553f-4ccd3c5b9eee&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3734704e-e462-46c4-553f-4ccd3c5b9eee&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=66926321668100127701407397920038140505&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Request Chain 209

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7298694443027396765&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Request Chain 210

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=3734704e-e462-46c4-553f-4ccd3c5b9eee HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=3734704e-e462-46c4-553f-4ccd3c5b9eee

Request Chain 211

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3734704e-e462-46c4-553f-4ccd3c5b9eee&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361 HTTP 307
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3734704e-e462-46c4-553f-4ccd3c5b9eee&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361&bounce=1&random=2766871090 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=THnSsDfkUEljbL6qQs707u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Request Chain 213

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=3734704e-e462-46c4-553f-4ccd3c5b9eee?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Request Chain 214

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-uRnOhcBE2oriKi__jz006mP4D6inZH50yw--~A&zpartnerid=570&env=mWeb

Request Chain 215

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=FSWCphXIKdE5wusvFFtYPC9gar5EZo%2BN%2BS41iYitP1U%3D

Request Chain 219

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361&_test=ZUor7QAB_szyBAAU HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZUor7QAB_szyBAAU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Request Chain 220

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Request Chain 221

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361&dcc=t

Request Chain 223

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Request Chain 227

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LI66FSjZ6xc32rhCf4yjQCKNvkE32rZAKYq0Kux1&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Request Chain 238

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUor7Z4UU-hWCJDb6mefDwAA%263228&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUor7Z4UU-hWCJDb6mefDwAA%263228&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7816f7df713744fa91c6054a17f0e88d HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=7816f7df-7137-44fa-91c6-054a17f0e88d HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=8b6c6049-2c51-4e1d-ad5d-6f56564feafc%3A1699359726.2291152&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8b6c6049-2c51-4e1d-ad5d-6f56564feafc%253A1699359726.2291152%26_%3D1699359726.2318807&cb=1699359726.231919 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527315016434&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8b6c6049-2c51-4e1d-ad5d-6f56564feafc%253A1699359726.2291152%26_%3D1699359726.2318807 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=8b6c6049-2c51-4e1d-ad5d-6f56564feafc%3A1699359726.2291152&_=1699359726.2318807

Request Chain 239

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUor7Z4UU-hWCJDb6mefDwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUor7Z4UU_hWCJDb6mefDwAADJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_cver=1

Request Chain 242

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2632159300098532563

Request Chain 244

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e3e2626866d64ae89c496a52ed4d5ce5&expiration=1701951725

Request Chain 265

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=2632159300098532563

Request Chain 266

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_cf641c77-b627-4e73-935c-d61973b9dd80&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=61efbd2f-fd74-474d-910b-c06fdc084f73&expires=1&user_group=2&ssp=gumgum2&bsw_param=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=&gdpr_consent=&us_privacy=

Request Chain 268

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-6dcf07c5-1057-5e93-51fb-358faf99561d$ip$45.141.152.77

Request Chain 269

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-WzHg00RE2pfKVZcj.U63L9r3_3SiqkfmiplR~A

Request Chain 270

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=5c4d8c79-e9e1-45c8-a32f-adf659431aaf

Request Chain 272

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_cf641c77-b627-4e73-935c-d61973b9dd80&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 273

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=WLZpwYuILB19&ev=1&pid=558355

Request Chain 276

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=1361606161466983843&gdpr=&gdpr_consent=

Request Chain 281

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZUor7sCo8X4AAPsST.AAAAAA

Request Chain 282

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=Efk0iW3jenXZYLKIXdtw&pi=gumgum

Request Chain 283

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 284

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

Request Chain 285

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUor7Z4UU-hWCJDb6mefDwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED8xO0FZDahY0GPyUcUj6bs&google_cver=1

Request Chain 287

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYzMjE1OTMwMDA5ODUzMjU2Mw%3D%3D

Request Chain 311

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

Request Chain 312

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUor7Z4UU-hWCJDb6mefDwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED8xO0FZDahY0GPyUcUj6bs&google_cver=1

Request Chain 314

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYzMjE1OTMwMDA5ODUzMjU2Mw%3D%3D

Request Chain 317

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1&google_push=AXcoOmRia350C-C28bB2oOqjObNTbn4BH-3klYA08DoWRxKFpdOuiOY9cyU98pjcssw40Dbz49RrHXQvWqsNbtXGtpFMvS_h2Jh_Aw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk3NDYxMDc1NzU3OTgxOTM4OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1

Request Chain 318

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMI9EDcwf9ZhTp2frrkQvsA&google_cver=1&google_push=AXcoOmRkRLKr8b4qLL6OTmReQaAoj_RcDRoKkdtw8kdsJ0np2kEYoIjegz7lLjSB76WcZHSBVXaST-CvtOqvk3rgZgXvp1HMuTDY HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRkRLKr8b4qLL6OTmReQaAoj_RcDRoKkdtw8kdsJ0np2kEYoIjegz7lLjSB76WcZHSBVXaST-CvtOqvk3rgZgXvp1HMuTDY&google_hm=_URHVHF2AqLbSmHbC1ftcA

Request Chain 321

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC3y0VO-4G3qkyu16CWT73Y&google_cver=1&google_push=AXcoOmTB9VC7rHoLiCXcAvVDvx9JhLQegadawJLk8_ZOLftUtPJ6xFZlKtdNpjo1fkxPPjL1H2h9DE2a8L2vIh5jcLQ8l3F9HxN1bA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC3y0VO-4G3qkyu16CWT73Y&google_cver=1&google_push=AXcoOmTB9VC7rHoLiCXcAvVDvx9JhLQegadawJLk8_ZOLftUtPJ6xFZlKtdNpjo1fkxPPjL1H2h9DE2a8L2vIh5jcLQ8l3F9HxN1bA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTB9VC7rHoLiCXcAvVDvx9JhLQegadawJLk8_ZOLftUtPJ6xFZlKtdNpjo1fkxPPjL1H2h9DE2a8L2vIh5jcLQ8l3F9HxN1bA&google_hm=HncmuGZH4L_gjnngQwCf3ATq

Request Chain 330

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1&google_push=AXcoOmSmBmhHibvOgAdJf4VXYeyHEZfGisWRxPQ9D-jDhDU7yOV-21DBQpH5DJPxLgWQGCCRRHKiLWFRixwCAYUz9BxiUwBByLqg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk3NDYxMDc1NzU3OTgxOTM4OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1

Request Chain 331

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ0qRqt6SAI_sB1okuN1Oho&google_cver=1&google_push=AXcoOmTaoPEN5bjkSUTNG2-XMGXNNJidFdIq8LKe2qg9ryxVF0yzJSIoZB2-L7rqKAc93ba1U-6TxUej1uuNzgylt7kNMLoennJY HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ0qRqt6SAI_sB1okuN1Oho&google_cver=1&google_push=AXcoOmTaoPEN5bjkSUTNG2-XMGXNNJidFdIq8LKe2qg9ryxVF0yzJSIoZB2-L7rqKAc93ba1U-6TxUej1uuNzgylt7kNMLoennJY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0NMTDN5MUkxUjBsNVE1&google_gid=CAESEJ0qRqt6SAI_sB1okuN1Oho&google_cver=1&google_push=AXcoOmTaoPEN5bjkSUTNG2-XMGXNNJidFdIq8LKe2qg9ryxVF0yzJSIoZB2-L7rqKAc93ba1U-6TxUej1uuNzgylt7kNMLoennJY

Request Chain 333

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENXzpfGkCo6w8ENLbEmxhyA&google_cver=1&google_push=AXcoOmTfMcQZ0j2hVUPI76o_FUmonBeD9SjDaM3suoPMVkOH0wpZ2zt7Oy84hjZXKlpnSsHklySv1DQ7mywLzEB_23HY9LZtz7I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTfMcQZ0j2hVUPI76o_FUmonBeD9SjDaM3suoPMVkOH0wpZ2zt7Oy84hjZXKlpnSsHklySv1DQ7mywLzEB_23HY9LZtz7I&google_hm=eS1YT0FMcTVsRTJwRWtDNXBJV3owNDg3a1JKM0JaUkpPNH5B

Request Chain 335

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_cver=1&google_push=AXcoOmTJBpoODlnyHGUogJMJhkrnqd_KUNlafF56Oj_o1PGbZG54WxmI04PiyIxqViOH34V1miVTRFDpGMk_hzJqm62sBBKi84pu HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_hm=ZUor7Z4UU_hWCJDb6mefDwAADJwAAAIB&google_nid=index&google_push=AXcoOmTJBpoODlnyHGUogJMJhkrnqd_KUNlafF56Oj_o1PGbZG54WxmI04PiyIxqViOH34V1miVTRFDpGMk_hzJqm62sBBKi84pu

Request Chain 361

https://gcdn.2mdn.net/videoplayback/id/9b5a90deaef69fa9/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,itag,source,requiressl,ratebypass,mime/signature/77CF3144696E24DFD704EACCB5ACB66A8A201168.021CE97062636D5D9EA6AD7952989493EB99BDF1/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/9b5a90deaef69fa9/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/1E47C97A232B0F3D3921B89569BD15AD6829409A.0F9452FB1D3CB9121CA4AA50B4949D7AF808A3C9/key/cms1/cms_redirect/yes/mh/kf/mip/2001:ac8:20:3a00:1012:fd4a:4021:8d2c/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1699359401/mv/m/mvi/5/pl/50/file/file.mp4

Request Chain 385

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEA-PjR7hCYPf8XSczkBzi8E&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=1e747e1545ea4a15ab7e846ea505998d

Request Chain 386

https://x.bidswitch.net/sync?ssp=admixer&user_id=1e747e1545ea4a15ab7e846ea505998d&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://pixel-eu.onprospects.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadmixer%26gdpr%3D%25gdpr%26gdpr_consent%3D%25_gdpr_consent HTTP 301
https://pixel-eu.onaudience.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadmixer%26gdpr%3D%25gdpr%26gdpr_consent%3D%25_gdpr_consent&onp HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0a2336e63bd7a7cb/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D270%2526expires%253D10%2526user_id%253D39puKE4JagXYYUnUYhQTgTjh%2526ssp%253Dadmixer%2526gdpr%253D%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D39puKE4JagXYYUnUYhQTgTjh%26ssp%3Dadmixer%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=39puKE4JagXYYUnUYhQTgTjh&ssp=admixer&gdpr=&gdpr_consent= HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=&consent=&gdpr_pd=

392 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bigmir.net/
Redirect Chain

http://bigmir.net/
http://www.bigmir.net/
https://www.bigmir.net/

253 KB
46 KB

25ms
8ms

Document
text/html

52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f0a65e869459d1d87b6047f7479d956fce21911a2242f88c5d388a836a2abed0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 12:21:24 GMT
server: nginx
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-id: Lqmh8mFe0M6csWcGY_pPvnBqTxrSH-nhgQ2qcRsGQdCE4lL_YGSuFQ==
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Tue, 07 Nov 2023 12:22:03 GMT
Location: https://www.bigmir.net/
Server: CloudFront
Via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ILkA4VLRSmdc1ZRpp9-VV8zL7-Hd1zLHa_zzWZhjTi5yZAFZuoZWfQ==
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Redirect from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 49ms
21ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3119939-34

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85c68c70e321fa92a5c5bdb6edca13267ffd3e3b79bfcd194c4174461ad8ffce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68735
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Nov 2023 12:22:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 92ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

656d0ca9afbf69c340c8ce6bb894ac594273dfc5f1961f36d1121800fb534387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigmir.net/
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52087
x-xss-protection: 0
server: cafe
etag: 10399579103615157609
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 12:22:03 GMT

GET
H2 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 6 KB
3 KB 37ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 623809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2517
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1936"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyzOqbC4FwZHWA6M80QILRDdtjK3S1ZhznWpx%2B%2FKEhnsvd2QKGutEwS0IbnpB2qfado%2F8Pmdo%2FzvoBs3WwjKtrW%2BboQ%2BIhFE%2FzXi7yOcfK3Gx%2FEmMZdtG0Xt5TTSAnsdPUmOro9kdvX7Ra17DHq11cWW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a20ae88367d-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 common.css
api.phnx.click/css/ 571 B
464 B 159ms
40ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/css/common.css?1
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-23b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notice.css
api.phnx.click/common/CookiesNotice/ 945 B
663 B 158ms
39ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/common/CookiesNotice/notice.css?3
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-3b1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/ 152 KB
17 KB 39ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bigmir.net/
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4122813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17210
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-2606e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snhv9vSBp%2FKaCA7pPGwxXHSJVBfidK6o1xOzDXLIJXJN4VqxotRyZkTnFaFbgv35Qo%2BL%2FTxAd%2FNwV09pHXa2629YIYEVxpoPcfHZ9AUQR8tq6Bth5HkCGmrLjclftGu1sln9O%2F1efQP0Rrp%2BNXylskSj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a20afb1bbdf-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 69 KB
10 KB 45ms
24ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 13286700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10277
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1137b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvTd4W%2FQuDGpI%2FQTqxCF9tId%2BXbnxN%2F4dWNJLDhk8ICv8NblKzm4YvFasLMAuc53Kli6o6gPWHQsPwqKqsTD8GwZLkTjRMoq1xrOf97TCZEXY%2FV00%2FK%2BXpK3JvUWXc6CKbMTZKBh%2Fs8b5Rswg9IYNYz1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a20ae8c367d-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/ 19 KB
3 KB 41ms
20ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/swiper.min.css

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4561391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2581
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4d42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRtzrl2fwizhKA2ny44Qa7MaDZ6C6BDJ128HAcZ0mrq4xQoQ8SKas%2Buiq0%2F%2BBo9vcUTApQ9TJMS6DLy8MkO6aEErIdGwUPPbsP2J2cOgjDfXQ4iRpuygCtVpGuoPeafmLOx21n4MFXzQDETeAC49LQkP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a20ae8d367d-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/ 68 KB
10 KB 36ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2220650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10228
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-111e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FymnO2AXKlYroV7cUfYrpbVbwF2FsY%2FywiZFmYeoBnrNhQIEr3BtQljaNc6llZxWPSuYDMFYr%2B7yfhtQvaiOVq69kKXvVI0s2tVLHHesBJsXc3e8iOEMldVS%2Fud73BkyI0AVktZX4cN4oLi63zUubKgI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a20ae8e367d-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 v30
www.bigmir.net/css/style.min.css/ 60 KB
11 KB 9ms
8ms Stylesheet
text/css 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigmir.net/css/style.min.css/v30
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b25f9e2b1169eb720d74277d6e4f04c67e49aa5c2ad6063c02027133dae3992d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:12:51 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 665
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-f0c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: qSQLJ1CDrk2oysQSUBP6O3VT7XsiTgHCeDet2ZjOh7tXnFkWFBPojQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bigmir_logo.svg
www.bigmir.net/images/ 3 KB
2 KB 10ms
9ms Image
image/svg+xml 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/bigmir_logo.svg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4dc92f851f399cec8c999939d166f9988b1ae20b71da0a876859dced7787e756

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:43:37 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2317
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-d51"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: 3uUKcqDvJYbx0jNJLQF7j4-SyD-IQuzDS7hIAWscTeC-x42a9vI3oQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slogan_ua.svg
www.bigmir.net/images/ 6 KB
2 KB 35ms
26ms Image
image/svg+xml 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/slogan_ua.svg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5301aceaadf04855ce89d71566a1ff854745688a049e6051720fdf4497ec4b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:14:45 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 439
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-1791"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: MX6Uh_a2ci3R0XcitwJC3i-cRYiyLa241xeioqmuWIVgrnflTakUuw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0.jpg
www.bigmir.net/ 631 B
1 KB 11ms
10ms Image
image/jpeg 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/0.jpg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:15:24 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 408
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: "6229f95c-277"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: paSBNOAQJqt3uj6LwKqdHRK5uBL_bMFmn9-WTErEAGUlFgsHdZI88g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dfe6fde80f5207fbf9c997a4b61d3fde-quality_55Xresize_crop_1Xallow_enlarge_0Xw_300Xh_230.jpg
www.bigmir.net/i/73/63/08/4/7363084/ 23 KB
23 KB 36ms
28ms Image
image/jpeg 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/i/73/63/08/4/7363084/dfe6fde80f5207fbf9c997a4b61d3fde-quality_55Xresize_crop_1Xallow_enlarge_0Xw_300Xh_230.jpg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec18871ff2755e5572d6b18ce84a90e761d4aa7cef936e738922dd583ad79d97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:08:40 GMT
x-amz-version-id: 4RdG1vkok4z4Z6Z65WRk2JeqjDUoB3Kd
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 12:07:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 804
etag: "9db56b4693154ad7bb02c708bf45a5db"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 23340
x-amz-cf-id: bzfAFOo_P13yfPcb3aXFLjSUuueiH8_6FEpWQCxc6uNvtuj9WhWobQ==

GET
H2 200 2ebe64db55e7c990f6dd1923e4c61648-quality_55Xresize_crop_1Xallow_enlarge_0Xw_300Xh_230.jpg
www.bigmir.net/i/73/62/99/2/7362992/ 16 KB
16 KB 35ms
27ms Image
image/jpeg 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/i/73/62/99/2/7362992/2ebe64db55e7c990f6dd1923e4c61648-quality_55Xresize_crop_1Xallow_enlarge_0Xw_300Xh_230.jpg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b0ef07f4077514a175bfddae4b4ec3936395fee794089d6c9e6d1c8ff1dc45a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:08:58 GMT
x-amz-version-id: W7vj.b_GXpXk2C1Jq15_5Afy7bH.g0NN
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 11:08:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 4386
etag: "f3a8bf3bab2dcb3b9a77831ae4964b1d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 16183
x-amz-cf-id: LCD0b2PvnLZT5En1BK4RPv3Bwy8EjX5niBojJVts-A0J2GZl0qp4ww==

GET
H2 200 c02b98eeadafedbeda76658792f37bc1-quality_55Xresize_crop_1Xallow_enlarge_0Xw_300Xh_230.jpg
www.bigmir.net/i/73/62/37/1/7362371/ 33 KB
33 KB 44ms
36ms Image
image/jpeg 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/i/73/62/37/1/7362371/c02b98eeadafedbeda76658792f37bc1-quality_55Xresize_crop_1Xallow_enlarge_0Xw_300Xh_230.jpg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71b39c6d443054d468367a85fc987dd5aa50169d2aa16900f949ba6ba7584662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 10:38:49 GMT
x-amz-version-id: P.Sd61Lewk3jLt.xYGBHXbM5DNrCIXs4
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 10:37:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 6195
etag: "239bf2ffba11727a870aafe3f97b2032"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 33591
x-amz-cf-id: Boc0fEecQOagzLF3-MZX4vpVGrX-O1eIEUBg7Ye1BedP9bAq0JhIoA==

GET
H2 200 0a8cfdd50fe0a9a53d4079cc082eb206-quality_55Xresize_crop_1Xallow_enlarge_0Xw_300Xh_230.jpg
www.bigmir.net/i/73/62/72/3/7362723/ 11 KB
11 KB 45ms
37ms Image
image/jpeg 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/i/73/62/72/3/7362723/0a8cfdd50fe0a9a53d4079cc082eb206-quality_55Xresize_crop_1Xallow_enlarge_0Xw_300Xh_230.jpg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fc20d09ce6159f2cee0b9a6954ef51f433c41e168424f72b252763334c110eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 10:07:57 GMT
x-amz-version-id: otS9JfaPd.uw2nwMgadvfednJEjSyVjc
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 10:07:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 8047
etag: "fd700a7fce4d84af23ac24cf7fe3a587"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 10775
x-amz-cf-id: Z2wpkkiTLiV65Z--k53k8hZqpVMU0g7K74HghkJhRZoRK4txsJ6uwg==

GET
H2 200 icons1_1.svg
www.bigmir.net/images/infographics/ 3 KB
2 KB 48ms
41ms Image
image/svg+xml 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/infographics/icons1_1.svg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 793c44e50d8abe3e843853231b78efd1f1f3ba9568ce018b117324b5ed8eae23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:24:15 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3468
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: j3S1kxMfBhgVgaGowZ3pQxeQ2w3gY8Zuw0LxUt1qRIwaKlQKzFh99A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons1_3.svg
www.bigmir.net/images/infographics/ 4 KB
2 KB 49ms
42ms Image
image/svg+xml 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/infographics/icons1_3.svg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e6b9aa99c53ab784ee685797a1c24589b7987adc20ffb19f46c0d55b09a9a6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:24:15 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3468
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-1047"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: yWL5JYPcqj3cSs4eKjgezkkwlkf5MctZWyNdNQ8QXEHQTszwVcHCGA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons1_5.svg
www.bigmir.net/images/infographics/ 3 KB
2 KB 50ms
43ms Image
image/svg+xml 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/infographics/icons1_5.svg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3ceb68e7f3b4ed330d00cacd0ec89dd0bc7c82899cebf10c734d49974da2cfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:24:15 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3468
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-ae1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: jS5prwHgY5OFWWmDbpnsdWAMnnGQcNqAnGxiYRhvpiWGFTSL8NslwA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons1_6.svg
www.bigmir.net/images/infographics/ 3 KB
2 KB 49ms
42ms Image
image/svg+xml 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/infographics/icons1_6.svg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ef2d07327b8dfaca4b366b0e9196f9b733af40e9f71d46989fc0af0eeb003736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:40:05 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2546
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-dcd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: 5sCE747-co1-XDVqDxbzbMIcieazqLGIt0xzuW16AN5B7LTY5H6h8A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons1_7.svg
www.bigmir.net/images/infographics/ 4 KB
2 KB 50ms
43ms Image
image/svg+xml 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/infographics/icons1_7.svg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0c7b58a1c733ea4ae23bfdecee84fccc3a22c8254f89638e15b706c21563d347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:24:15 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3468
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-e5f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: 8ElyGkn8_kgVCAZho1Lb5IZJFVI-OqhcNCiyYQHylutbbAQ9AAvOeQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hb_738585_17138.js Show response
player.adtcdn.com/prebidlink/472044/ 2 KB
1 KB 78ms
22ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/472044/hb_738585_17138.js
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 140f8d436d4361ceb6e7fa8d2a032d1d5386a8107366e58a8b7255678306816c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 21:28:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 487
etag: W/"65456601-62e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8R9vFYUJWhILbjDtHsoHQZY5xyAK0fhru%2B8p2%2F83ycE62v0yh4E8EXDpNmHCppuG%2FoMxr0c7SktU5HCfLKIKcU9Ung0R%2BcHIVPrCNcspvJsX9WOuNBIB09x%2BaJyGzN0wIdzp0jtPEvWkuhGzIwJ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 82258a21fff93a96-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 Nov 2023 12:28:56 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 164ms
109ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcbd8d3581cafe78c2188ae0c72ea567ad5a45e67ad3f84854fe89b0a4e223e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31198
x-xss-protection: 0
server: cafe
etag: 218 / 19668 / m202311020101 / config-hash: 1945623305254661660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 12:22:03 GMT

GET
H2 200 wrapper_hb_738585_17138.js Show response
player.adtcdn.com/prebidlink/472044/ 3 KB
2 KB 75ms
20ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/472044/wrapper_hb_738585_17138.js
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 192445ae91cf66ee062c8278d052b8967df4385b56ca1eb7c85c253c463db08b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 21:28:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 487
etag: W/"65456601-a28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6R2nJsZBE%2B1EpXtD8LU4D%2FW5bbeYBcxpXRLlRFIcwyUWgl5e6w1%2BvSOmzF4Uh01Zh0aqQ6n68lVCzEkdVq9MxauYms8OAeXRfiGg%2B54FsMyfqwhD5AFdDRKNYuNb9OeX4jT3O2q8oXdrRASCFIWKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 82258a220ffc3a96-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 Nov 2023 12:28:56 GMT

GET
H2 200 logo_black.svg
www.bigmir.net/images/ 3 KB
2 KB 48ms
44ms Image
image/svg+xml 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/logo_black.svg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f6caa170de803ed71f8eecf2f4d7fdeb4d5df27b869e99bab46437fa3fde0b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:34:34 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2849
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-c73"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: S1fz79OGeGGijsCV1B50gBTuXfMa5EctvN3gJj-POO2s5awiKmY2jQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
27 KB 14ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bigmir.net/
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8962078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27755
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6c6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdjsB9l9137WiXBAqfoZ5hO%2BLptjzHi7RdZz8UZvoStzAHJibB4MsduRHYBvlkVqaiBcWzn3o2QG4ag5OccNpXRyDZnMLr1fdTW0jAU83FuR0Ko9Y%2B08pOy1Pw5SSgntYF5PNalCo9XK6cyc0zq4L9K7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a20afbcbbdf-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/ 125 KB
29 KB 16ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/swiper.min.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 480654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28876
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-1f3be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2DTzfM%2B4zDAKgMnfKYgayhRLPWrpOCqJmXr47Sni32mikUuWFxbC%2F0zpwq0MQTXeOKrCXgEIs9YA4oRfeugKxDZyYCu3mT%2BPSm%2FH1MvSxygOQJlVhRDtvze9VzSu5q%2BAM3czhzxV5MdiOumU17II1o%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a20ae99367d-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/ 77 KB
19 KB 22ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.bundle.min.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bigmir.net/
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1706886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19586
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-1332b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMQ4tY7Zv2Z4Fz6EnmVNeiXKLstanfWgES7n7LZaDQ6%2Bmox%2Fi7kC%2FIzZP%2B9KKqz7%2FHkA24HRy9uUaVOwRK%2FlQY9PuJgJQh11AU3Dhl1ixjhfVT7n0sltCZ45y4Br4rNK509Ubc5Uvj3QzmqsNeDbOdjJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a20cfdebbdf-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 5 KB
2 KB 22ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.min.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11862722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2090
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-139e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHq6FapbutyBe1TBvPSWjvZ4QoEmYlAypJDEYflig%2F%2FSP3%2FG39rHViM16jENOcC%2BfhEy6qvxMOnQ6a56zqi%2BZQb%2BQhhzHmME%2FUu9g%2BdLrH9Pw%2FMOWl%2BLBPD3GLT%2FqQO93XiBG1b3rU8uUILxQFYJLRBs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a20dec6367d-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H3 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 4 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.plugins.min.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ecbd48276f3dec75c9f9c8f9f638ad2aeb5b74c387a731cefade25466e9ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 460002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1296
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-113c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AK0lQR6%2B8jZltveeFL5DDmA%2FPG9KMNoGdkqvAu5Col8ZFfCD0AztlSl9k4%2BI9W3FHYCUrx1U9I71qwY4PTDBNVrfqBKup%2FmEOX3MPDj%2BXKOTI1rG2Qb29BYhoqU6dauS2EMlFF8VwY2pBTLdg98Zd2eF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a211a134d93-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 v30 Show response
www.bigmir.net/js/script.min.js/ 25 KB
9 KB 8ms
6ms Script
application/javascript 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigmir.net/js/script.min.js/v30
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 81e110088e2a84e4e449f314de1127493ffcd35ec5a129f8db4ac4a5b39e2e60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:26:44 GMT
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3339
x-cache: Hit from cloudfront
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-64e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: JHjHiNEguce2j5kBwfHNOcIMYlXrk5XL87DxpS5cDXNxc78ptZYcbQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 article-stat-v2.js Show response
api.phnx.click/js/ 976 B
607 B 45ms
41ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/js/article-stat-v2.js?8
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-3d0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 31ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1193345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 591
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XP0k7mD0yhoJQ3EUUMfpjclU0ieDFNJtpFjyDjh3Z5aBm5o6%2BTni7DJeFINsOYS4i5eWyECDW2dopoC0Wprtc9hyd8qE4IDhMvcG9naA4UR%2F48TgA9AlZ%2BWGCe7d6BrXjqzpgK2Zi453eHnhLV8qMz%2Fi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a219abd4d93-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H3 200 md5.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 4 KB
2 KB 29ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 489543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1339
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-eb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKjbEpYJX1Vxx0zvDaNM3SdGq12j1eTR%2FjT5MtC6KLybpNzH8m6cg5G1bI%2FbMSGNzX%2BIjmeiy9VsX2CdftDodwfzl1wHOyvaRzmYYa2SzYkzVCTxP4XIf7KqniWr4Igq9FMPSpNouBK1kq3J3ngK0Hwi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a219abe4d93-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H3 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 5 KB
2 KB 49ms
41ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 640237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1763
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1483"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIFXuY%2F9TtvxQmEOI8cK6Cg0mRcKUDq%2B3ZQhEsfz12PFNrVWyRpNk%2F4hBDx%2Fyx%2BYhTdNrb4Ar4P%2BAXZVU5CzvEmo2Jp1XNl8BBBwxmcxLpthQHEXtOeAf2Ag4m6Sq%2Bu95a3%2B6wZX7dActX4XTkD5GMIT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a21baf44d93-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H2 200 common.js Show response
api.phnx.click/js/ 3 KB
1 KB 61ms
52ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/js/common.js?1
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-a00"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notice.js Show response
api.phnx.click/common/CookiesNotice/ 648 B
516 B 63ms
54ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/common/CookiesNotice/notice.js?2
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: W/"6229f95c-288"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
93 KB 38ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-78HCHY8Y8G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3119939-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adad89ca457e84447b0b721223845d35c63bbbfa6700bb61454ce577a519653e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Nov 2023 12:22:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 58ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3119939-34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 11:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1831
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 07 Nov 2023 13:51:32 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 141ms
98ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=www.bigmir.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cad34bcb4da72e5e35e21a4e73a7207b2248bbd3116f1b97bb17a272b59c0dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138485
x-xss-protection: 0
server: cafe
etag: 194875393511252600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 12:22:03 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/ Frame 5E6D 9 KB
4 KB 61ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 03:25:07 GMT
etag: 16674218716276178799
expires: Tue, 21 Nov 2023 03:25:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e.js Show response
cdn.umh.ua/libs/ 11 KB
5 KB 78ms
7ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.umh.ua/libs/e.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

nginx /

Resource Hash

257ae897eb8307e45ebba08e4b65969625e876e20d3b99c9593f3e5bab3f7db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
last-modified: Fri, 14 Oct 2022 11:29:20 GMT
server: nginx
etag: W/"63494810-2c5c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: X-PINGOTHER
expires: Wed, 08 Nov 2023 12:22:03 GMT

GET
H2 200 s
r.i.ua/ 43 B
571 B 146ms
64ms Image
image/gif 104.18.2.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.i.ua/s?u11&p0&n0.3976685344905193&c1&d24&w1600&h1200&rwww.bigmir.net/
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: no-cache, must-revalidate
cf-ray: 82258a223d624db1-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 67 KB
19 KB 197ms
50ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: f4852c9989535b26a978711ee9cd8e88638600d206e25a00fd49355b14736ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:58:36 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 19409
expires: Wed, 08 Nov 2023 00:22:03 GMT

GET
DATA 200
OK truncated
/ 993 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63a4bf15abeb77ef561d24f641db51e430dc0eeb812ceb61291917af285e646c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 150 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a6b1f2a69030360d976cb5747c10049dc96e48c3d265a977569eecdd31fd57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4a3b412c348c6afbb30e59621b99d16b6f50f79fed44335adf860ab00e36f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 PT_Sans-Web-Regular.woff
www.bigmir.net/f/ 55 KB
55 KB 23ms
6ms Font
application/font-woff 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bigmir.net/f/PT_Sans-Web-Regular.woff
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/css/style.min.css/v30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9eedf0ec7ac31d39e8e312fb0ca16abbb60c2caeed8f85c900f44edda9eb0eb9

Request headers

Referer: https://www.bigmir.net/css/style.min.css/v30
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:33:46 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2930
x-cache: Hit from cloudfront
content-length: 55868
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: "6229f95c-da3c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://www.bigmir.net
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 1xOwdVk09n4eeH82Se7Jpj7X1AUQbJ0EP7NxG6zjJrkTGCVZbaoffw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 74 KB
74 KB 35ms
27ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5cc0e72c3b89f5345e3e04ae5db4fbcb91daff763a05f6fbc1d0783f90918d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 546063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75408
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrTKVN1O0ByKkUX%2FutYF5Koha2lUKvAHTvoh7tZTUqnBs0UjG8o1%2BUjf4lIMFR8tDl4qFfgf3y5clxFkfCWDO0bXKPHrKE3Gse2mG8BkMI39wsMMvJwNfETpbx74qBKET8waTNWcsYC2ncy7TRX2s2aq"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a21faf62be2-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 13 KB
14 KB 28ms
20ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9b401a5d10a1817be22708d87eebd91c68691c4845ea85d7131e0989cff57ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 450823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13584
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-3510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQhXc4XGO38kh7m0eczC7KxXqGWHcxkM4ehKDNTxTKw6RAPAPbnQl2unxoVWFiDhGezBlpxjEK7%2Fv3U3DYZCdqLOOqbkTB8Z63NOPTQtZNJZGtx6YnS%2BAuPIrl9f9PNHmPlvy2xvr0xfXVGA7l2rGwrO"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a21fafa2be2-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 128 B
419 B 206ms
37ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v1624&s23&t0&c1&n537071&w0&y0&d24&r1600
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 65ae06ca9af1859f594aa976d606b8e6cfecffbe8c961033d00cfb3fc5cf72bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 preload.gif
www.bigmir.net/images/ 6 KB
6 KB 14ms
12ms Image
image/gif 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/preload.gif
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/css/style.min.css/v30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4c59ab70e95550f7b13544dec9b81269a7cf0e56b8f5b1e80f23d69d17e9c62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/css/style.min.css/v30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:14:06 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 477
x-cache: Hit from cloudfront
content-length: 6031
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: "6229f95c-178f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 0LaCa54yNXbP44-DH-M0vxa_NcG6x8MiYDApaUdxZf-QEqYm99khXQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 73 KB
73 KB 16ms
15ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1afde4119681731d643192853bbbcb8e251ad415d364de687ebf8072781837d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:03 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 483783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74524
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1231c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEtZQlIvtlfXHPtz5vB2OF0VGTJqtHv34FW0JRshkVXxkJd7AV%2Bb18DiJtmocWc%2FYYBAifn1CD7ZahF%2FmzvxyMGhWux9mmLyZWnCg6nAR2Ye9RZKE6s%2FVscOt0oEHHbWe21JbOP%2B0hlA2%2FZ%2FvckUIYzm"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82258a22cbf42be2-FRA
expires: Sun, 27 Oct 2024 12:22:03 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 22ms
20ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=109753063&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bigmir.net%2F&ul=en-us&de=UTF-8&dt=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1050311759&gjid=1859634093&cid=1614114469.1699359724&tid=UA-3119939-34&_gid=367381502.1699359724&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&jsscut=1&z=423448250

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bigmir.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bigmir.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hbp_master_738585_17138.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 418 KB
134 KB 52ms
10ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_738585_17138.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/472044/hb_738585_17138.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: bad804a55bcd8d66747e3f2b71b74b45b75dd78b46f8b740791dc8995362d430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 12:22:04 GMT
date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 19:48:05 GMT
server: nginx
etag: W/"6542ab75-68689"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 hbw_master_738585_17138.js Show response
player.adtelligent.com/prebidlink/QdbVQ/ 144 KB
43 KB 69ms
27ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/472044/wrapper_hb_738585_17138.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81652fde088d07d219119e55f0103f1649dacc302791a233c7ae23f889f63ff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 12:22:04 GMT
date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 21:28:33 GMT
server: nginx
etag: W/"65456601-24102"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 load Show response
z.cdn.umh.ua/ 3 KB
2 KB 19ms
7ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=2138114110&div=zone_2138114110&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 46a33d24cc34f48ec546575f5e74019efe81b3d38a67b39c41afaff3a7faf0a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-length: 1414
expires: -1

GET
H2 204 load Show response
z.cdn.umh.ua/ 0
292 B 18ms
6ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1904497226&div=zone_1904497226&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache, must-revalidate
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 load Show response
z.cdn.umh.ua/ 3 KB
2 KB 141ms
129ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1383154235&div=zone_1383154235&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: adf28758397736eed0e374261c4f39ff06871edaaee53c19426dd0483a294a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-length: 1328
expires: -1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 49ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-78HCHY8Y8G&gtm=45je3b60v9106084792&_p=1699359723619&_gaz=1&gcd=11l1l1l1l1&cid=1614114469.1699359724&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699359724&sct=1&seg=0&dl=https%3A%2F%2Fwww.bigmir.net%2F&dt=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&en=page_view&_fv=1&_ss=1&tfd=835
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-78HCHY8Y8G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bigmir.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 75ms
19ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-78HCHY8Y8G&cid=1614114469.1699359724&gtm=45je3b60v9106084792&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-78HCHY8Y8G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bigmir.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 69ms
34ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-78HCHY8Y8G&cid=1614114469.1699359724&gtm=45je3b60v9106084792&aip=1&z=1769004979

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 42ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bigmir.net&callback=_gfp_s_&client=ca-pub-3755662197386269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=www.bigmir.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a197a33c614da232d1f7d4ab4b8e1d3aebd52b0eae36720f993f01e9f5a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D7D 0
188 B 267ms
265ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1699359724&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.bigmir.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699359723731&bpp=53&bdt=138&idt=498&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=517340587368&frm=20&pv=2&ga_vid=1614114469.1699359724&ga_sid=1699359724&ga_hid=109753063&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079296%2C31079402%2C31079406%2C44801484%2C44804684%2C44807454%2C44807464%2C31078297%2C44800659%2C44808149&oid=2&pvsid=3477858196198794&tmod=225071110&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=534

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:22:04 GMT
expires: Tue, 07 Nov 2023 12:22:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 23ms
21ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3119939-34&cid=1614114469.1699359724&jid=1050311759&gjid=1859634093&_gid=367381502.1699359724&_u=YEBAAUAAAAAAACAAI~&z=1494315282

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bigmir.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Nov 2023 12:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bigmir.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 426 KB
134 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3433
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136626
x-xss-protection: 0
server: cafe
etag: 12374074705736737879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 06 Nov 2024 11:24:51 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 279 B
417 B 29ms
27ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=www.bigmir.net
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 7c1cc41f9c6dd928e3175e205f0c053ee3595d1e66cc2bfed3987439ac070acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 279
expires: Thu, 07 Dec 2023 12:22:04 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 662F 5 KB
3 KB 108ms
28ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 0a44b4def95e4a0661603099f2210122d6d74408fa0fe3c6bffe41ba3ad3de64

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2719
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:22:04 GMT
etag: PRIVATE7520710249
expires: Thu, 07 Dec 2023 12:22:04 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 72ms
32ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3119939-34&cid=1614114469.1699359724&jid=1050311759&_u=YEBAAUAAAAAAACAAI~&z=541213231

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
44ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3119939-34&cid=1614114469.1699359724&jid=1050311759&_u=YEBAAUAAAAAAACAAI~&z=541213231

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b53_left.gif
i.bigmir.net/cnt/samples/default/ 319 B
491 B 227ms
35ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_left.gif
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
last-modified: Tue, 23 Jan 2007 13:14:26 GMT
server: nginx
etag: "45b60a32-13f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 319
expires: Fri, 10 Nov 2023 12:22:04 GMT

GET
H2 200 b53_center.gif
i.bigmir.net/cnt/samples/default/ 96 B
268 B 225ms
34ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_center.gif
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
last-modified: Tue, 23 Jan 2007 13:14:25 GMT
server: nginx
etag: "45b60a31-60"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 96
expires: Fri, 10 Nov 2023 12:22:04 GMT

GET
H2 200 b53_right.gif
i.bigmir.net/cnt/samples/default/ 319 B
491 B 226ms
36ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_right.gif
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
last-modified: Tue, 23 Jan 2007 13:14:26 GMT
server: nginx
etag: "45b60a32-13f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 319
expires: Fri, 10 Nov 2023 12:22:04 GMT

GET
H2 200 load Show response
z.cdn.umh.ua/ 2 KB
1 KB 8ms
6ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1540070696&div=zone_1540070696&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 6c1a6a1cbd64f12a1b203ede1f45ec2472f588123a99005240c211cd16cb34b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, must-revalidate
content-length: 1187
expires: -1

GET
H2 204 load Show response
z.cdn.umh.ua/ 0
94 B 9ms
7ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1975341310&div=zone_1975341310&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache, must-revalidate
server: nginx
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 2 KB
1 KB 195ms
194ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1296674114&div=zone_1296674114&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e121a40cdb974be4c049e94ee69db9859ed1245ad043f5ab7cb2cc5b739e4cbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, must-revalidate
content-length: 990
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 5 KB
2 KB 9ms
9ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1251227032&div=zone_1251227032&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 444a0c12287d4f0fe54993b9934f1f40afb5f6ac93aaca03c2c71c3601089634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, must-revalidate
content-length: 2076
expires: -1

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 2EE0 937 B
1 KB 111ms
26ms Document
text/html 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1383154235&div=zone_1383154235&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 253b4d57a59ed99d96b76f05d8fe5753c1784aa45701df3d77f92ce9b58e8c08

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 937
content-type: text/html
date: Tue, 07 Nov 2023 12:22:04 GMT

GET
H2 200 smc
z.cdn.adtarget.market/ 0
211 B 68ms
17ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=201&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:03 GMT
server: nginx
content-length: 0
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 204 smc
z.cdn.adtarget.market/ 0
40 B 68ms
18ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=18956&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:03 GMT
server: nginx

GET
H2 204 smc
z.cdn.adtarget.market/ 0
40 B 69ms
18ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=158&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:03 GMT
server: nginx

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 44CC 853 B
1 KB 84ms
25ms Document
text/html 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=2138114110&div=zone_2138114110&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 746efa69d2653d10bcb09c08e6502da62c6eb1b5b5ba813267844e6930e510cb

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 853
content-type: text/html
date: Tue, 07 Nov 2023 12:22:03 GMT

GET
H2 200 bigmir.net.971155.js Show response
jsc.mgid.com/b/i/ 4 KB
2 KB 68ms
26ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/b/i/bigmir.net.971155.js

Requested by

Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=2138114110&div=zone_2138114110&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fdc33fbeb7a4dbea9dd1f8b32a3511f95c4bb717e430ca2e6b691e5a6456261

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
x-amz-version-id: b1lcRCZfXsVWpgapvWgJlCH.hWqtLTI2
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: PHXT42VJNJWHDE8D
age: 5661
cf-polished: origSize=3919
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vvwb/Ni7gIsF/bARshJxFYr9qV0v/p9bfKafQ06+P0f18wYjBI0i7gzyl8tdZzdU7+p3yCxlv9c=
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 13:59:21 GMT
server: cloudflare
etag: W/"63e9023c5eb70cd8a39c9a0c705982a2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82258a2619f2bb8f-FRA
expires: Tue, 07 Nov 2023 15:22:04 GMT

GET
H2 204 load Show response
z.cdn.umh.ua/ 0
94 B 7ms
7ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1574382611&div=zone_1574382611&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache, must-revalidate
server: nginx
expires: -1

GET
H2 200 /
exchange.informer.ua/informer/stat/ Frame 4D63 2 KB
0 147ms
55ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=uzr&t=uzrBasic&l=2
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 12:22:41 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/738581/ 2 KB
1 KB 24ms
10ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/738581/config.json?cb=https%3A%2F%2Fwww.bigmir.net%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_738585_17138.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 65b4f7ec1bb02fbd0a180385757b7f787327cd34e5bc0ceff4a9679cc5d3b9cb

Request headers

Referer: https://www.bigmir.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

expires: Wed, 08 Nov 2023 12:22:04 GMT
date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 12:01:23 GMT
server: nginx
etag: W/"6548d593-8f7"
content-type: application/json
access-control-allow-origin: https://www.bigmir.net
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 170 B
440 B 100ms
18ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 60fb535612a4ddc7a8aaee524bd4a97aa317d90f0704df7ce15191044848313e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bigmir.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 170

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
431 B 100ms
18ms XHR
image/gif 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=738585&site_id=17138&pbjsv=v7.54.8&full_page_url=https%3A%2F%2Fwww.bigmir.net%2F&adid=oawjan.01&features=81952&vpbv=N195&tte=903&lifecycle_tte=1143
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.bigmir.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame A00A 756 B
822 B 25ms
23ms Document
text/html 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1540070696&div=zone_1540070696&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 7e2e4b40a09be9d169fb6e534e8540e4bcbbafe307cee12f0bacf58a48c2d390

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 756
content-type: text/html
date: Tue, 07 Nov 2023 12:22:03 GMT

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 29 KB
10 KB 71ms
13ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1553&height=300&width=400&tld=bigmir.net&ctype=div
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1540070696&div=zone_1540070696&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b8a0329b21e6e0ebbc9fca0d8ffe9b379d7dc7b0391f2cddf0c2e9a38a3b5e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 13:45:26 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651ebdf6-749f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 07 Nov 2023 13:22:04 GMT

GET
H2 204 smc
z.cdn.adtarget.market/ 0
40 B 18ms
18ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=158&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:03 GMT
server: nginx

GET
H2 200 smc
z.cdn.adtarget.market/ 0
210 B 18ms
17ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=201&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:03 GMT
server: nginx
content-length: 0
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 204 smc
z.cdn.adtarget.market/ 0
40 B 17ms
17ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=18956&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:03 GMT
server: nginx

GET
H2 200 mc
z.cdn.umh.ua/ Frame 44CC 0
43 B 10ms
6ms Image
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.umh.ua/mc?d=6&u=2094297741347235489&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-length: 0
server: nginx

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 44CC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6061574857477564043&gdpr=0&gdpr_consent=

43 B
373 B

80ms
78ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6061574857477564043&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:03 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6061574857477564043&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200

p
a.audrte.com/ Frame 44CC
Redirect Chain

https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTIwS1h4Z25QYlRUbEtXaWFVaWs5LUJxZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGEyMEtYeGduUGJUVGxLV2lh...
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
https://a.audrte.com/a?adform_uid=1361606161466983843&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=a20KXxgnPbTTlKWiaUik9-Bqg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
https://a.audrte.com/match?uid=6177029572012779073&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
https://a.audrte.com/p?

68 B
424 B

32ms
31ms

Image
image/png

34.246.239.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p?
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: HTTP/1.1
Server: 34.246.239.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:05 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 07 Nov 2023 12:22:05 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com/p?
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 44CC
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dsmar...
https://x.bidswitch.net/sync?dsp_id=354&user_id=1e747e1545ea4a15ab7e846ea505998d&ssp=smartadserver&bsw_param=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=0&consent=&gdpr_pd=&expires=7
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=0&gdpr_consent=

43 B
413 B

44ms
23ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=0&gdpr_consent=
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

/
wt.rqtrk.eu/ Frame 44CC
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=6177029572012779073&gdpr_pd=0&gdpr=0&gdpr_consent=

43 B
350 B

74ms
7ms

Image
image/gif

141.95.32.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=6177029572012779073&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 141.95.32.71 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: haproxy-eu-006.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 43
expires: Tue, 07 Nov 2023 12:22:03 GMT

Redirect headers

location: https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=6177029572012779073&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 mc
z.cdn.umh.ua/ Frame 2EE0 0
43 B 9ms
6ms Image
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.umh.ua/mc?d=6&u=6177029572012779073&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-length: 0
server: nginx

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 2EE0
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=69541446abac1f5098d755fedbe14aca&gdpr=0&gdpr_consent=0

43 B
350 B

33ms
25ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=69541446abac1f5098d755fedbe14aca&gdpr=0&gdpr_consent=0
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:03 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=69541446abac1f5098d755fedbe14aca&gdpr=0&gdpr_consent=0
x-kong-upstream-latency: 7
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 2EE0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1361606161466983843&gdpr=0&gdpr_consent=

43 B
373 B

32ms
31ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1361606161466983843&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1361606161466983843&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 9.gif
id5-sync.com/i/102/ Frame 2EE0 43 B
921 B 43ms
8ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 07 Nov 2023 12:22:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

204

v1
match.sharethrough.com/sync/ Frame 2EE0
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177029572012779073&gdpr=0&gdpr_consent=

0
34 B

55ms
8ms

Image
text/plain

18.185.192.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177029572012779073&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 18.185.192.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-192-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177029572012779073&gdpr=0&gdpr_consent=
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1699359724594/
Redirect Chain

https://gaua.hit.gemius.pl/_1699359724594/rexdot.js?l=100&sendf=24&id=oqJKuLb4q92bD8o1_dIkKeVEjzLdCJugqj2nCiBOT1j.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.b...
https://gaua.hit.gemius.pl/__/_1699359724594/rexdot.js?l=100&sendf=24&id=oqJKuLb4q92bD8o1_dIkKeVEjzLdCJugqj2nCiBOT1j.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fww...

169 B
424 B

28ms
27ms

Script
application/x-javascript

51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1699359724594/rexdot.js?l=100&sendf=24&id=oqJKuLb4q92bD8o1_dIkKeVEjzLdCJugqj2nCiBOT1j.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.bigmir.net%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=thRqM29bcwZTbKJyL29ghu3r3rPGkWp8Wx1D.vMcraX.h7UD4N5G7Nc0fmlTErn.1ox7Ew8kDHVMmIPHf0nziIWb0Zqm/S2iy4k6FkWk9P/&fpdata=4YEVYnEUKnksg2O7sfWnxORb9G0MVBLZSKakNFJySRP.X7&ltime=238&fr=1&ref=&inner=_ver%3D344%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=654a2bec14d2bc9b&brts=1699359724&fpcap=
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 56740556bfd3766a0efba19a523ce37f3153b9ee89dbde35d5625e70c3b85a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Mon, 06 Nov 2023 12:22:04 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1699359724594/rexdot.js?l=100&sendf=24&id=oqJKuLb4q92bD8o1_dIkKeVEjzLdCJugqj2nCiBOT1j.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.bigmir.net%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=thRqM29bcwZTbKJyL29ghu3r3rPGkWp8Wx1D.vMcraX.h7UD4N5G7Nc0fmlTErn.1ox7Ew8kDHVMmIPHf0nziIWb0Zqm/S2iy4k6FkWk9P/&fpdata=4YEVYnEUKnksg2O7sfWnxORb9G0MVBLZSKakNFJySRP.X7&ltime=238&fr=1&ref=&inner=_ver%3D344%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=654a2bec14d2bc9b&brts=1699359724&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 06 Nov 2023 12:22:04 GMT

POST
H2 200 z Show response
s.zfctrack.net/ Frame 6920 50 KB
23 KB 194ms
85ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zfctrack.net/z
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 58a9e6f38f2eabd027a24705b6b15cbfa734e35ba268b7c77b78af544be56c93

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23570
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 643A 726 B
792 B 34ms
23ms Document
text/html 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1251227032&div=zone_1251227032&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 81b19cfa9f30c572bdc529f03a9ebb89d3b1657fc1be58b10ce18f9ee17ba0e0

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 726
content-type: text/html
date: Tue, 07 Nov 2023 12:22:04 GMT

GET
H2 200 index.html
um1.cdn.umh.ua/uploads/media/4/3/6334/v2/ Frame 510D 0
0 25ms
9ms Document
text/html 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://um1.cdn.umh.ua/uploads/media/4/3/6334/v2/index.html?clickTag=https://z.cdn.umh.ua/go?z=1251227032&m=1571298478&c=2087788163&p0=1498993105&p1=1454040516&u=4071ca9d42f5f96f&t=1699359724&n=3180852644133407468&h=3019021239

Requested by

Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 12:22:04 GMT
etag: W/"649d8ad4-18a9"
expires: Wed, 08 Nov 2023 12:22:04 GMT
last-modified: Thu, 29 Jun 2023 13:44:52 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;

GET
H2 200 smc
z.cdn.adtarget.market/ 0
210 B 24ms
11ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=201&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:03 GMT
server: nginx
content-length: 0
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 204 smc
z.cdn.adtarget.market/ 0
40 B 27ms
15ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=158&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:03 GMT
server: nginx

GET
H2 204 smc
z.cdn.adtarget.market/ 0
40 B 23ms
11ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=18956&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:03 GMT
server: nginx

GET
H2 200 event
z.cdn.umh.ua/ 35 B
97 B 19ms
7ms Image
image/gif 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.umh.ua/event?z=1251227032&m=1571298478&n=3180852644133407468&t=&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
server: nginx
content-length: 35
content-type: image/gif

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bigmir.net.971155.es6.js Show response
jsc.mgid.com/b/i/ 332 KB
99 KB 40ms
30ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/b/i/bigmir.net.971155.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/i/bigmir.net.971155.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c2a2fd83b91046f1c9e0a8fc19e692deb5f4e96fa7bdd530dc56fa79e743e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
x-amz-version-id: _vLnsREvfuecaMV.5gtTYMq6QJUhkgy7
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GE1SANC9VWTQWMY3
age: 5660
cf-polished: origSize=339738
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0kT/dCuEsutVFHU1s2PwroQ7osjzbReZ8KARCXWbd3S/3sdC2c0TyA5GFimiA88l+st8jVkW3CY=
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 13:59:20 GMT
server: cloudflare
etag: W/"0325d0fd4e5040d80ef2adac096b5d69"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82258a26fb25bb8f-FRA
expires: Tue, 07 Nov 2023 15:22:04 GMT

GET
H2 200 mc
z.cdn.umh.ua/ Frame A00A 0
43 B 13ms
5ms Image
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.umh.ua/mc?d=6&u=6177029572012779073&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-length: 0
server: nginx

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame A00A
Redirect Chain

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WGsO_Vw8X_9DPwyqC2kXqFZoCqlDPwKoXW-7ABsW

43 B
113 B

80ms
79ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WGsO_Vw8X_9DPwyqC2kXqFZoCqlDPwKoXW-7ABsW
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WGsO_Vw8X_9DPwyqC2kXqFZoCqlDPwKoXW-7ABsW
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

204

v1
match.sharethrough.com/sync/ Frame A00A
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177029572012779073&gdpr=0&gdpr_consent=

0
34 B

76ms
28ms

Image
text/plain

18.185.192.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177029572012779073&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 18.185.192.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-192-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6177029572012779073&gdpr=0&gdpr_consent=
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:03 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame A00A
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f6cb461-fdbc-40e4-8120-3eab33f46660&gdpr_consent=null&gdpr=0

43 B
414 B

31ms
30ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f6cb461-fdbc-40e4-8120-3eab33f46660&gdpr_consent=null&gdpr=0
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f6cb461-fdbc-40e4-8120-3eab33f46660&gdpr_consent=null&gdpr=0
date: Tue, 07 Nov 2023 12:22:04 GMT
server: _
content-length: 0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame A00A 0
35 B 42ms
7ms Image
text/plain 18.185.192.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.192.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-192-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT

GET 1a1436e857d06b28f715fc3ddb6a9ee2.jpg
exchange.informer.ua/assets/thumbnails/1a/ Frame 4D63 0
0

GET 58045a00c7e24b82b2b434d26ed4dea8.jpg
exchange.informer.ua/assets/thumbnails/58/ Frame 4D63 0
0

GET logo_uzr.svg
uzr.com.ua/wp-content/uploads/2022/11/ Frame 4D63 0
0

GET
H2 200 index.html Show response
um1.cdn.umh.ua/uploads/media/4/3/6334/v2/ Frame 430C 6 KB
2 KB 8ms
6ms Document
text/html 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

31c8cb65ba77032917cac73d2b9e4519a0a6916d45faca7a8cde6b0cbb595fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 12:22:04 GMT
etag: W/"649d8ad4-18a9"
expires: Wed, 08 Nov 2023 12:22:04 GMT
last-modified: Thu, 29 Jun 2023 13:44:52 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame 118F 2 KB
1 KB 73ms
71ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=uzr&t=uzrBasic&l=2
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: 955a21718b3a6caf08d6be713097c7b7c8a07d1dce755e07e4b49b91009d24d4

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 12:22:41 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 44ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

342ed3ca530be9771c7fd017e54c3c79fd8c2bd0be107d62d0a452ee0e86ef4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 12:22:04 GMT
content-md5: xrg/Igm1guYszNKF36w4bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: I2kzGLewcJCo0lwy0zE9/Ql7keNNAGLqr25JX9uxuZ7TjpfQkEk6zYtrzzW6dA30aSC+rD0NPIx5nCUK6LgEZg==
x-fb-content-md5: c5c57c5f92950c4fa152323dc9c4b412
cross-origin-opener-policy: same-origin-allow-popups
etag: "e033ff1a988671bb8fdd9943b308d33a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 07 Nov 2023 12:32:05 GMT

GET
H2 200 88ce7f87faae6b7ee10e5385a2d148bf-quality_70Xresize_crop_1Xallow_enlarge_0Xw_730Xh_562.jpg
www.bigmir.net/i/73/63/01/2/7363012/ 50 KB
50 KB 12ms
9ms Image
image/jpeg 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/i/73/63/01/2/7363012/88ce7f87faae6b7ee10e5385a2d148bf-quality_70Xresize_crop_1Xallow_enlarge_0Xw_730Xh_562.jpg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de58fd192992cc7dc2c4ab1c2e801fd4e5c68778087c87bad5f6dc79717a44d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:52:15 GMT
x-amz-version-id: S43k_hLHaG2c_6kVfX3tHHRZ_FBhKeBd
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 11:49:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 1790
etag: "5d5b6d797ae004c0843cfb2095abd04f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 50753
x-amz-cf-id: v8xYUDwXKigLNy-ypMExuci95TEurdsRaqkLDcPfm3rLSYsJoVLePg==

POST
H2 200 add-view Show response
api.phnx.click/articles/stat/ 47 B
258 B 2633ms
2554ms XHR
application/json 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/articles/stat/add-view?lang_key=ua&cid=10&site=bigmir&aid=695059&0.8685072176249218
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7103818185c8de6f272a3d21c865e2f719f85f66a8b5ffbe3fec8c9b165b5027

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bigmir.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.bigmir.net
date: Tue, 07 Nov 2023 12:22:07 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
19 KB 457ms
456ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3477858196198794&correlator=2497607675975245&eid=31079239%2C44780988&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=21861267298%2Cbigmir.net%2Cleaderboard%2Csidebar%2Csidebar_small&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=728x90%7C970x90%7C1280x90%2C300x600%7C300x250%7C300x400%2C300x100%7C320x100&ifi=2&didk=2537395534~3260695634~107175965&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc689730b19d400c1-226f8010a8e3003e%3AT%3D1699359724%3ART%3D1699359724%3AS%3DALNI_MaesuCdJyigPRASopS2TmJsvqktdg&gpic=UID%3D00000cbbe787aa3a%3AT%3D1699359724%3ART%3D1699359724%3AS%3DALNI_MZ6PyE8c3bJdlTgjcc_yX5iWnKRzg&abxe=1&dt=1699359724719&lmt=1699359724&adxs=436%2C-9%2C-9&adys=17%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bigmir.net%2F&vis=1&psz=728x0%7C0x-1%7C0x-1&msz=728x0%7C0x-1%7C0x-1&fws=0%2C2%2C2&ohw=0%2C0%2C0&ga_vid=1614114469.1699359724&ga_sid=1699359724&ga_hid=109753063&ga_fc=true&dlt=1699359723594&idt=934&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-bigmir.net%252Fleaderboard%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-bigmir.net%252Fsidebar%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-bigmir.net%252Fsidebar_small%26excl_cat%3DPREPOST&adks=4084058194%2C2862140708%2C1909277601&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6789dbe1914cce6334de7f5c29af3c787254965f13946c093c0bae3b32c9c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19866
x-xss-protection: 0
google-lineitem-id: -1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bigmir.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E924 6 KB
3 KB 71ms
21ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:22:04 GMT
expires: Wed, 06 Nov 2024 12:22:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mc
z.cdn.umh.ua/ Frame 643A 0
43 B 9ms
8ms Image
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.umh.ua/mc?d=6&u=6177029572012779073&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-length: 0
server: nginx

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 643A 0
34 B 41ms
8ms Image
text/plain 18.185.192.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.192.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-192-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 643A
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6177029572012779073&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6177029572012779073&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

132ms
131ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6177029572012779073&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WW5XG3GNVPTYZPXJT4QC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PB3BWPQ465Y5GGEGKWHR
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6177029572012779073&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 643A
Redirect Chain

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09c52204002845bc6b2526cf&gdpr=0&gdpr_consent=

43 B
401 B

30ms
30ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09c52204002845bc6b2526cf&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09c52204002845bc6b2526cf&gdpr=0&gdpr_consent=
date: Tue, 07 Nov 2023 12:22:04 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 643A
Redirect Chain

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1699359724844
https://ad.turn.com/r/cs?pid=45&rndcb=5537389448
https://sync.1rx.io/usersync/turn/3902553163541891453?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-7961b9b1-62b0-4308-aab0...
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003

43 B
480 B

91ms
86ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003
date: Tue, 07 Nov 2023 12:22:05 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX7961b9b162b04308aab0dc9fb7676e9d003
content-type: text/html

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame 430C 186 KB
48 KB 185ms
111ms Script
text/javascript 2a02:26f0:3100::1735:2a09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: um1.cdn.umh.ua
URL: https://um1.cdn.umh.ua/uploads/media/4/3/6334/v2/index.html?clickTag=https://z.cdn.umh.ua/go?z=1251227032&m=1571298478&c=2087788163&p0=1498993105&p1=1454040516&u=4071ca9d42f5f96f&t=1699359724&n=3180852644133407468&h=3019021239
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100::1735:2a09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://um1.cdn.umh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 07 Nov 2023 12:37:04 GMT

GET
H2 200 banner_html5.js Show response
um1.cdn.umh.ua/libs/ Frame 430C 2 KB
1 KB 8ms
3ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://um1.cdn.umh.ua/libs/banner_html5.js

Requested by

Host: um1.cdn.umh.ua
URL: https://um1.cdn.umh.ua/uploads/media/4/3/6334/v2/index.html?clickTag=https://z.cdn.umh.ua/go?z=1251227032&m=1571298478&c=2087788163&p0=1498993105&p1=1454040516&u=4071ca9d42f5f96f&t=1699359724&n=3180852644133407468&h=3019021239

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

471cef452126f384189ef6958a9286577884f4f59e955e51002c038ba7136456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://um1.cdn.umh.ua/uploads/media/4/3/6334/v2/index.html?clickTag=https://z.cdn.umh.ua/go?z=1251227032&m=1571298478&c=2087788163&p0=1498993105&p1=1454040516&u=4071ca9d42f5f96f&t=1699359724&n=3180852644133407468&h=3019021239
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
last-modified: Thu, 14 Apr 2022 15:28:03 GMT
server: nginx
etag: W/"62583d83-957"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: X-PINGOTHER
expires: Wed, 08 Nov 2023 12:22:04 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 3 KB
1 KB 17ms
17ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=800761&aid2=852559
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 48eb7c5af13881be176b7e3d3bd14b37189a4dc7b786fd700f976542ef01ef66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.bigmir.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 906

GET
H2 200 1a1436e857d06b28f715fc3ddb6a9ee2.jpg
exchange.informer.ua/assets/thumbnails/1a/ Frame 118F 33 KB
33 KB 46ms
44ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/1a/1a1436e857d06b28f715fc3ddb6a9ee2.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=uzr&t=uzrBasic&l=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1f4e28914fd6914161edf7f44b9f31ca0beadfda00c57b2f15ad3570ec88f470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=uzr&t=uzrBasic&l=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:41 GMT
last-modified: Tue, 07 Nov 2023 12:21:01 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "654a2bad-845e"
content-length: 33886
content-type: image/jpeg

GET
H2 200 58045a00c7e24b82b2b434d26ed4dea8.jpg
exchange.informer.ua/assets/thumbnails/58/ Frame 118F 31 KB
31 KB 47ms
46ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/58/58045a00c7e24b82b2b434d26ed4dea8.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=uzr&t=uzrBasic&l=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 047de140654cdd8480787ea16aef1d92af6c0715df8060bf470fb514e4bea912

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=uzr&t=uzrBasic&l=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:41 GMT
last-modified: Tue, 07 Nov 2023 10:21:01 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "654a0f8d-7b90"
content-length: 31632
content-type: image/jpeg

GET
H2 200 logo_uzr.svg
uzr.com.ua/wp-content/uploads/2022/11/ Frame 118F 4 KB
2 KB 100ms
16ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uzr.com.ua/wp-content/uploads/2022/11/logo_uzr.svg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=uzr&t=uzrBasic&l=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e6ebe59a5cd502f79149c519fa38ace5a843d7b1b5702a3c7838543925939c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.informer.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 22:51:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5320
etag: W/"1001-6016baef6f609"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3wp2PAnNxh3xElzT44%2BrOr1fvgs8gNL0UvOS%2BXQx9FXV6fBV3b9UmVuF9%2BUAN6BWd4qVfBiv4DUplKjW0SbvoJiIb1oo%2FxpifnG1%2BmyIR4svDDoZuu2KfcfEmc7qq%2FFudYkhkcTuNDO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 82258a2869f837d2-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 0703 717 B
783 B 67ms
54ms Document
text/html 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1296674114&div=zone_1296674114&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=764&pl=3&mi=4&me=8&hc=4&n=1699359724142&url=www.bigmir.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=bigmir)net%20%E2%80%93%20%D1%87%D0%B8%D0%BC%20%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D0%B5%2C%20%D1%82%D0%B8%D0%BC%20%D0%BA%D1%80%D0%B0%D1%89%D0%B5!&zyx=3521837728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3a299b4b84cd4953480934d61fd06e3900d480335d365a3d4259d5023dc5dfd9

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 717
content-type: text/html
date: Tue, 07 Nov 2023 12:22:04 GMT

GET
H2 204 smc
z.cdn.adtarget.market/ 0
40 B 28ms
12ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=18956&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:04 GMT
server: nginx

GET
H2 204 smc
z.cdn.adtarget.market/ 0
40 B 29ms
14ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=158&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:04 GMT
server: nginx

GET
H2 200 smc
z.cdn.adtarget.market/ 0
210 B 28ms
13ms Image
text/plain 5.79.65.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=201&u=4071ca9d42f5f96f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:21:04 GMT
server: nginx
content-length: 0
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 20 KB
11 KB 92ms
55ms XHR
application/json 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1553&height=300&width=400&tld=bigmir.net&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=www.bigmir.net&top_url=https%3A%2F%2Fwww.bigmir.net%2F&domain=www.bigmir.net&url=https%3A%2F%2Fwww.bigmir.net%2F&referrer=&async=1&uid=1427136372&gdpr=0&gdpr_consent=
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1553&height=300&width=400&tld=bigmir.net&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 796bdbc9d4a0af0b8d56b054c4300ab572518c1453419412b970b30d3796b3a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: https://www.bigmir.net
date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 298 KB
85 KB 48ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=663533cb14b446545cc1e80f86af033d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b551f0123261b9b4a468e2bb854e26d27164a6dd5f2de83cce458efdde66d257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bigmir.net/
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 12:22:04 GMT
content-md5: ltyjqVVvDYPzS3YfKWNZtw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87068
reporting-endpoints
x-fb-debug: VL6Xlgw9D4bL+HqV/cUNexaqUzQe1IKoUEQ9PECk/UcpfCEzaCIUiV1qF7JrBA0hy0VoCqE5nHu0le1QWwaREA==
x-fb-content-md5: 20d1df8a781622ecbdcadab47c696a8f
cross-origin-opener-policy: same-origin-allow-popups
etag: "c22f6e6ef4c3a5413b434437ccf64f39"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 06 Nov 2024 12:12:05 GMT

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame F359
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

2 KB
1 KB

23ms
23ms

Document
text/html

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: bf2c8e9e3522e262a54a9815a0a334e998147fbdecfdf52747fa3e4c4c53eb8f

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 07 Nov 2023 12:22:04 GMT
expires: Tue, 07 Nov 2023 12:22:04 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-919

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Tue, 07 Nov 2023 12:22:04 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-919

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame B7E9 0
0 359ms
106ms Document
text/plain 67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
server: 33XP005
x-33x-status: 2000208

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1FC0 15 KB
6 KB 523ms
175ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=82612
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 07 Nov 2023 12:22:05 GMT
expires: Wed, 08 Nov 2023 11:18:57 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame A553 0
0 52ms
7ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 7939 2 KB
1 KB 109ms
19ms Document
text/html 2a01:4f8:242:57ce::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:242:57ce::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Adtelligent /
Resource Hash: e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.bigmir.net
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 832
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b49ab052-7da8-4ace-8c47-5f133b21373c

43 B
473 B

100ms
90ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b49ab052-7da8-4ace-8c47-5f133b21373c
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b49ab052-7da8-4ace-8c47-5f133b21373c
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 98ms
41ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Nov 2023 12:22:04 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=fd0e52bab8704110

35 B
349 B

81ms
24ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=fd0e52bab8704110
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 07 Nov 2023 12:22:05 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=fd0e52bab8704110
Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 0

GET
H2 200 sync
cookies.nextmillmedia.com/ 0
0 334ms
95ms Image
text/html 34.200.14.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.14.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-14-96.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://sync.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-uwene47UrBtCPXf8FQCt9vN18qJy8rJIQCotljcP&gpp={gpp}&gpp_sid={gpp_sid}

43 B
484 B

276ms
253ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-uwene47UrBtCPXf8FQCt9vN18qJy8rJIQCotljcP&gpp={gpp}&gpp_sid={gpp_sid}
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-uwene47UrBtCPXf8FQCt9vN18qJy8rJIQCotljcP&gpp={gpp}&gpp_sid={gpp_sid}
access-control-allow-origin
date: Tue, 07 Nov 2023 12:22:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 183
content-type: text/html; charset=utf-8

GET
H2 200 sync
vid.vidoomy.com/ 0
0 182ms
27ms Image
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2632159300098532563

43 B
456 B

114ms
85ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2632159300098532563
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
an-x-request-uuid: 84941328-ab9d-49da-b3ac-f2ea745dd309
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2632159300098532563
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2632159300098532563

43 B
456 B

120ms
89ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2632159300098532563
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
an-x-request-uuid: 23fd19c4-dca5-44c7-ab0b-5de7db43d7c7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2632159300098532563
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310531%26gdpr%3D%7Bgdpr%7...
https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=

43 B
320 B

55ms
22ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1699359724845
https://ad.turn.com/r/cs?pid=45&rndcb=3593311417
https://sync.1rx.io/usersync/turn/3974610757579819389?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-7961b9b1-62b0-4308-aab0...
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003

43 B
480 B

86ms
86ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7961b9b1-62b0-4308-aab0-dc9fb7676e9d-003
date: Tue, 07 Nov 2023 12:22:05 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX7961b9b162b04308aab0dc9fb7676e9d003
content-type: text/html

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=2632159300098532563

43 B
456 B

56ms
19ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=2632159300098532563
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
an-x-request-uuid: 96bc94aa-0152-4381-ae10-c0c1a9712fdb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=2632159300098532563
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 mc
z.cdn.umh.ua/ Frame 0703 0
43 B 21ms
6ms Image
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.umh.ua/mc?d=6&u=6177029572012779073&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-length: 0
server: nginx

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 0703
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f6cb461-fdbc-40e4-8120-3eab33f46660&gdpr_consent=null&gdpr=0

43 B
414 B

28ms
26ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f6cb461-fdbc-40e4-8120-3eab33f46660&gdpr_consent=null&gdpr=0
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=6f6cb461-fdbc-40e4-8120-3eab33f46660&gdpr_consent=null&gdpr=0
date: Tue, 07 Nov 2023 12:22:04 GMT
server: _
content-length: 0

GET
H2 200 9.gif
id5-sync.com/i/102/ Frame 0703 43 B
920 B 11ms
7ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 07 Nov 2023 12:22:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 0703
Redirect Chain

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WGsO_Vw8X_9DPwyqC2kXqFZoCqlDPwKoXW-7ABsW

43 B
113 B

33ms
33ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WGsO_Vw8X_9DPwyqC2kXqFZoCqlDPwKoXW-7ABsW
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WGsO_Vw8X_9DPwyqC2kXqFZoCqlDPwKoXW-7ABsW
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0703
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3NzAyOTU3MjAxMjc3OTA3Mw==&gdpr=0&gdpr_consent=

170 B
243 B

29ms
28ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3NzAyOTU3MjAxMjc3OTA3Mw==&gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=4071ca9d42f5f96f

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjE3NzAyOTU3MjAxMjc3OTA3Mw==&gdpr=0&gdpr_consent=
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 /
onetag-sys.com/usync/ Frame 7221 0
0 16ms
7ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1553&height=300&width=400&tld=bigmir.net&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 15 KB
4 KB 75ms
44ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1553&height=300&width=400&tld=bigmir.net&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3583058
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HBA2MWH5GQKWP7J07A2G2QVZ-fra
server: cloudflare
etag: W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82258a290ccc4db8-FRA

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 6 KB
2 KB 24ms
16ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1553&height=300&width=400&tld=bigmir.net&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cbb2733729f2bf78fff2da9e4b13d0ac7b895a2b79e6223258358e5422d52dc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 17:01:59 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64fa0207-1709"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 07 Nov 2023 13:22:04 GMT

GET
H2 200 prebid.js Show response
ad.mox.tv/js/achernar/ 293 KB
98 KB 28ms
20ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/prebid.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1553&height=300&width=400&tld=bigmir.net&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
last-modified: Tue, 24 Oct 2023 15:09:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6537de23-49456"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 07 Nov 2023 13:22:04 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.0/ 132 KB
38 KB 73ms
43ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1553&height=300&width=400&tld=bigmir.net&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3621023
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HB8YE91NXMD94W02GCJD2AAE-fra
server: cloudflare
etag: W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82258a290cd04db8-FRA

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 22ms
15ms Stylesheet
text/css 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1553&height=300&width=400&tld=bigmir.net&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=b49ab052-7da8-4ace-8c47-5f133b21373c&p_id=23

0
152 B

107ms
11ms

Image
text/plain

185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=b49ab052-7da8-4ace-8c47-5f133b21373c&p_id=23
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=b49ab052-7da8-4ace-8c47-5f133b21373c&p_id=23
date: Tue, 07 Nov 2023 12:22:04 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 87ms
19ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=377f896e-ea24-4e72-b19b-0deaaa93bf1a&gdpr=0&gdpr_consent=
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-Zj4VROrGyU8bxS6Xd1medN6sqDd5clefiiYp7g&gdpr=0&gdpr_consent=
https://ad.vidver.to/delivery/v2/sync?userid=2af17206-4c39-4426-b0d9-b0bc126fb13d&p_id=15

0
154 B

96ms
39ms

Image
text/plain

212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=2af17206-4c39-4426-b0d9-b0bc126fb13d&p_id=15
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: //ad.vidver.to/delivery/v2/sync?userid=2af17206-4c39-4426-b0d9-b0bc126fb13d&p_id=15
date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 /
loadercdn.net/ 0
170 B 180ms
47ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=d77416cea253a33d&d=www.bigmir.net
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 12:22:05 GMT
server: openresty

GET
BLOB 200
OK 4ebd6272-8f40-455a-a503-654e273b3d1e
https://www.bigmir.net/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bigmir.net/4ebd6272-8f40-455a-a503-654e273b3d1e
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK e7a9b8b4-f17b-468f-a18e-f3b275ae3508
https://www.bigmir.net/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bigmir.net/e7a9b8b4-f17b-468f-a18e-f3b275ae3508
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H/1.1 400
Bad Request pbs.gif
sync.admanmedia.com/ Frame F359 60 B
60 B 294ms
96ms Image
text/plain 8.2.110.26
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D144401b13976ccf6%26uid%3D%5BUID%5D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.110.26 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:06 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 60
Content-Type: text/plain

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame F359 566 B
521 B 117ms
11ms Script
application/x-javascript 193.3.178.1
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sun, 05 Nov 2028 12:22:05 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame F359
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D144401b13976ccf6%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=144401b13976ccf6&uid=2632159300098532563

42 B
104 B

72ms
14ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=144401b13976ccf6&uid=2632159300098532563
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server: openresty
date: Tue, 07 Nov 2023 12:22:05 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
an-x-request-uuid: 1a1c6279-e2ee-4085-9488-e17aa890d4b0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=144401b13976ccf6&uid=2632159300098532563
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame F359
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D144401b13976ccf6%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=144401b13976ccf6&uid=ua-2705ce22-8736-3473-960c-20398ba589a5

42 B
103 B

22ms
22ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=144401b13976ccf6&uid=ua-2705ce22-8736-3473-960c-20398ba589a5
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server: openresty
date: Tue, 07 Nov 2023 12:22:05 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=144401b13976ccf6&uid=ua-2705ce22-8736-3473-960c-20398ba589a5
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame F359 0
34 B 18ms
17ms Image
text/plain 18.185.192.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.192.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-192-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT

GET
H2 200 us
sync.go.sonobi.com/ Frame F359 0
399 B 310ms
97ms Image
text/plain 69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D144401b13976ccf6%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-20
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame F359 43 B
245 B 83ms
10ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D144401b13976ccf6%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

400

um
u-ams03.e-planning.net/ Frame F359
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=144401b13976ccf6

0
0

18ms
16ms

Image
text/html

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=144401b13976ccf6
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=144401b13976ccf6
date: Tue, 07 Nov 2023 12:22:05 GMT
server: fasthttp
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 839C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
555 B

517ms
155ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Nov 2023 12:22:06 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 07 Nov 2023 12:22:05 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0E4D 15 KB
6 KB 342ms
176ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D144401b13976ccf6%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=82612
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 07 Nov 2023 12:22:05 GMT
expires: Wed, 08 Nov 2023 11:18:57 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum.casalemedia.com/ Frame E0C6
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1

2 KB
849 B

34ms
33ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd46983fdedf94f0ac4188c609e70d1a30e031643b5f93cad410bd4fb8c9830

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82258a29ecab0493-FRA
content-encoding: br
content-type: text/html
date: Tue, 07 Nov 2023 12:22:05 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnMxtTGucbV%2FiX22oag6P61pplxgRRA%2BprMYqMsk%2BCQOdlsEY0nbLuKdjzKpb5I6VcTdd%2BGw6N9EMwjFuyDs%2FORfkxNtdOd2kpiVXGxNJ4%2FO9JIjaULaILQaR0cjQWIMhp0IMOJY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82258a299c200493-FRA
content-length: 0
date: Tue, 07 Nov 2023 12:22:05 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gd6%2BQbqbKCaBs%2FeJ6D3CzIhG7a%2ByxoX9fJBjRfqyl%2FQAiBFPg3Cq5oxDiV%2BCMetIvXvdM8NqHZ2JMCbWz6dpI%2BX5r2Qmjy6mcrNsSh%2FPKGrcFw8eeQpcy3AP9t%2FYIpItJYNv8eFg"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame A6A2 1 KB
1011 B 129ms
26ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Carrollton, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Tue, 07 Nov 2023 12:22:05 GMT
etag: W/"61ddbb71-5f5"
expires: Tue, 09 Nov 2027 12:27:06 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-rand: 21.090
x-cf-reqid: f612c1be2897f009931067c9eb925db6
x-cf-tsc: 1668083227
x-cf1: 29080:fC.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame EECC 0
0 17ms
16ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 29E2 9 KB
2 KB 90ms
27ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98267d501d8272b069c8abbd7e480f64c874273c1df78d4c1ab7e16bdefd3e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 82258a29aa4b4d82-FRA
content-encoding: br
content-type: text/html
date: Tue, 07 Nov 2023 12:22:05 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame A559
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=Efk0iW3jenXZYLKIXdtw&pi=admatic&tc=1

43 B
473 B

88ms
85ms

Document
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=Efk0iW3jenXZYLKIXdtw&pi=admatic&tc=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 Nov 2023 12:22:04 GMT
Etag: d0bd0817c6ef7715
Server: Adtelligent

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 07 Nov 2023 12:22:05 GMT Tue, 07 Nov 2023 12:22:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=Efk0iW3jenXZYLKIXdtw&pi=admatic&tc=1
pragma: no-cache

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 9EC5
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gp...
https://sync.console.adtarget.com.tr/csync?t=a&ep=749789&extuid=1361606161466983843&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]

43 B
472 B

54ms
17ms

Document
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=749789&extuid=1361606161466983843&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 Nov 2023 12:22:04 GMT
Etag: d0bd0817c6ef7715
Server: Adtelligent

Redirect headers

content-length: 0
content-type: text/plain
date: Tue, 07 Nov 2023 12:22:05 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=749789&extuid=1361606161466983843&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 7939
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d0bd0817c6ef7715

43 B
453 B

89ms
87ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d0bd0817c6ef7715
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: fd0e52bab8704110
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d0bd0817c6ef7715
Date: Tue, 07 Nov 2023 12:22:04 GMT
Server: Adtelligent
Etag: d0bd0817c6ef7715
Content-Length: 0

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 400 getuid
ib.adnxs.com/ Frame 29E2 0
0 9ms
7ms Image
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 29E2 170 B
188 B 19ms
18ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=3c3a7b71-dc70-4b36-85af-0591a0393a5f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770...

95 B
154 B

22ms
20ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=3c3a7b71-dc70-4b36-85af-0591a0393a5f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2c1da84d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Tue, 07 Nov 2023 12:22:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?cid=3c3a7b71-dc70-4b36-85af-0591a0393a5f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 29E2 0
453 B 41ms
40ms Image
text/plain 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 29E2 70 B
149 B 126ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 29E2 0
203 B 120ms
25ms Image
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230126-FRA
server: nginx
x-timer: S1699359725.420085,VS0,VE8
x-fastly-to-nlb-rtt: 7300
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 29E2 0
460 B 530ms
106ms Image
text/html 2600:1f16:e61:3f02:363e:3490:f8eb:b263
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:e61:3f02:363e:3490:f8eb:b263 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
X-Fw-Request-Id: umo1a91_1699359725775173524
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 29E2 0
166 B 107ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 07 Nov 2023 12:22:04 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET genericusersync.ashx
sync.tidaltv.com/ Frame 29E2 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3734704e-e462-46c4-553f-4ccd3c5b9eee&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3734704e-e462-46c4-553f-4ccd3c5b9eee&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=66926321668100127701407397920038140505&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-...

95 B
154 B

23ms
22ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=66926321668100127701407397920038140505&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2c8e234d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v053-0621cfb10.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: msi4T7UETq0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=66926321668100127701407397920038140505&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 29E2 0
324 B 184ms
32ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET zeotap.php
bn01.er.bemail.it/ Frame 29E2 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7298694443027396765&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-...

95 B
165 B

32ms
28ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7298694443027396765&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2c1d964d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7298694443027396765&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Date: Tue, 07 Nov 2023 12:22:05 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 29E2
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=3734704e-e462-46c4-553f-4ccd3c5b9eee
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=3734704e-e462-46c4-553f-4ccd3c5b9eee

95 B
436 B

28ms
23ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=3734704e-e462-46c4-553f-4ccd3c5b9eee

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 07 Nov 2023 12:22:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=3734704e-e462-46c4-553f-4ccd3c5b9eee
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3734704e-e462-46c4-553f-4ccd3c5b9eee&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3734704e-e462-46c4-553f-4ccd3c5b9eee&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://mwzeom.zeotap.com/mw?webouuid=THnSsDfkUEljbL6qQs707u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-47...

95 B
154 B

25ms
24ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?webouuid=THnSsDfkUEljbL6qQs707u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2c4dd04d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
last-modified: Tue, 07 Nov 2023 12:22:05 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=THnSsDfkUEljbL6qQs707u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame 29E2 0
84 B 67ms
11ms Image
text/plain 185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=3734704e-e462-46c4-553f-4ccd3c5b9eee&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=3734704e-e462-46c4-553f-4ccd3c5b9eee?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

95 B
154 B

36ms
34ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2cce7b4d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
cache-control: no-cache
x-server: 10.45.27.43
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-uRnOhcBE2oriKi__jz006mP4D6inZH50yw--~A&zpartnerid=570&env=mWeb

95 B
154 B

25ms
17ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=y-uRnOhcBE2oriKi__jz006mP4D6inZH50yw--~A&zpartnerid=570&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2cbe614d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-uRnOhcBE2oriKi__jz006mP4D6inZH50yw--~A&zpartnerid=570&env=mWeb
date: Tue, 07 Nov 2023 12:22:05 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=FSWCphXIKdE5wusvFFtYPC9gar5EZo%2BN%2BS41iYitP1U%3D

95 B
154 B

24ms
24ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=FSWCphXIKdE5wusvFFtYPC9gar5EZo%2BN%2BS41iYitP1U%3D

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2c9e414d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=FSWCphXIKdE5wusvFFtYPC9gar5EZo%2BN%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 29E2 42 B
213 B 40ms
18ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=3734704e-e462-46c4-553f-4ccd3c5b9eee&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 29E2 0
338 B 138ms
34ms Image
text/plain 54.72.15.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.15.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-15-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1699359725
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 29E2 95 B
380 B 3104ms
30ms Image
image/png 157.90.211.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.211.90.157.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/png
date: Tue, 07 Nov 2023 12:21:58 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZUor7QAB_szyBAAU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e30...

95 B
154 B

27ms
27ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZUor7QAB_szyBAAU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2ec9544d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-fra-eddf8230027-FRA
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1699359726.664002,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZUor7QAB_szyBAAU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 29E2
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075b...

0
337 B

32ms
31ms

Image
text/plain

54.72.15.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 54.72.15.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-15-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1699359725
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
date: Tue, 07 Nov 2023 12:22:05 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a018-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 29E2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553...

43 B
568 B

40ms
39ms

Image
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MDAQAVGPM91ZFRS1WBN5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HXV6REPQQ8TF3JD1BEFR
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 29E2 0
145 B 232ms
145ms Image
text/plain 2.18.160.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=3734704e-e462-46c4-553f-4ccd3c5b9eee&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.160.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-160-221.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D373...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

95 B
154 B

34ms
34ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2ec94f4d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
date: Tue, 07 Nov 2023 12:22:05 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ Frame 29E2 0
214 B 109ms
8ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=41544&puid=3734704e-e462-46c4-553f-4ccd3c5b9eee&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 syncd
x.bidswitch.net/ Frame 29E2 43 B
145 B 22ms
7ms Image
image/gif 18.195.142.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=3734704e-e462-46c4-553f-4ccd3c5b9eee&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3734704e-e462-46c4-553f-4ccd3c5b9eee%26reqId%3Db0326ed4-ffef-4770-75c2-e308075bc09b%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-142-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 29E2 95 B
154 B 27ms
24ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2d5f2f4d82-FRA
access-control-allow-headers: *
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 29E2
Redirect Chain

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
https://mwzeom.zeotap.com/mw?cid=LI66FSjZ6xc32rhCf4yjQCKNvkE32rZAKYq0Kux1&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=3734704e-e462-46c...

95 B
154 B

66ms
29ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=LI66FSjZ6xc32rhCf4yjQCKNvkE32rZAKYq0Kux1&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2c0d924d82-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://mwzeom.zeotap.com/mw?cid=LI66FSjZ6xc32rhCf4yjQCKNvkE32rZAKYq0Kux1&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=3734704e-e462-46c4-553f-4ccd3c5b9eee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 29E2 557 B
470 B 47ms
33ms Script
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3734704e-e462-46c4-553f-4ccd3c5b9eee&reqId=b0326ed4-ffef-4770-75c2-e308075bc09b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a181ffd76fc0fa76f53d2dee3e914f1a611cee33a3b40b405afc6b3cde596da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82258a2b8cd84d82-FRA
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
410 B 8ms
7ms Fetch
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

static.171.184.235.167.clients.your-server.de

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bigmir.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.bigmir.net
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid.1.2.aspx Show response
inv-nets.admixer.net/ 2 KB
2 KB 145ms
144ms Fetch
text/javascript 167.235.184.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

d89721477b36aa6f6787d5dcf4ffdd0399c2f48dad899f763cbf664a6a10774c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bigmir.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
server: nginx
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.bigmir.net
p3p: CP="NID DSP ALL COR"
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 1556
x-xss-protection: 0

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
309 B 83ms
34ms Fetch 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bigmir.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bigmir.net
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 82258a2aff3b5d82-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 389 B
174 B 326ms
324ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3477858196198794&correlator=1243375463532865&eid=31079239%2C44780988&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Cbigmir.net_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&didk=1521379367&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc689730b19d400c1-226f8010a8e3003e%3AT%3D1699359724%3ART%3D1699359724%3AS%3DALNI_MaesuCdJyigPRASopS2TmJsvqktdg&gpic=UID%3D00000cbbe787aa3a%3AT%3D1699359724%3ART%3D1699359724%3AS%3DALNI_MZ6PyE8c3bJdlTgjcc_yX5iWnKRzg&abxe=1&dt=1699359725260&lmt=1699359725&adxs=-150&adys=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bigmir.net%2F&vis=1&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1614114469.1699359724&ga_sid=1699359724&ga_hid=109753063&ga_fc=true&dlt=1699359723594&idt=934&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm93%26yb_tt%3Dtt9%26yb_ff%3D1%26yb_th%3D4%26yb_tm%3D22%26yb_wd%3D2%26excl_cat%3DPREPOST&adks=1789138306&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa5904d35be8c106f30e746022cf25efe30d1eeffb21366f8be8a838c98f988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bigmir.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
46 KB 438ms
437ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3477858196198794&correlator=3356504096569652&eid=31079239%2C44780988&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_bigmir.net_S_WW_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&didk=3114294846&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc689730b19d400c1-226f8010a8e3003e%3AT%3D1699359724%3ART%3D1699359724%3AS%3DALNI_MaesuCdJyigPRASopS2TmJsvqktdg&gpic=UID%3D00000cbbe787aa3a%3AT%3D1699359724%3ART%3D1699359724%3AS%3DALNI_MZ6PyE8c3bJdlTgjcc_yX5iWnKRzg&abxe=1&dt=1699359725277&lmt=1699359725&adxs=750&adys=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bigmir.net%2F&vis=1&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1614114469.1699359724&ga_sid=1699359724&ga_hid=109753063&ga_fc=true&dlt=1699359723594&idt=934&prev_scp=mt_fln%3D0.1%26excl_cat%3DPREPOST&adks=1232801003&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35d394cfc36d221eb83b99a914f0cd1225ba27dc17381d0d05ab0adf7137aff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46892
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bigmir.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 410 B
187 B 381ms
381ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3477858196198794&correlator=3375401490733381&eid=31079239%2C44780988&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_bigmir.net_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=7&didk=2302992864&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc689730b19d400c1-226f8010a8e3003e%3AT%3D1699359724%3ART%3D1699359724%3AS%3DALNI_MaesuCdJyigPRASopS2TmJsvqktdg&gpic=UID%3D00000cbbe787aa3a%3AT%3D1699359724%3ART%3D1699359724%3AS%3DALNI_MZ6PyE8c3bJdlTgjcc_yX5iWnKRzg&abxe=1&dt=1699359725285&lmt=1699359725&adxs=2550&adys=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bigmir.net%2F&vis=1&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1614114469.1699359724&ga_sid=1699359724&ga_hid=109753063&ga_fc=true&dlt=1699359723594&idt=934&prev_scp=mt_fln%3D0.8%26excl_cat%3DPREPOST&adks=4283106547&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e117ae5af231353ef194065b7d1d736c7e1c3e9cd1ff3d6708de30813504bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bigmir.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gg.png
um1.cdn.umh.ua/uploads/media/4/3/6334/v2/images/ Frame 430C 5 KB
6 KB 8ms
7ms Image
image/png 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um1.cdn.umh.ua/uploads/media/4/3/6334/v2/images/gg.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

dfd51d326f5f2f6b63a97efba53989a8f1101da0db80dde25b166f689cb6d7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://um1.cdn.umh.ua/uploads/media/4/3/6334/v2/index.html?clickTag=https://z.cdn.umh.ua/go?z=1251227032&m=1571298478&c=2087788163&p0=1498993105&p1=1454040516&u=4071ca9d42f5f96f&t=1699359724&n=3180852644133407468&h=3019021239
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
x-content-type-options: nosniff
content-length: 5443
x-xss-protection: 1; mode=block;
last-modified: Thu, 29 Jun 2023 13:44:52 GMT
server: nginx
etag: "649d8ad4-1543"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 08 Nov 2023 12:22:05 GMT

GET
H2 200 star.svg
um1.cdn.umh.ua/uploads/media/4/3/6334/v2/images/ Frame 430C 685 B
1 KB 9ms
7ms Image
image/svg+xml 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um1.cdn.umh.ua/uploads/media/4/3/6334/v2/images/star.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Bonn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

7421a92219c06262de241636a3180e19016283592e5a7f808a7fa848a3e4eb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://um1.cdn.umh.ua/uploads/media/4/3/6334/v2/index.html?clickTag=https://z.cdn.umh.ua/go?z=1251227032&m=1571298478&c=2087788163&p0=1498993105&p1=1454040516&u=4071ca9d42f5f96f&t=1699359724&n=3180852644133407468&h=3019021239
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
x-content-type-options: nosniff
content-length: 685
x-xss-protection: 1; mode=block;
last-modified: Thu, 29 Jun 2023 13:44:52 GMT
server: nginx
etag: "649d8ad4-2ad"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 08 Nov 2023 12:22:05 GMT

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame E0C6
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUor7Z4UU-hWCJDb6mefDwAA%263228&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUor7Z4UU-hWCJDb6mefDwAA%263228&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7816f7df713744fa91c6054a17f0e88d
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=7816f7df-7137-44fa-91c6-054a17f0e88d
https://p.rfihub.com/cm?pub=39342&in=1&userid=8b6c6049-2c51-4e1d-ad5d-6f56564feafc%3A1699359726.2291152&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8b6c6049-2c51-4e1d-ad5d-6f56564...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527315016434&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8b6c6049-2c51-4e1d-ad...
https://idsync.rlcdn.com/501709.gif?partner_uid=8b6c6049-2c51-4e1d-ad5d-6f56564feafc%3A1699359726.2291152&_=1699359726.2318807

0
98 B

358ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=8b6c6049-2c51-4e1d-ad5d-6f56564feafc%3A1699359726.2291152&_=1699359726.2318807
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 07 Nov 2023 12:22:06 GMT
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=8b6c6049-2c51-4e1d-ad5d-6f56564feafc%3A1699359726.2291152&_=1699359726.2318807
content-length: 447
x-amz-cf-id: pAnoJi_mEdxCKz-f7cVd7Xu1ZK7D2Vx2BnZdGeLoy1XyL7KBJAMYBg==

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E0C6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUor7Z4UU-hWCJDb6mefDwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

43 B
730 B

25ms
24ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOxv3LOQbLxiEjTH047QTpR00JAdrJGq2JJyBCuJRWIpynnDwcB2I2JCteCj1uz7MhmzP5ga7qVx6E9rxkzjCAnz3Fu5vcwgPyrXX8Men7mPBqHwTyXMOFSa8GlFf%2Fc7ITP3mg7ukZmM0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82258a2c1dd79176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E0C6 70 B
148 B 96ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/ Frame E0C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUor7Z4UU_hWCJDb6mefDwAADJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_cver=1

43 B
335 B

46ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe%2BnFB00LMD0WBhCsEALBne1lWNJY1hAGoS5AxzTuF886mjBYTz9lU4LFDYPt0XtRlAfgwc1nQUFVkf10jYvQGqmk36cZUAm63QVEOFDbfjnjk218OXq1oWJkvG3aLM%2FXKlWt1OWpPMidw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82258a2c1fc70493-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E0C6
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2632159300098532563

43 B
768 B

32ms
29ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2632159300098532563
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nScpJbu1kF6nkzqGSxgwr73TrMaHyHh7kJgulOFAKs4atTauzv8OaKUb5gxXFvJM1deJX8UAFokVcjjrfLIE6se4%2BMNdRHs4HuEJTtyJScaRuLvhuhNJe2Di%2BhUzL5LX4bT%2B7gKBvAo%2B0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82258a2bdd809176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
an-x-request-uuid: 3a3a5f9d-bca9-46bf-ad19-f763ae18221f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2632159300098532563
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame E0C6 42 B
181 B 141ms
34ms Image
image/gif 2a05:d018:cc3:fe04:ef70:7dcd:5ce0:30c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:ef70:7dcd:5ce0:30c1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E0C6
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e3e2626866d64ae89c496a52ed4d5ce5&expiration=1701951725

43 B
742 B

28ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e3e2626866d64ae89c496a52ed4d5ce5&expiration=1701951725
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2I%2BCqtaUboP4KYBwzm%2FuvpMkkwBLf%2Bb%2BOSTdldsMScMu48LQNxsvchDQ4%2BUUc%2BEVOJhoAvL8t5tKg%2BU1Cfnf%2F8A5%2Fcg0RCNGyk3GI3kcOtdL1wOhI%2F9mFts%2Faid1W1PXCziiJlzRP50z0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82258a2c1dd69176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:04 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e3e2626866d64ae89c496a52ed4d5ce5&expiration=1701951725
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZUor7Z4UU_hWCJDb6mefDwAADJwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E0C6 43 B
602 B 160ms
34ms Image
image/gif 2a05:d018:d29:3602:abeb:a582:6f70:20cf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZUor7Z4UU_hWCJDb6mefDwAADJwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:abeb:a582:6f70:20cf Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 um
u-ams03.e-planning.net/ Frame E0C6 42 B
103 B 22ms
14ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=144401b13976ccf6&uid=ZUor7Z4UU-hWCJDb6mefDwAA%263228
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D144401b13976ccf6%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server: openresty
date: Tue, 07 Nov 2023 12:22:05 GMT
content-type: image/gif

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame F359 59 KB
18 KB 108ms
11ms Script
text/javascript 108.157.4.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:49:26 GMT
content-encoding: gzip
via: 1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:32:41 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 27160
x-amz-server-side-encryption: AES256
etag: W/"54c61a0ae34474e317dc273453fb9ccd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: WKClObSe64B8viPoNjzsYr9SCUkqY1AekmYxAmIXJqiyfqj7o-kgeQ==

POST
H2 200 z Show response
s.zfctrack.net/ Frame 02AC 102 B
451 B 60ms
46ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zfctrack.net/z
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 2edcc633821e3ade17e7ec4af9c5aef7995c694a45ba3e942fd5f33098d57377

Request headers

Content-language: eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bigmir.net
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame 606B 3 KB
1 KB 155ms
31ms Document
text/html 52.213.196.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.196.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-196-228.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 293aff41b92281a8e863ef38f5e221716316befa62dd46432875b381b7f3380b

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 07 Nov 2023 12:22:05 GMT
etag: W/"04ecc368d16bc2ba8cb4f4af5b013bbd9"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 4580 37 B
140 B 67ms
9ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Tue, 07 Nov 2023 12:22:05 GMT

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 4A21 43 B
453 B 90ms
88ms Document
image/gif 185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AIgMYOp12qTra1tf
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 Nov 2023 12:22:04 GMT
Etag: fd0e52bab8704110
Server: Adtelligent

GET
H2 200 container.html Show response
1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D70 6 KB
3 KB 24ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:22:04 GMT
expires: Wed, 06 Nov 2024 12:22:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1FC0 0
39 B 24ms
24ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25263102&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-length: 0

GET
H2 200 chevron-down-solid.svg
www.bigmir.net/images/icons/ 377 B
892 B 10ms
9ms Image
image/svg+xml 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/images/icons/chevron-down-solid.svg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/css/style.min.css/v30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 18744b142a9f1f4710f6320a540c25e1e7dfdd629fd0598399c729ff333408ad

Request headers

Referer: https://www.bigmir.net/css/style.min.css/v30
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:27:00 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3337
x-cache: Hit from cloudfront
content-length: 377
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
server: nginx
etag: "6229f95c-179"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://www.bigmir.net
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: H7pqMeL0F7GYFQo_hOk1OLhK6wTJxcEBCv22rSr81_7GkbheTQ95Aw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 31C3 624 B
242 B 56ms
54ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGL235PoBMAE&v=APEucNU0LoPpzxPUb1uAhzVrqQC9yMyb55PmZGvbRmrm4nNspQGYIxMewuqprp771PpNZ6MFXB9rAKtcRxBglyXxtvptfXsGvdRtWmJYp-HQTgFF80kBc5VfcOpBGd4to_gGap5HHzt-pNlJYqiDn2TSTPP8ynVNWe42kaKxQaMI6-H0IkoNszg

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:22:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0D70 89 KB
31 KB 157ms
154ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 12:22:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D70 42 B
63 B 51ms
48ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A4vO5xNNH2SgH-xX2EKi3RM_SO5A5Inm_ll4D-tS-xztJzGRFR-TSEG-AxSYkmMHFBPf8JGKB5eUlIZDlTYfp2R7rESEKs8KkYfbqCrwU0IofV8So

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D70 0
20 B 52ms
49ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13739454882386822211&x=1&ct=77

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 22grados-aboramarca-23-de-728x90-de-22grados-prospecting-abora-de-22grados.js Show response
adno.cdnwebcloud.com/scripts/creatives/2005/ Frame 0D70 3 KB
2 KB 86ms
7ms Script
application/javascript 13.32.99.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adno.cdnwebcloud.com/scripts/creatives/2005/22grados-aboramarca-23-de-728x90-de-22grados-prospecting-abora-de-22grados.js?n_o_ord=1699359724795797&n_o_ct=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CihXg7CtKZZXJMMvMgAfFtK3ABP6J3b1zm77ev4gSl8-ivcABEAEgitb8lwFgleKQgqAHoAGTjM_uAsgBCakClp26jPH3sT6oAwHIA5sEqgSfAk_QYFNW1WL1DzsV_XWsBwxq8764Jel_X-Vfpgs2Nmh7dCEg-zHPPcAv8OcoyxT1DcrZH2OvOHlb6RE6xtrd6rf7Eec-7V6nAse3hB1Arg3BMBhZHhK-xos2eYn3qnD2B8mK-mZ_vdeZubAkj2302y4h20d66444V9SZ1NZbPdHBbDEqIgu4RLS1LcC9V7CAICeprSXnCFl1mj1PjHGP0jZysCpKpkJRhcIAxWZsr5noj15Rz0W1z5ZpdYGzRTBo1x1Cn6mUw7SG42MHIcgvZJXV3xcqJOyRsxv4H34DOK90lkfchzR6th0qgzgUho4h3_oDerz4AEXCqKue-yMqU8xcuGX031yPl5Kw64Q9XF-V88A8lnaBUVTFPrkQpc_twASvq7WZugTgBAOIBcnIjvFMkAYBoAZNgAfV87CRAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMIndj1pfCxggMVSybgCh1FWgtIsBOEqY8V0BMA2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSPADICaaNK-KJi4ScuXYxxDSUuxfmh_IYqEPLt7E1-Oewa7cgSTx0kCCnEZgH2yNAD9qe_VIlaGmxISxkyhgB&sig=AOD64_2vgKgPqMxGSHF1rCWy-AR1fNl1Bg&client=ca-pub-9370473528685580&dbm_c=AKAmf-A6IIHuO9ry_dlUK1bpEgail0Yp4izB1McjSp44gFl4N8YDAa8mg8yRuX3-pMWdj8wY2vhhTV4fHzALtySTS7q0CuSuo1AV0d-2CUqGvN7CgnORj8MT0v68fR4rcKXyy05l5-_MBmALzY74QKlmn_WNJ34bB9O2p7guprazPH3HClmdruQ&cry=1&dbm_d=AKAmf-B49OgNDvIeRJIu5pODhETaZ0IHlxmNDz8rdbU5GJ-y4rgZQVnyuw6UspylhTNqlgm0Z4NQGF_Sd_42hrGkR00woiR-Wv2-LIsJwvIoRjgTEYhZw0uDgB15iD2bL_5la5XmZ3lkgTxxV4oHOpD0Fbbc4ELgLCud3zbGkJaa8MBg2Zl9cDSfVnPWf3YZIoffMxq_Ii6VOGgus2d5cjSalh2FbN9rJXhw1wLla2Qjw5EBzec4k2kr_l-MFJFKBnh3uEdb_N7mb6kQQhSsYQWAZx-Oy3LhCQYtX3CXrgDO7OnrrBswatZ_8kkYf_Xj_ASv3_6VkpuT0CY3a-pBWV68n2zfUCBFLLHKEHWvc9Y-PcaQ_NIscwn6Ak0ehpGDnN842LS5jU4oDA9lPJkaimOVpmQ3_n-BC5DMvm483ut4Nz0S1QGwytNvj4hVQcFi9al3NrVqSg9cNVCO5a67VgijSwf7P47BEPy-ixwqzg-FsdfYXgUyC5gbtv4OfIonPlj5HB_Bnnc_Ua0ACnxrJMNkvb9cMGKcx2Pwq-htFBG81xloJJN1_io&adurl=
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d83d0ecf475a8261ae961109a00617bf6b193b93713f3b6234192c94caa0109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 07:14:53 GMT
content-encoding: gzip
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 20:21:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 18815
x-amz-server-side-encryption: AES256
etag: W/"c0a4ce831ed96186832593d99d1b5f4d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: dl-evAQ1kIyGglfBFsyFtR0WpBXTJIxv4i_-6VyB5fj1WPgJnIiJNA==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 0D70 3 KB
1 KB 49ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:24:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 0D70 20 KB
9 KB 48ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:56:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0D70 0
0 18ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrkPj6NtjaRSq7545VOHpjUrRTleoLYQ0X-KfpUB8mmHkrs7rJWeuYY_qmSJfDlh-nzk7qxYYdcHXy3tttsB4DxPhPgw
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D70 190 KB
60 KB 78ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 12:22:05 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 606B
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=2632159300098532563

35 B
250 B

128ms
33ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=2632159300098532563
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
an-x-request-uuid: 75adbe08-24f8-4fbd-ada1-6a79465d6871
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=2632159300098532563
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 606B
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_cf641c77-b627-4e73-935c-d61973b9dd80&gdpr=&gdpr_consent=&us_privacy=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=61efbd2f-fd74-474d-910b-c06fdc084f73&expires=1&user_group=2&ssp=gumgum2&bsw_param=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=&gdpr_consent=&gdpr_pd=
https://usersync.gumgum.com/usersync?b=bsw&i=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=&gdpr_consent=&us_privacy=

35 B
250 B

33ms
33ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=2af17206-4c39-4426-b0d9-b0bc126fb13d&gdpr=&gdpr_consent=&us_privacy=
date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 606B 43 B
295 B 111ms
18ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 606B
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-6dcf07c5-1057-5e93-51fb-358faf99561d$ip$45.141.152.77

35 B
250 B

33ms
32ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-6dcf07c5-1057-5e93-51fb-358faf99561d$ip$45.141.152.77
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:06 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-6dcf07c5-1057-5e93-51fb-358faf99561d$ip$45.141.152.77
Date: Tue, 07 Nov 2023 12:22:05 GMT
Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 606B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-WzHg00RE2pfKVZcj.U63L9r3_3SiqkfmiplR~A

35 B
250 B

101ms
33ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-WzHg00RE2pfKVZcj.U63L9r3_3SiqkfmiplR~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 07 Nov 2023 12:22:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-WzHg00RE2pfKVZcj.U63L9r3_3SiqkfmiplR~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 606B
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=5c4d8c79-e9e1-45c8-a32f-adf659431aaf

35 B
250 B

36ms
32ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=5c4d8c79-e9e1-45c8-a32f-adf659431aaf
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:06 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=5c4d8c79-e9e1-45c8-a32f-adf659431aaf
Date: Tue, 07 Nov 2023 12:22:05 GMT
Connection: keep-alive
X-CI-RTID: 31bb7b92-2145-4105-9e77-fef6de2c4069
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 606B 0
44 B 327ms
92ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 606B
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_cf641c77-b627-4e73-935c-d61973b9dd80&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

34ms
33ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 606B
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=WLZpwYuILB19&ev=1&pid=558355

35 B
250 B

51ms
32ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=WLZpwYuILB19&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=WLZpwYuILB19&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-59d47cf7f8-bft96
expires: -1

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 606B 0
44 B 39ms
35ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:04 GMT
content-length: 0

GET
H2 200 um
sync.e-planning.net/ Frame 606B 42 B
104 B 103ms
16ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=144401b13976ccf6&uid=e_cf641c77-b627-4e73-935c-d61973b9dd80
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server: openresty
date: Tue, 07 Nov 2023 12:22:05 GMT
content-type: image/gif

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame B993
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=1361606161466983843&gdpr=&gdpr_consent=

35 B
208 B

39ms
37ms

Document
image/gif

52.213.196.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=1361606161466983843&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.196.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-196-228.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Tue, 07 Nov 2023 12:22:05 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Tue, 07 Nov 2023 12:22:05 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=1361606161466983843&gdpr=&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 91C1 170 B
188 B 37ms
20ms Document
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZjY0MWM3Ny1iNjI3LTRlNzMtOTM1Yy1kNjE5NzNiOWRkODA=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:22:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 21F2 15 KB
6 KB 206ms
172ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=82612
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 07 Nov 2023 12:22:05 GMT
expires: Wed, 08 Nov 2023 11:18:57 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 4084 70 B
148 B 63ms
35ms Document
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Tue, 07 Nov 2023 12:22:05 GMT
server: Kestrel

GET
H2 200 /
c.mgid.com/pv/ 43 B
138 B 63ms
28ms Image
image/gif 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fwww.bigmir.net%2F&cbuster=1699359725571361341620&pvid=18ba9bb9803b369a99e&implVersion=11&cxurl=https%3A%2F%2Fbigmir.phnx.link%2F&site=423245&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82258a2d1bbdbb8f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 4394
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZUor7sCo8X4AAPsST.AAAAAA

35 B
250 B

34ms
34ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZUor7sCo8X4AAPsST.AAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 07 Nov 2023 12:22:06 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Tue, 07 Nov 2023 12:22:06 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZUor7sCo8X4AAPsST.AAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 4
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad9.dc4p.scaleout.jp
X-SO-IP: 45.141.152.77
X-SO-Key: ZUor7sCo8X4AAPsST.AAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZUor7sCo8X4AAPsST.AAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad9"}
X-SO-LB-Hostname: m-tgng26.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad9

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 193E
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=Efk0iW3jenXZYLKIXdtw&pi=gumgum

35 B
250 B

45ms
32ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=Efk0iW3jenXZYLKIXdtw&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 07 Nov 2023 12:22:05 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 07 Nov 2023 12:22:05 GMT Tue, 07 Nov 2023 12:22:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=Efk0iW3jenXZYLKIXdtw&pi=gumgum
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 14D6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
555 B

472ms
156ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D144401b13976ccf6%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Nov 2023 12:22:06 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 07 Nov 2023 12:22:05 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 31C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

43 B
731 B

36ms
34ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGL235PoBMAE&v=APEucNU0LoPpzxPUb1uAhzVrqQC9yMyb55PmZGvbRmrm4nNspQGYIxMewuqprp771PpNZ6MFXB9rAKtcRxBglyXxtvptfXsGvdRtWmJYp-HQTgFF80kBc5VfcOpBGd4to_gGap5HHzt-pNlJYqiDn2TSTPP8ynVNWe42kaKxQaMI6-H0IkoNszg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkcnwhAQ10R2JIf9l7bzchpozJBH3CHy3VBldBucomk%2BDi9E03Vo1%2FRUHWSzfvmkwa%2BstVFzBPnB3ldnQGp7N8TVx069GjgzZtyMskc56PLh3vARezIn6YyYjlpL7gLDGgOY8pgxbdMZbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82258a2d8f9d9176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 31C3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUor7Z4UU-hWCJDb6mefDwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

43 B
731 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGL235PoBMAE&v=APEucNU0LoPpzxPUb1uAhzVrqQC9yMyb55PmZGvbRmrm4nNspQGYIxMewuqprp771PpNZ6MFXB9rAKtcRxBglyXxtvptfXsGvdRtWmJYp-HQTgFF80kBc5VfcOpBGd4to_gGap5HHzt-pNlJYqiDn2TSTPP8ynVNWe42kaKxQaMI6-H0IkoNszg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbIDWBhDrVRq7N6zSopg2IhGBoF4fq4wok0dRB5m2tcOpBdWqLHLANJq7LbomrkAaaZNvZX4Ud6Z%2BaIceulOcOEqa%2BcXbYerCA6S2KXhIxQORfvjN4PB1HVlyuekNjq6oGLM1L4PxLOiWg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82258a2dafc89176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 31C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED8xO0FZDahY0GPyUcUj6bs&google_cver=1

43 B
839 B

7ms
6ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED8xO0FZDahY0GPyUcUj6bs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGL235PoBMAE&v=APEucNU0LoPpzxPUb1uAhzVrqQC9yMyb55PmZGvbRmrm4nNspQGYIxMewuqprp771PpNZ6MFXB9rAKtcRxBglyXxtvptfXsGvdRtWmJYp-HQTgFF80kBc5VfcOpBGd4to_gGap5HHzt-pNlJYqiDn2TSTPP8ynVNWe42kaKxQaMI6-H0IkoNszg

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
an-x-request-uuid: 39b747fa-5072-4014-82cd-33efffd18483
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED8xO0FZDahY0GPyUcUj6bs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31C3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYzMjE1OTMwMDA5ODUzMjU2Mw%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYzMjE1OTMwMDA5ODUzMjU2Mw%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
an-x-request-uuid: 4abd08ec-249f-44a4-97c5-46cb25cac9f7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYzMjE1OTMwMDA5ODUzMjU2Mw%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ Frame 02AC 67 KB
19 KB 36ms
28ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: f4852c9989535b26a978711ee9cd8e88638600d206e25a00fd49355b14736ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:58:36 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 19409
expires: Wed, 08 Nov 2023 00:22:05 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
225 B 19ms
18ms XHR
text/plain 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/QdbVQ/hbw_master_738585_17138.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bigmir.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bigmir.net
Date: Tue, 07 Nov 2023 12:22:05 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D70 0
20 B 43ms
40ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7168116118465&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D70 0
20 B 46ms
44ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7168116118465&version=m202309260101&ct=77&x=1&cor=13739454882386823000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0D70 31 KB
18 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwOwRCQE0OgpokzfmIfO0Yha7hQq9EB6Ybyk4IQQpA0KS0iHoJyPcHz3cPNj0vdPFXoNOKqa_WSkMkt334GbsKXz-bVlXi9Bu_Av1O8o50MhkF9C7sFm1MQHqFrfyapbQHjtZiO2FD-KUJ_w5Dr2J3Clo3jq-dj0MjyrV4EOA05H7uP4g&cry=1&dbm_d=AKAmf-CMIuD4Mhx-P5HTWgNaeASc8h39dIpR5DXFmFuyCAV3sLrtQ8VcrIJFfnW30q38syZCn0dDB8-wicRhy-AaeDtjQh5ywzKlpfhDVtrgbK0Vvd1qScKor1ugUw3vw4NCBYkyVdmeppHJfNNROORvlk6QzK4Lrd4uo_VmAqtt2H87h8D1xORj-Na_arA-9mCsjBdsq9TsmmxnFCtKpGCLRwibUZIpaDq2_bGUK2NDZ0PnUCSjh99VQaPee_xyZdIAmRS4eQMw6BTxic4CERDkd2ulRoox04fgPn1PfabUDESoMZF7g5bsfHvOYcDjHobnPl1OPgkRJaaKFI5O1hwUqsjYMnxdVj3ljG9FOy9utgenJ2oq7Hxu380roXfmwORlDBvss1cqSEkYt3MQbSC6hsgCVrPI6rDVXsRSGGWJz51KeXhkdsqod9UYk2gckXqz27z9S-MaDIQ4W2K8lSZtCUdAUP1Z8KqUyBshSoGcQnpuqiLixLomQerielGroAhtBymnmAKXtOfF4qxMkLJMAeduY-TIqXkXNAAbbPz2ruLxyt9yx7kP7IjnrnpalTVutFYilbEcYMtiL_wmISKCYwYoyLpL78XTm3qf9t7Iqk0tJOueHeLWZpjH15_OZ07KDfwpOix-scNAUQARH_pRHas5Nd1QixMiGFy8AgiH-i5B9bwch5qeHpQHVp3DVN3C4kSiTwcpFIhBpuknH8f9IVj9IXiqPQDNFVbpWBMz86RL3hi74ZmltuX2zXPSQvuEIHtqpjBxmj3fkxdbSUTJJ8bE19KsGe-e7EXRyL6jAs55qXvP8s4m3lpstb7xOPZkPgGjeDw-QBD0pPD3I7xI6i1OUaF9iO1htttvr-z0GGCoR3GnUORl6Y7sQqF3MV_-L7EZlbAw46A03vnTimMfpfbZWIrjGxqkGKsDPilYS6qX3aPhQd8b2H2KTkAA7oAokS2ann_T0uuCwcQyfO-GhO9TxUkUlzejKaVoc5B3V472Tm8iYdMB9K1aetScBa5wMeOubASpWJV-ObpDl2hSHtIkzFMXD_VDDxjQKTb-E3dVqai_BPv3jmlpN3Zo1M6-a69t1k2H_8NL9T-wsGJUz_FIESFHrx2j3kKEaFFKscG9T0Kd6Hg6Y-9jkTIRdKD3-eMji_xe3K_lBNIkuzB8I4KamVSkGaB3EneHIYN1GoMT_hNh--SFIzpVrILZnAio5EEw6Gq1xION1o-6stIZh8ycxfJlIs0U8xTH5qs_LZpPfU6Bsfcr6Q9Fpr-Gvnd6044mCiV2N4Hc4SKX_PBPgFx-oLLZqhj0mHVgIOsmDeOfenppw6Tx7b_XmpbpOZDbn74qf4JGfhFQwiWppiLciOMYGSYzWm30zdLjmEogLeZKBVIWT4E_znr1AFYe5HkNX5oK7ygRO4icZw8E8ubRF3PanAl_Lqky_fCplQlOq2AgiVMbkl716k64RCLds0woxgbRtb-UkD0DNx-wBnUJtL-dJIg0PKOMb3VsxVSm8baFlMkIQTb6mN-jD2oAypsRDfQz3zT4FVjf2Sj2Reu9Vq9Oso-sBpVUXPJ0MoJoXHGmr0g9vf2GrX036BH7IzxLlDqpgOHaRwZUNDX6BG6Cn0XJUuiLUvMkc_G97PCGJIAQFMcsRvqdCLwbksIGkoZWANMOfbhV96vW_nWHxn-BgPd_zA9TNENpLDSBy6XHDu3LNPsnB7lC__NtHFHdUTAxk108Li210OLQHBdBivuOUJ7UQlcBk6dkzdgnS5TLo6qC8dT9htIWbYurGTX0MoqzRW_rc4gZvSi5E33AEH4UIifYwSqA7HO1vGQm0hKtexafydo_L3A1LUuOgTWWV0w42YAkwEL08iJIG7KXNV3fpkEkn9Ayng3gcQPUPM5FRnJTJt_-C6TeqkE9S817BUyJiL58cJkMI8ZFzzsfIQxeOn9kVPP5HzZfhZ7pJTtLdDXMW7f1p4cFQ4vO0HPjayzPAnvZKAi3kw0zGNaLfyWxphmHhEcUNAsRTYRoh1QxK0K0KzfMBPHUt8NiKWH_Bdl2GHzEMaPY6hbSag2BS6grDT3EOxKYqeI-l9bbThbAfhIUlfCGa47Frqm-nu-KCghh43T57nmK9KvdUzB5fIFWNpJa0pVkS70pCJoYipmSvZ3uggRCdp3QFw14mlF97NXJ-Q6mzLHvdmGGX1SdO8sOW2IaLgz1z9xlDXlYNNzjRl0d7dSLwU8vjgNl-drQYR0K1W7TsLDwtMR5PuTOFRzNuOdYv5fdYdBbl43iaoOsED3Equ68lHjgQmLOnC4iXWAk2R8OjCTvqjxNliKfvk1WXMOWmFNA9jYYYkbCFDNJZ1H89EsmkBdYQxtck8Awgi8d_cW269nxKH0FDkGOyz2UuZm1YHH82zhmafJZgl4XCCChXdihvASUue9PVQKvVxQOJHBGwEd1kossBn6aOvnZZdIzsmWf4PVA5HRclmR5bEWRV8T_mR6L_J8xyk9A7Anosn33HyHm7LKaC131Mp3mJvBnNlXmbJvnE4W58EYo1-2tN7tA0WRaA6rVxy7rJg11v-rTlxousGIPSI9_3zAjbJg9BpfedFsRJTd6coGkOncBYMEwwHpMjlb0CgxdlTTxNE1LSmianPxPymJ4Q8zF9Me9TWvgdWLglFQgsUO7uaa9UW68lcEKIFxHSv2fGvTnMkvHZ8RmUCFypJO64DrV2oYNY2FvdofugHtylO5-3m7c-EUEMVSysv-GYlargRHdITUK0zQz1_-cl4Y-IHOzqRL3oZ-aC9kaPk32kON5H4Z-PhLGaC1trXfOrNS8ZyuuELifB80vWUVNS4SOh-E1cGykEtMdKsPbvZMhf4xyiGBuWICa3QkwRHutlnd79TuwCEYg6HDUL635EgCDP00V61b82TgdyVTWNwTTYnb4seXrjXGFgU7SgkCUl0nuX-1YhRa5CEM-kwSpXNfg3EMXnYnCDFOU_zXe_grk-750kl2PTrhsN6IN_SzT2IEQ2q1eIS_LaOyPwrgRRQivzYAnNe7L6OKsHFC6s7EkVpWOm0rw4E5ao7D752YQYT76He2eex3cs_jubemP_G8JeRLw2htgjCGmMaT2D-j7-qguPDM44bLdlLusMVJZoINJN-vEr44r9pL8Wm6nW7sO1nka5ZNtfVoMPCxUlmsd9tLsygIR8zCKgGPG8x_FOtx39gLFab_kGF0USogCQ-si3mDBagw82ZQVYVdDHd2w-BVyKAEBOthpaqPPS051lXqsAaLjFHxcLkZTMnA9wUOADoj7qLIbCRGjXJmJpaqRlBm2C-q1SKqS1IrHwh5sL9IiuvFC9WRbpQNNunXutlOjbzmI1mYG279yT-rxTf-_mMMfZiILXL0lHaAtNj2IctAfIMiI38qQ5asTGO548DzYveVNGOYGr-pSN_giNlh3VXkD8whC4migONA8bZ7n1Oc0ASskIZN9W3AgPvvWn8skze-bFTPD1L1glfx2b9xznPs4UlvTl5oH89jR9oSd471A38n2n6zaeOvZICCgp7QMJJCZocTb7fsNQpsbjbZQ651dcR7JRKtaIgG08aKEq0VGd8sBpfRCmHRPy0B-iJ9UVw-23t1o-KNIhjdxtvc_iU2J30xJHz6AtE2FSRgGFOH2kSm26pC_f-JADynfM6jmm7a99Z3bW-i4dEi5O1pPxrYpPO8yAH_0HEOAeH9B7bcQ1aH6eId8YFwT8sjE_0I8GkS9QNJfq7LMWG_vcjlZ7pk98D71fKTiH4P9OjnWY1_TgSdTQAM5Mu_EHUGPkYKPxebo-AUlPd3nxjjzv85ZzrAHYBCReJZrVF22yYH0lZvR1rLv5siIxcLN2gRY7acR71Qwzos6gUfG2UOSSBc8yUBN36lbul6TATY_tg9Jvy2188-SD6uUo7smQ3nbTXlnFBBYOCi9rad0w-_ex8F9e8o3WZSCPd3U39V2l4ZWSFgvbVFyzkJJvwQ5pmVkfSu3iKIovQvyAAtsbmQDgZRVWwsFQ-AgiHeZNQGzTOrYt7M5cBrseW9nx0XJzvztgteHVqOoTjQAnOMS4nyE4PU3P8FMhsop2UVQw2sZgOQHEccTVAx11vokGR4CnldO-W6cMt0GrxyBvmk_7U6YiTvwLLj2Lcly7jHtxtNCRlboSS9ugy3exxiyj82oOGNPucGb3Ci2zneiVMcrTEfTdLYPKZep2WkZ15gvn0_1hHO6VHJYQamLDSc3FMypC7Stwou7kj5Wpt3CkNNcxMJtpWFl6UP4FWS5nTZEUTPRsp1qLnLs0TiSA4B_2MP3HIiTSAxJi6n-tcEazVAIwmJTFjdq3y4gOjZP01HeayNVRNpe-FI-9nLpaXyBAUzbgWcaWH0RtN9pFgUZsUqgTfNmRy_cvU8pSH340emQcM1p2bzKIgac82c0r0uG7t-AZSh_K4xT6p_zbbjaobaF9SSPcOyIbBQhgw73pH9qRcI&cid=CAQSPADICaaNK-KJi4ScuXYxxDSUuxfmh_IYqEPLt7E1-Oewa7cgSTx0kCCnEZgH2yNAD9qe_VIlaGmxISxkyhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bigmir.net%2F&ds=l&xdt=1&iif=1&cor=13739454882386823000&adk=496764934&idt=168&cac=0&dtd=170

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf0ccd7a03ac0e0ead5aa640ddf939b8afead1b44bfd925f77bda00b843cc9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18702
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D3B 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bigmir.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:22:04 GMT
expires: Wed, 06 Nov 2024 12:22:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 75ms
74ms Image
text/html 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=3oXkBOZgijapQrD6jqwuHXcgQpVYTYQxT%2FD21H59Z3sYTSi1tzv2oWC9SXUJOlrUYvNjCJZlfLgxxACfK3ZesDW5CowKh7TlKZY7DuLl0cMSqVcd1c8ZEttbRU4VsbcitDopuKA0SkGcmSk4pOOeIs3HgJpen3NIRvtskvMTETCaFs%2FMcxWua2Sj0Dpqzb81cTWNNKfn%2Fc5KvY5wmyXRDkK6jT2Zy%2B1%2BYskChGktLyMamnXzLpOatWGe%2FBWkzrXK&params=0Nym5j7nxFQf7sDeTd4dxthQBVDyfWCFD8tY%2FbdxHTE%3D
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 12:22:06 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 bigmir.net.971155.es6.js Show response
jsc.mgid.com/b/i/ Frame 02AC 332 KB
99 KB 39ms
37ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/b/i/bigmir.net.971155.es6.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c2a2fd83b91046f1c9e0a8fc19e692deb5f4e96fa7bdd530dc56fa79e743e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
x-amz-version-id: _vLnsREvfuecaMV.5gtTYMq6QJUhkgy7
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GE1SANC9VWTQWMY3
age: 5732
cf-polished: origSize=339738
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0kT/dCuEsutVFHU1s2PwroQ7osjzbReZ8KARCXWbd3S/3sdC2c0TyA5GFimiA88l+st8jVkW3CY=
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 13:59:20 GMT
server: cloudflare
etag: W/"0325d0fd4e5040d80ef2adac096b5d69"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82258a2f695a91f0-FRA
expires: Tue, 07 Nov 2023 15:22:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 0D70 31 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwOwRCQE0OgpokzfmIfO0Yha7hQq9EB6Ybyk4IQQpA0KS0iHoJyPcHz3cPNj0vdPFXoNOKqa_WSkMkt334GbsKXz-bVlXi9Bu_Av1O8o50MhkF9C7sFm1MQHqFrfyapbQHjtZiO2FD-KUJ_w5Dr2J3Clo3jq-dj0MjyrV4EOA05H7uP4g&cry=1&dbm_d=AKAmf-CMIuD4Mhx-P5HTWgNaeASc8h39dIpR5DXFmFuyCAV3sLrtQ8VcrIJFfnW30q38syZCn0dDB8-wicRhy-AaeDtjQh5ywzKlpfhDVtrgbK0Vvd1qScKor1ugUw3vw4NCBYkyVdmeppHJfNNROORvlk6QzK4Lrd4uo_VmAqtt2H87h8D1xORj-Na_arA-9mCsjBdsq9TsmmxnFCtKpGCLRwibUZIpaDq2_bGUK2NDZ0PnUCSjh99VQaPee_xyZdIAmRS4eQMw6BTxic4CERDkd2ulRoox04fgPn1PfabUDESoMZF7g5bsfHvOYcDjHobnPl1OPgkRJaaKFI5O1hwUqsjYMnxdVj3ljG9FOy9utgenJ2oq7Hxu380roXfmwORlDBvss1cqSEkYt3MQbSC6hsgCVrPI6rDVXsRSGGWJz51KeXhkdsqod9UYk2gckXqz27z9S-MaDIQ4W2K8lSZtCUdAUP1Z8KqUyBshSoGcQnpuqiLixLomQerielGroAhtBymnmAKXtOfF4qxMkLJMAeduY-TIqXkXNAAbbPz2ruLxyt9yx7kP7IjnrnpalTVutFYilbEcYMtiL_wmISKCYwYoyLpL78XTm3qf9t7Iqk0tJOueHeLWZpjH15_OZ07KDfwpOix-scNAUQARH_pRHas5Nd1QixMiGFy8AgiH-i5B9bwch5qeHpQHVp3DVN3C4kSiTwcpFIhBpuknH8f9IVj9IXiqPQDNFVbpWBMz86RL3hi74ZmltuX2zXPSQvuEIHtqpjBxmj3fkxdbSUTJJ8bE19KsGe-e7EXRyL6jAs55qXvP8s4m3lpstb7xOPZkPgGjeDw-QBD0pPD3I7xI6i1OUaF9iO1htttvr-z0GGCoR3GnUORl6Y7sQqF3MV_-L7EZlbAw46A03vnTimMfpfbZWIrjGxqkGKsDPilYS6qX3aPhQd8b2H2KTkAA7oAokS2ann_T0uuCwcQyfO-GhO9TxUkUlzejKaVoc5B3V472Tm8iYdMB9K1aetScBa5wMeOubASpWJV-ObpDl2hSHtIkzFMXD_VDDxjQKTb-E3dVqai_BPv3jmlpN3Zo1M6-a69t1k2H_8NL9T-wsGJUz_FIESFHrx2j3kKEaFFKscG9T0Kd6Hg6Y-9jkTIRdKD3-eMji_xe3K_lBNIkuzB8I4KamVSkGaB3EneHIYN1GoMT_hNh--SFIzpVrILZnAio5EEw6Gq1xION1o-6stIZh8ycxfJlIs0U8xTH5qs_LZpPfU6Bsfcr6Q9Fpr-Gvnd6044mCiV2N4Hc4SKX_PBPgFx-oLLZqhj0mHVgIOsmDeOfenppw6Tx7b_XmpbpOZDbn74qf4JGfhFQwiWppiLciOMYGSYzWm30zdLjmEogLeZKBVIWT4E_znr1AFYe5HkNX5oK7ygRO4icZw8E8ubRF3PanAl_Lqky_fCplQlOq2AgiVMbkl716k64RCLds0woxgbRtb-UkD0DNx-wBnUJtL-dJIg0PKOMb3VsxVSm8baFlMkIQTb6mN-jD2oAypsRDfQz3zT4FVjf2Sj2Reu9Vq9Oso-sBpVUXPJ0MoJoXHGmr0g9vf2GrX036BH7IzxLlDqpgOHaRwZUNDX6BG6Cn0XJUuiLUvMkc_G97PCGJIAQFMcsRvqdCLwbksIGkoZWANMOfbhV96vW_nWHxn-BgPd_zA9TNENpLDSBy6XHDu3LNPsnB7lC__NtHFHdUTAxk108Li210OLQHBdBivuOUJ7UQlcBk6dkzdgnS5TLo6qC8dT9htIWbYurGTX0MoqzRW_rc4gZvSi5E33AEH4UIifYwSqA7HO1vGQm0hKtexafydo_L3A1LUuOgTWWV0w42YAkwEL08iJIG7KXNV3fpkEkn9Ayng3gcQPUPM5FRnJTJt_-C6TeqkE9S817BUyJiL58cJkMI8ZFzzsfIQxeOn9kVPP5HzZfhZ7pJTtLdDXMW7f1p4cFQ4vO0HPjayzPAnvZKAi3kw0zGNaLfyWxphmHhEcUNAsRTYRoh1QxK0K0KzfMBPHUt8NiKWH_Bdl2GHzEMaPY6hbSag2BS6grDT3EOxKYqeI-l9bbThbAfhIUlfCGa47Frqm-nu-KCghh43T57nmK9KvdUzB5fIFWNpJa0pVkS70pCJoYipmSvZ3uggRCdp3QFw14mlF97NXJ-Q6mzLHvdmGGX1SdO8sOW2IaLgz1z9xlDXlYNNzjRl0d7dSLwU8vjgNl-drQYR0K1W7TsLDwtMR5PuTOFRzNuOdYv5fdYdBbl43iaoOsED3Equ68lHjgQmLOnC4iXWAk2R8OjCTvqjxNliKfvk1WXMOWmFNA9jYYYkbCFDNJZ1H89EsmkBdYQxtck8Awgi8d_cW269nxKH0FDkGOyz2UuZm1YHH82zhmafJZgl4XCCChXdihvASUue9PVQKvVxQOJHBGwEd1kossBn6aOvnZZdIzsmWf4PVA5HRclmR5bEWRV8T_mR6L_J8xyk9A7Anosn33HyHm7LKaC131Mp3mJvBnNlXmbJvnE4W58EYo1-2tN7tA0WRaA6rVxy7rJg11v-rTlxousGIPSI9_3zAjbJg9BpfedFsRJTd6coGkOncBYMEwwHpMjlb0CgxdlTTxNE1LSmianPxPymJ4Q8zF9Me9TWvgdWLglFQgsUO7uaa9UW68lcEKIFxHSv2fGvTnMkvHZ8RmUCFypJO64DrV2oYNY2FvdofugHtylO5-3m7c-EUEMVSysv-GYlargRHdITUK0zQz1_-cl4Y-IHOzqRL3oZ-aC9kaPk32kON5H4Z-PhLGaC1trXfOrNS8ZyuuELifB80vWUVNS4SOh-E1cGykEtMdKsPbvZMhf4xyiGBuWICa3QkwRHutlnd79TuwCEYg6HDUL635EgCDP00V61b82TgdyVTWNwTTYnb4seXrjXGFgU7SgkCUl0nuX-1YhRa5CEM-kwSpXNfg3EMXnYnCDFOU_zXe_grk-750kl2PTrhsN6IN_SzT2IEQ2q1eIS_LaOyPwrgRRQivzYAnNe7L6OKsHFC6s7EkVpWOm0rw4E5ao7D752YQYT76He2eex3cs_jubemP_G8JeRLw2htgjCGmMaT2D-j7-qguPDM44bLdlLusMVJZoINJN-vEr44r9pL8Wm6nW7sO1nka5ZNtfVoMPCxUlmsd9tLsygIR8zCKgGPG8x_FOtx39gLFab_kGF0USogCQ-si3mDBagw82ZQVYVdDHd2w-BVyKAEBOthpaqPPS051lXqsAaLjFHxcLkZTMnA9wUOADoj7qLIbCRGjXJmJpaqRlBm2C-q1SKqS1IrHwh5sL9IiuvFC9WRbpQNNunXutlOjbzmI1mYG279yT-rxTf-_mMMfZiILXL0lHaAtNj2IctAfIMiI38qQ5asTGO548DzYveVNGOYGr-pSN_giNlh3VXkD8whC4migONA8bZ7n1Oc0ASskIZN9W3AgPvvWn8skze-bFTPD1L1glfx2b9xznPs4UlvTl5oH89jR9oSd471A38n2n6zaeOvZICCgp7QMJJCZocTb7fsNQpsbjbZQ651dcR7JRKtaIgG08aKEq0VGd8sBpfRCmHRPy0B-iJ9UVw-23t1o-KNIhjdxtvc_iU2J30xJHz6AtE2FSRgGFOH2kSm26pC_f-JADynfM6jmm7a99Z3bW-i4dEi5O1pPxrYpPO8yAH_0HEOAeH9B7bcQ1aH6eId8YFwT8sjE_0I8GkS9QNJfq7LMWG_vcjlZ7pk98D71fKTiH4P9OjnWY1_TgSdTQAM5Mu_EHUGPkYKPxebo-AUlPd3nxjjzv85ZzrAHYBCReJZrVF22yYH0lZvR1rLv5siIxcLN2gRY7acR71Qwzos6gUfG2UOSSBc8yUBN36lbul6TATY_tg9Jvy2188-SD6uUo7smQ3nbTXlnFBBYOCi9rad0w-_ex8F9e8o3WZSCPd3U39V2l4ZWSFgvbVFyzkJJvwQ5pmVkfSu3iKIovQvyAAtsbmQDgZRVWwsFQ-AgiHeZNQGzTOrYt7M5cBrseW9nx0XJzvztgteHVqOoTjQAnOMS4nyE4PU3P8FMhsop2UVQw2sZgOQHEccTVAx11vokGR4CnldO-W6cMt0GrxyBvmk_7U6YiTvwLLj2Lcly7jHtxtNCRlboSS9ugy3exxiyj82oOGNPucGb3Ci2zneiVMcrTEfTdLYPKZep2WkZ15gvn0_1hHO6VHJYQamLDSc3FMypC7Stwou7kj5Wpt3CkNNcxMJtpWFl6UP4FWS5nTZEUTPRsp1qLnLs0TiSA4B_2MP3HIiTSAxJi6n-tcEazVAIwmJTFjdq3y4gOjZP01HeayNVRNpe-FI-9nLpaXyBAUzbgWcaWH0RtN9pFgUZsUqgTfNmRy_cvU8pSH340emQcM1p2bzKIgac82c0r0uG7t-AZSh_K4xT6p_zbbjaobaF9SSPcOyIbBQhgw73pH9qRcI&cid=CAQSPADICaaNK-KJi4ScuXYxxDSUuxfmh_IYqEPLt7E1-Oewa7cgSTx0kCCnEZgH2yNAD9qe_VIlaGmxISxkyhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bigmir.net%2F&ds=l&xdt=1&iif=1&cor=13739454882386823000&adk=496764934&idt=168&cac=0&dtd=170

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 17:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 17:13:31 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D70 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 06:26:22 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0F38 624 B
242 B 49ms
47ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBD8p82_BRj4mp_6ATAB&v=APEucNXulIRTqIxhrj659jNjTSbPShydxUndkPoKnYjj8SyQvN9GogggYmAMBInioSvJwJ7cOjlrbG_XpOztVi8gDr_SeZp6pw7UzMIM4DX8MAHTuc4be01iDl0Rl_impxElgWe1KA08Pmp6KVb-OOkm3y5pKrhuSD1CSP4jRHS_NCP0fpz5Tt4

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:22:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3D3B 172 KB
61 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
Origin: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 3D3B 7 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 14:43:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 3D3B 23 KB
9 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:26:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 14:26:08 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3D3B 41 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 06:26:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 3D3B 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:24:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D9D4 1 KB
643 B 13ms
10ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Wed, 08 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 3D3B 20 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:56:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D3B 42 B
63 B 45ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Civyki4JoqxLILbNvHa__myowgH3EMww0aEJoahNAtJWeXTnO3NrLu-6b8FFhOCg-CW0Zcrw1oY7tWQgFntWuur_P7rxFrEb9HiK9gyDoJxvXbmxM

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D3B 190 KB
60 KB 42ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 12:22:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 39FA 1 KB
643 B 21ms
11ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Wed, 08 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
adno.cdnwebcloud.com/store/creatives/2005/ Frame 1302 103 KB
21 KB 8ms
7ms Document
text/html 13.32.99.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adno.cdnwebcloud.com/store/creatives/2005/index.html?tc_alt=113138&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCihXg7CtKZZXJMMvMgAfFtK3ABP6J3b1zm77ev4gSl8-ivcABEAEgitb8lwFgleKQgqAHoAGTjM_uAsgBCakClp26jPH3sT6oAwHIA5sEqgSfAk_QYFNW1WL1DzsV_XWsBwxq8764Jel_X-Vfpgs2Nmh7dCEg-zHPPcAv8OcoyxT1DcrZH2OvOHlb6RE6xtrd6rf7Eec-7V6nAse3hB1Arg3BMBhZHhK-xos2eYn3qnD2B8mK-mZ_vdeZubAkj2302y4h20d66444V9SZ1NZbPdHBbDEqIgu4RLS1LcC9V7CAICeprSXnCFl1mj1PjHGP0jZysCpKpkJRhcIAxWZsr5noj15Rz0W1z5ZpdYGzRTBo1x1Cn6mUw7SG42MHIcgvZJXV3xcqJOyRsxv4H34DOK90lkfchzR6th0qgzgUho4h3_oDerz4AEXCqKue-yMqU8xcuGX031yPl5Kw64Q9XF-V88A8lnaBUVTFPrkQpc_twASvq7WZugTgBAOIBcnIjvFMkAYBoAZNgAfV87CRAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMIndj1pfCxggMVSybgCh1FWgtIsBOEqY8V0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNK-KJi4ScuXYxxDSUuxfmh_IYqEPLt7E1-Oewa7cgSTx0kCCnEZgH2yNAD9qe_VIlaGmxISxkyhgB%26sig%3DAOD64_2vgKgPqMxGSHF1rCWy-AR1fNl1Bg%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-A6IIHuO9ry_dlUK1bpEgail0Yp4izB1McjSp44gFl4N8YDAa8mg8yRuX3-pMWdj8wY2vhhTV4fHzALtySTS7q0CuSuo1AV0d-2CUqGvN7CgnORj8MT0v68fR4rcKXyy05l5-_MBmALzY74QKlmn_WNJ34bB9O2p7guprazPH3HClmdruQ%26cry%3D1%26dbm_d%3DAKAmf-B49OgNDvIeRJIu5pODhETaZ0IHlxmNDz8rdbU5GJ-y4rgZQVnyuw6UspylhTNqlgm0Z4NQGF_Sd_42hrGkR00woiR-Wv2-LIsJwvIoRjgTEYhZw0uDgB15iD2bL_5la5XmZ3lkgTxxV4oHOpD0Fbbc4ELgLCud3zbGkJaa8MBg2Zl9cDSfVnPWf3YZIoffMxq_Ii6VOGgus2d5cjSalh2FbN9rJXhw1wLla2Qjw5EBzec4k2kr_l-MFJFKBnh3uEdb_N7mb6kQQhSsYQWAZx-Oy3LhCQYtX3CXrgDO7OnrrBswatZ_8kkYf_Xj_ASv3_6VkpuT0CY3a-pBWV68n2zfUCBFLLHKEHWvc9Y-PcaQ_NIscwn6Ak0ehpGDnN842LS5jU4oDA9lPJkaimOVpmQ3_n-BC5DMvm483ut4Nz0S1QGwytNvj4hVQcFi9al3NrVqSg9cNVCO5a67VgijSwf7P47BEPy-ixwqzg-FsdfYXgUyC5gbtv4OfIonPlj5HB_Bnnc_Ua0ACnxrJMNkvb9cMGKcx2Pwq-htFBG81xloJJN1_io%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D113138%26n_o_p%3D22grados%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fwww.lopesan.com%2Fde%2Fabora-hotels%2F%3Futm_source%3D22Grados%26utm_medium%3DBanner%26utm_campaign%3DMediosAbora%26utm_term%3Dprosp%26utm_content%3D728x90
Requested by: Host: adno.cdnwebcloud.com
URL: https://adno.cdnwebcloud.com/scripts/creatives/2005/22grados-aboramarca-23-de-728x90-de-22grados-prospecting-abora-de-22grados.js?n_o_ord=1699359724795797&n_o_ct=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CihXg7CtKZZXJMMvMgAfFtK3ABP6J3b1zm77ev4gSl8-ivcABEAEgitb8lwFgleKQgqAHoAGTjM_uAsgBCakClp26jPH3sT6oAwHIA5sEqgSfAk_QYFNW1WL1DzsV_XWsBwxq8764Jel_X-Vfpgs2Nmh7dCEg-zHPPcAv8OcoyxT1DcrZH2OvOHlb6RE6xtrd6rf7Eec-7V6nAse3hB1Arg3BMBhZHhK-xos2eYn3qnD2B8mK-mZ_vdeZubAkj2302y4h20d66444V9SZ1NZbPdHBbDEqIgu4RLS1LcC9V7CAICeprSXnCFl1mj1PjHGP0jZysCpKpkJRhcIAxWZsr5noj15Rz0W1z5ZpdYGzRTBo1x1Cn6mUw7SG42MHIcgvZJXV3xcqJOyRsxv4H34DOK90lkfchzR6th0qgzgUho4h3_oDerz4AEXCqKue-yMqU8xcuGX031yPl5Kw64Q9XF-V88A8lnaBUVTFPrkQpc_twASvq7WZugTgBAOIBcnIjvFMkAYBoAZNgAfV87CRAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMIndj1pfCxggMVSybgCh1FWgtIsBOEqY8V0BMA2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSPADICaaNK-KJi4ScuXYxxDSUuxfmh_IYqEPLt7E1-Oewa7cgSTx0kCCnEZgH2yNAD9qe_VIlaGmxISxkyhgB&sig=AOD64_2vgKgPqMxGSHF1rCWy-AR1fNl1Bg&client=ca-pub-9370473528685580&dbm_c=AKAmf-A6IIHuO9ry_dlUK1bpEgail0Yp4izB1McjSp44gFl4N8YDAa8mg8yRuX3-pMWdj8wY2vhhTV4fHzALtySTS7q0CuSuo1AV0d-2CUqGvN7CgnORj8MT0v68fR4rcKXyy05l5-_MBmALzY74QKlmn_WNJ34bB9O2p7guprazPH3HClmdruQ&cry=1&dbm_d=AKAmf-B49OgNDvIeRJIu5pODhETaZ0IHlxmNDz8rdbU5GJ-y4rgZQVnyuw6UspylhTNqlgm0Z4NQGF_Sd_42hrGkR00woiR-Wv2-LIsJwvIoRjgTEYhZw0uDgB15iD2bL_5la5XmZ3lkgTxxV4oHOpD0Fbbc4ELgLCud3zbGkJaa8MBg2Zl9cDSfVnPWf3YZIoffMxq_Ii6VOGgus2d5cjSalh2FbN9rJXhw1wLla2Qjw5EBzec4k2kr_l-MFJFKBnh3uEdb_N7mb6kQQhSsYQWAZx-Oy3LhCQYtX3CXrgDO7OnrrBswatZ_8kkYf_Xj_ASv3_6VkpuT0CY3a-pBWV68n2zfUCBFLLHKEHWvc9Y-PcaQ_NIscwn6Ak0ehpGDnN842LS5jU4oDA9lPJkaimOVpmQ3_n-BC5DMvm483ut4Nz0S1QGwytNvj4hVQcFi9al3NrVqSg9cNVCO5a67VgijSwf7P47BEPy-ixwqzg-FsdfYXgUyC5gbtv4OfIonPlj5HB_Bnnc_Ua0ACnxrJMNkvb9cMGKcx2Pwq-htFBG81xloJJN1_io&adurl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 529105d7c61c13ad5f72c4e1ad6e3bd726e192f1464c8a68f946b65097e0e663

Request headers

Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21303
content-disposition: inline; filename="manipulated20231024-4570-auufwa.html"
content-encoding: gzip
content-type: text/html
date: Tue, 07 Nov 2023 11:48:12 GMT
etag: W/"3f3329d247fef3fb07987c726bc9883d"
last-modified: Tue, 24 Oct 2023 20:21:12 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-id: Y6ABNpPoF-XNnXT3U3D4wksAR4ZF4zo59NuBzWtGiwgElgYUjUMX4w==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ Frame 0D70 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6b01c2502169be3346288b4047f0696b4e42436d7b8a59923420e804da4aa9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0F38
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

43 B
739 B

27ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBD8p82_BRj4mp_6ATAB&v=APEucNXulIRTqIxhrj659jNjTSbPShydxUndkPoKnYjj8SyQvN9GogggYmAMBInioSvJwJ7cOjlrbG_XpOztVi8gDr_SeZp6pw7UzMIM4DX8MAHTuc4be01iDl0Rl_impxElgWe1KA08Pmp6KVb-OOkm3y5pKrhuSD1CSP4jRHS_NCP0fpz5Tt4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F61%2BFITCwWvRS0j2kp67PtGulzHfr%2FpxIZuUrvuUV73Pl655fT%2BJTl%2FU0kNc1W3PdBGCvKrAy03XLk9YcvSuxhB%2FrlwFeQYsR%2B0zN7qReQ3nMsOR8Q4LL6Bj0ccL51DfZU0TR1%2FDebZgKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82258a30ac039176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0F38
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUor7Z4UU-hWCJDb6mefDwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1

43 B
739 B

34ms
33ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBD8p82_BRj4mp_6ATAB&v=APEucNXulIRTqIxhrj659jNjTSbPShydxUndkPoKnYjj8SyQvN9GogggYmAMBInioSvJwJ7cOjlrbG_XpOztVi8gDr_SeZp6pw7UzMIM4DX8MAHTuc4be01iDl0Rl_impxElgWe1KA08Pmp6KVb-OOkm3y5pKrhuSD1CSP4jRHS_NCP0fpz5Tt4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r49F7EEk9QYa6RFghN2FZZZAtVzk9XrjOskqpjYmm%2FedbpPMIjbI38h%2FM1ZHWZyM6Uif8Syj6UCWiGgLUGVBDCbhX1hBRk9%2FVoqLb%2FZZZ0%2BIZhwsQFhnnQJvzT%2BMm22ujoQ3pMAvK8ZY7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82258a30cc399176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMD4Xe6egd65EgeKsg8H86A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0F38
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED8xO0FZDahY0GPyUcUj6bs&google_cver=1

43 B
840 B

30ms
30ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED8xO0FZDahY0GPyUcUj6bs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI27HBD8p82_BRj4mp_6ATAB&v=APEucNXulIRTqIxhrj659jNjTSbPShydxUndkPoKnYjj8SyQvN9GogggYmAMBInioSvJwJ7cOjlrbG_XpOztVi8gDr_SeZp6pw7UzMIM4DX8MAHTuc4be01iDl0Rl_impxElgWe1KA08Pmp6KVb-OOkm3y5pKrhuSD1CSP4jRHS_NCP0fpz5Tt4

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
an-x-request-uuid: 0f957a3b-470a-4613-b516-84c05da85219
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED8xO0FZDahY0GPyUcUj6bs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F38
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYzMjE1OTMwMDA5ODUzMjU2Mw%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYzMjE1OTMwMDA5ODUzMjU2Mw%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
an-x-request-uuid: bdcae878-5e1a-4174-ac21-8208c94c858f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYzMjE1OTMwMDA5ODUzMjU2Mw%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 1302 139 KB
48 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: adno.cdnwebcloud.com
URL: https://adno.cdnwebcloud.com/store/creatives/2005/index.html?tc_alt=113138&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCihXg7CtKZZXJMMvMgAfFtK3ABP6J3b1zm77ev4gSl8-ivcABEAEgitb8lwFgleKQgqAHoAGTjM_uAsgBCakClp26jPH3sT6oAwHIA5sEqgSfAk_QYFNW1WL1DzsV_XWsBwxq8764Jel_X-Vfpgs2Nmh7dCEg-zHPPcAv8OcoyxT1DcrZH2OvOHlb6RE6xtrd6rf7Eec-7V6nAse3hB1Arg3BMBhZHhK-xos2eYn3qnD2B8mK-mZ_vdeZubAkj2302y4h20d66444V9SZ1NZbPdHBbDEqIgu4RLS1LcC9V7CAICeprSXnCFl1mj1PjHGP0jZysCpKpkJRhcIAxWZsr5noj15Rz0W1z5ZpdYGzRTBo1x1Cn6mUw7SG42MHIcgvZJXV3xcqJOyRsxv4H34DOK90lkfchzR6th0qgzgUho4h3_oDerz4AEXCqKue-yMqU8xcuGX031yPl5Kw64Q9XF-V88A8lnaBUVTFPrkQpc_twASvq7WZugTgBAOIBcnIjvFMkAYBoAZNgAfV87CRAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMIndj1pfCxggMVSybgCh1FWgtIsBOEqY8V0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNK-KJi4ScuXYxxDSUuxfmh_IYqEPLt7E1-Oewa7cgSTx0kCCnEZgH2yNAD9qe_VIlaGmxISxkyhgB%26sig%3DAOD64_2vgKgPqMxGSHF1rCWy-AR1fNl1Bg%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-A6IIHuO9ry_dlUK1bpEgail0Yp4izB1McjSp44gFl4N8YDAa8mg8yRuX3-pMWdj8wY2vhhTV4fHzALtySTS7q0CuSuo1AV0d-2CUqGvN7CgnORj8MT0v68fR4rcKXyy05l5-_MBmALzY74QKlmn_WNJ34bB9O2p7guprazPH3HClmdruQ%26cry%3D1%26dbm_d%3DAKAmf-B49OgNDvIeRJIu5pODhETaZ0IHlxmNDz8rdbU5GJ-y4rgZQVnyuw6UspylhTNqlgm0Z4NQGF_Sd_42hrGkR00woiR-Wv2-LIsJwvIoRjgTEYhZw0uDgB15iD2bL_5la5XmZ3lkgTxxV4oHOpD0Fbbc4ELgLCud3zbGkJaa8MBg2Zl9cDSfVnPWf3YZIoffMxq_Ii6VOGgus2d5cjSalh2FbN9rJXhw1wLla2Qjw5EBzec4k2kr_l-MFJFKBnh3uEdb_N7mb6kQQhSsYQWAZx-Oy3LhCQYtX3CXrgDO7OnrrBswatZ_8kkYf_Xj_ASv3_6VkpuT0CY3a-pBWV68n2zfUCBFLLHKEHWvc9Y-PcaQ_NIscwn6Ak0ehpGDnN842LS5jU4oDA9lPJkaimOVpmQ3_n-BC5DMvm483ut4Nz0S1QGwytNvj4hVQcFi9al3NrVqSg9cNVCO5a67VgijSwf7P47BEPy-ixwqzg-FsdfYXgUyC5gbtv4OfIonPlj5HB_Bnnc_Ua0ACnxrJMNkvb9cMGKcx2Pwq-htFBG81xloJJN1_io%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D113138%26n_o_p%3D22grados%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fwww.lopesan.com%2Fde%2Fabora-hotels%2F%3Futm_source%3D22Grados%26utm_medium%3DBanner%26utm_campaign%3DMediosAbora%26utm_term%3Dprosp%26utm_content%3D728x90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adno.cdnwebcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Nov 2023 12:30:02 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 839C 46 KB
13 KB 162ms
161ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 06bf1392bd317316bc232d0114a050ff434ee599d3761216d4246628598a6359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2023 11:31:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83359
Connection: keep-alive
Content-Length: 13280
Expires: Wed, 08 Nov 2023 11:31:25 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D9D4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1&google_push=AXcoOmRia350C-C28bB2oOqjObNTbn4BH-3klYA08DoWRxKFpdOuiOY9cyU98pjcssw40Dbz49RrHXQvWqsNbtXGtpFMvS_h2Jh_Aw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk3NDYxMDc1NzU3OTgxOTM4OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1

43 B
398 B

68ms
25ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9D4
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMI9EDcwf9ZhTp2frrkQvsA&google_cver=1&google_push=AXcoOmRkRLKr8b4qLL6OTmReQaAoj_RcDRoKkdtw8kdsJ0np2kEYoIjegz...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRkRLKr8b4qLL6OTmReQaAoj_RcDRoKkdtw8kdsJ0np2kEYoIjegz7lLjSB76WcZHSBVXaST-CvtOqvk3rgZgXvp1HMuTDY&google_hm=_URHVHF2AqLb...

170 B
188 B

20ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRkRLKr8b4qLL6OTmReQaAoj_RcDRoKkdtw8kdsJ0np2kEYoIjegz7lLjSB76WcZHSBVXaST-CvtOqvk3rgZgXvp1HMuTDY&google_hm=_URHVHF2AqLbSmHbC1ftcA

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRkRLKr8b4qLL6OTmReQaAoj_RcDRoKkdtw8kdsJ0np2kEYoIjegz7lLjSB76WcZHSBVXaST-CvtOqvk3rgZgXvp1HMuTDY&google_hm=_URHVHF2AqLbSmHbC1ftcA
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame D9D4 0
104 B 82ms
23ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEErmTvGyvhYYSasomFlgSo0&google_cver=1&google_push=AXcoOmRVNW_Qxq6KoIcohoXAy3TirEmqYUZzeJY6F_aIBmdDgF2LG1EryJr__91kquBzWD7dSusAiLWjERs3D_ByoUXCsKDVp57CMA
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D9D4 0
173 B 51ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECJthaIA5J-7rGVtMUODr8w&google_cver=1&google_push=AXcoOmRcX0f8z-kHoUmmyQI3KrOberMnWpnJ7EeEaz_GvcWExN2Tylfx659Rk9Y2t5l0vdDi9I0If-tH8o5BnpctQuVvuxkAS2G1
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9D4
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC3y0VO-4G3qkyu16CWT73Y&google_cver=1&google_push=AXcoOmTB9VC7rHoLiCXcAvVDvx9JhLQegadawJLk8_ZOLftUtPJ6xFZlKtdNpjo1fkxPPjL1H2h9DE2a8L2vIh5jc...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC3y0VO-4G3qkyu16CWT73Y&google_cver=1&google_push=AXcoOmTB9VC7rHoLiCXcAvVDvx9JhLQegadawJLk8_ZOLftUtPJ6xFZlKtdNpjo1fkxPPjL1H2h9DE2a8L2vIh5jc...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTB9VC7rHoLiCXcAvVDvx9JhLQegadawJLk8_ZOLftUtPJ6xFZlKtdNpjo1fkxPPjL1H2h9DE2a8L2vIh5jcLQ8l3F9HxN1bA&google_hm=HncmuGZH4L_gjnngQwCf...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTB9VC7rHoLiCXcAvVDvx9JhLQegadawJLk8_ZOLftUtPJ6xFZlKtdNpjo1fkxPPjL1H2h9DE2a8L2vIh5jcLQ8l3F9HxN1bA&google_hm=HncmuGZH4L_gjnngQwCf3ATq

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 07 Nov 2023 12:22:06 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTB9VC7rHoLiCXcAvVDvx9JhLQegadawJLk8_ZOLftUtPJ6xFZlKtdNpjo1fkxPPjL1H2h9DE2a8L2vIh5jcLQ8l3F9HxN1bA&google_hm=HncmuGZH4L_gjnngQwCf3ATq
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame D9D4 43 B
199 B 120ms
34ms Image
image/gif 54.154.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEDwkmZygh0kChxJ9J-g-9mQ&google_cver=1&google_push=AXcoOmRIHX8gVvNBn1lM_Io11ovF4aBuWntDGUx0uTVsZ6vaa3aAiwhtyYa5h4LZp-KtHGtPrR64tdRwVl7J1afWzSvzg_dtLS-pVg
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.154.133.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-133-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 12:22:06 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame D9D4 43 B
145 B 11ms
9ms Image
image/gif 18.195.142.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBMlgYQ7KSWiv2wJUIkhzxY&google_cver=1&google_push=AXcoOmTiUIjgpMW6_TFfO9i0pTDdvV2B5gSy0hPAj_4MYcfrwAkHPX0YeGFcUdjxUNOFTr1EQrTBaZnetC9w9RzMcQHXe1hr51JPkg
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-142-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D9D4 0
12 B 26ms
25ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IEQWsms6j-kbCemztgnY0wHE_D6FRaLm_O_H7cVQzGByzqhabeeCY8PwUilGVNIzXJNWENGw

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
BLOB 200
OK b29789f9-ad64-4358-aa18-58c605f2524b
https://www.bigmir.net/ Frame 02AC 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bigmir.net/b29789f9-ad64-4358-aa18-58c605f2524b
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 528d99c3-fc75-4fea-980e-c9316b3f277f
https://www.bigmir.net/ Frame 02AC 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bigmir.net/528d99c3-fc75-4fea-980e-c9316b3f277f
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame AE29 38 KB
13 KB 19ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 06:26:22 GMT
expires: Tue, 05 Nov 2024 06:26:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3592507683027900859/ Frame 4CDF 131 KB
38 KB 46ms
45ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd8a4f79b9d91ece7e69c690a50d40b5e7928e26f3f5e009676f159b51336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:22:06 GMT
expires: Wed, 06 Nov 2024 12:22:06 GMT
last-modified: Wed, 18 Oct 2023 11:39:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D3B 0
0 94ms
49ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0mA7h5QhPWONML3BtjWRDN-HaLUk2lwJ34Sn52WhIxKvDt_i8JZVkdU2oVGCd66idjUzsS4Y9LIzfbbYM6RCWZKQgq4PrFKlIy5Rj-PIzse0kK2xiRPvfnUUngyN-ree0KT_X2YKYoMkecNAnqtGzY92rG8i5sgOXGXq-wb9_raTJbeCkGB1-PE26mcB6zKbdpoz0SN7e_TTQIxizOxrXptHaC6ZB2OwRXG0fpcQDOPyU7U_Ql1P4vi78mjImbbpJqrlQBnMH6gKe8TDnorW_FzIPB3cOPhgteFl3QMcn8MJc2ERBuLxWjCxQVGHPzAJZCJ0yZwE5K1HsyTA2471Y7wUVXRfhsn39g8lkCjsKOhn6ejPsDYquR-PLN94wBQXki7JYBoxWw9yHQ5YRa7uAkPOZPhWsU9tZwqTob37Mlhwgkk7VmKIv3uRjT-Vg0ZkzR5q60yL5qihnrUMbcPPFQ_Yga0OFDQ5JcNbiuj7UMLTf1nIbNlaz9zAOj17Skjd6cYoqGjC4HeaKyNCrAbfmA2Slo3B5uLcaUbhl59yZx60OZ15itGZltEl4HMrZMdkpCT3cKCzH65Z37hhTPzF2LFyxJKMqY-ZwFUlpSlkrE9ojnfb1AkBedo7Q_WoLy-ZE_u8GidAVlicmFsAyeFAmcerCezkDjasgbihm4B8H8hyyfXohkQBeLvKV3R0aahHNrQvqgpPsmzQdURfBEESrkIgTJPm0b1QpGsMZir1GrYuboTPiehdrecmH3y9nhGmkC3G1D70b1jzDCaU5Hz65FveTZ4ecxMkIsIfJcF47YN4zb2My8l9ARa7yAIC4BHM8sXagUsLUIidoDuwbKJut4Pp6vNyuY3KyAgdxIA3hVk10CtIedcmdItds75-flPFPrV89OZ2bkaHgxO545PGBL1lBNQ794usEAFqvLrayKKCnYYCHykhW-DibEPvbiH9YTtmEUX93mc6Xz3k-Vw2XzPyPTQp6JHwKex9bMynks_aVDEYt-ywwCdgNwzBQS-fao6LtUWYpocVldd83_3amS3tb55xAkli69vPmP3-w5T_0V2kQaCtIrm-SijRLaTwskPNgUNFDKVBrVIo90j0LMWreuVu_e_9B0qTQs4SRmVO0KY1b7bN24DbkvLE4EnDKZ9XbwRuo7ajIBCGM2Kja_3BedJBTtGzETX8PlWaNshVu8F6eP1oznjJgTuoIfWHQccS2adDYoWFPsCfoHbb41kiCj-xmpXVwOTFpfH91kNWsGApAUJ-qycXtGnGywE6Hjvix1i3xeKn8o8xajR-cOy2pQZeoxokSxxapIWdQdxi8me3APgtznKtQ0b01J0H9cV5HEmGU9tg_UDmO8eADblkUfMCVeGDRgjx7LSUZLWDOrrjm0hh9mJCjt7ZDs86XjpDVOvYWxjX-31n7w6L-BcWmBcAieZuYUqKDIxNfgv2gHoyTCVWZdORBBYWwKU6oq1RH1Feufg8-8HZ15hU9&sai=AMfl-YTmMOlJ3wp7awQHtFTyf10lI7MzAe1FD0tC_pGvfS-oDYVQ81M5918zQsyYsEmuiK4MpEQxZW-69ASIglklFus4P2SSRMnaFb7ekCznGZvLBu3R4EpkR8vt80XS2A8r34mllDyidz4N0chEu7t7D_b7bcV0gnnOqYNwAtclBSGpQAtSBVWlKEY--y-ThjlsFc24MFBQorlMr02qqJcUAjdtHs7BIZar_YAW3FiTf2GTQL44104uCenodFpxZfUxXWc5wKwy5UA2L0lKMuGdxtOwAqZqhGw7Jj9K9_bm2dblh9CUTGYijzpCpIEEcv17tbxXDOX4I8OxxbvNdXRt8omRC1fZ7IlGyr_0aYO4lVK2wvBvPnXNOTcQduDTTD5lW4VO8tIcgJuZVe6VB8K9wTN8NHUq&sig=Cg0ArKJSzPnIHzLshMLREAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=277&cbvp=1&cstd=262&cisv=r20231102.42282&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Nov 2023 12:22:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 39FA
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1&google_push=AXcoOmSmBmhHibvOgAdJf4VXYeyHEZfGisWRxPQ9D-jDhDU7yOV-21DBQpH5DJPxLgWQGCCRRHKiLWFRixwCAYUz9BxiUwBByLqg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk3NDYxMDc1NzU3OTgxOTM4OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1

43 B
398 B

38ms
24ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 12:22:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENDqpwm2zW0NRTH2YagMo1k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39FA
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ0qRqt6SAI_sB1okuN1Oho&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ0qRqt6SAI_sB1okuN1Oho&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0NMTDN5MUkxUjBsNVE1&google_gid=CAESEJ0qRqt6SAI_sB1okuN1Oho&google_cver=1&google_push=AXcoOmTaoPEN5bjkSUTNG2-XMGXNNJidFdIq8LKe2qg9ryx...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0NMTDN5MUkxUjBsNVE1&google_gid=CAESEJ0qRqt6SAI_sB1okuN1Oho&google_cver=1&google_push=AXcoOmTaoPEN5bjkSUTNG2-XMGXNNJidFdIq8LKe2qg9ryxVF0yzJSIoZB2-L7rqKAc93ba1U-6TxUej1uuNzgylt7kNMLoennJY

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 12:22:05 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-062149d55703cc53e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0NMTDN5MUkxUjBsNVE1&google_gid=CAESEJ0qRqt6SAI_sB1okuN1Oho&google_cver=1&google_push=AXcoOmTaoPEN5bjkSUTNG2-XMGXNNJidFdIq8LKe2qg9ryxVF0yzJSIoZB2-L7rqKAc93ba1U-6TxUej1uuNzgylt7kNMLoennJY
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 39FA 70 B
148 B 33ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIZjPDE7GCmMr9FHPp6SzQY&google_cver=1&google_push=AXcoOmQmHoyYGnuJNbpX39eqIOJqD8DJo6iCSmZgQ3qb2iviF6TNzig7S0L9PJtnFLfNClKnFjfk0Tk1RJ-sSoYAyN9VciFBgtNl
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39FA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENXzpfGkCo6w8ENLbEmxhyA&google_cver=1&google_push=AXcoOmTfMcQZ0j2hVUPI76o_FUmonBeD9SjDaM3suoPMVkOH0wpZ2zt7Oy84hjZXKlpnSsHklySv1DQ7mywLzEB_23HY9LZ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTfMcQZ0j2hVUPI76o_FUmonBeD9SjDaM3suoPMVkOH0wpZ2zt7Oy84hjZXKlpnSsHklySv1DQ7mywLzEB_23HY9LZtz7I&google_hm=eS1YT0FMcTVsRTJwRWtDNXB...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTfMcQZ0j2hVUPI76o_FUmonBeD9SjDaM3suoPMVkOH0wpZ2zt7Oy84hjZXKlpnSsHklySv1DQ7mywLzEB_23HY9LZtz7I&google_hm=eS1YT0FMcTVsRTJwRWtDNXBJV3owNDg3a1JKM0JaUkpPNH5B

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Nov 2023 12:22:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTfMcQZ0j2hVUPI76o_FUmonBeD9SjDaM3suoPMVkOH0wpZ2zt7Oy84hjZXKlpnSsHklySv1DQ7mywLzEB_23HY9LZtz7I&google_hm=eS1YT0FMcTVsRTJwRWtDNXBJV3owNDg3a1JKM0JaUkpPNH5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 39FA 43 B
103 B 18ms
15ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOH6W72wWhT9vPqf3glCRIw&google_cver=1&google_push=AXcoOmRWo-qgX5p8v-h-ZLjNklzMS1C_3Ic8-TyhmuqNEXHmH28xDyW10LnfGBKTzYWpy-GwHxML8JmieSYT1KsWL-5xGBpyFM6N
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39FA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_hm=ZUor7Z4UU_hWCJDb6mefDwAADJwAAAIB&google_nid=index&google_push=AXcoOmTJBpoODlnyHGUogJMJhkrnqd_KUNlaf...

170 B
188 B

21ms
20ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_hm=ZUor7Z4UU_hWCJDb6mefDwAADJwAAAIB&google_nid=index&google_push=AXcoOmTJBpoODlnyHGUogJMJhkrnqd_KUNlafF56Oj_o1PGbZG54WxmI04PiyIxqViOH34V1miVTRFDpGMk_hzJqm62sBBKi84pu

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kd2xlsyt0eJiwyKxF0y3YDYShvu8FCnVPIPyBPAlBrttZzHKwycQRHj1rjvQUxZSODcgLH5RSVzHCdshI%2FM3uOZql4bzSFIhUcoaebqFSamfMwYSQErycolzZndVCv8kalV3hoqMHj4yvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOsvdktVReqs0tcQ2tCayBE&google_hm=ZUor7Z4UU_hWCJDb6mefDwAADJwAAAIB&google_nid=index&google_push=AXcoOmTJBpoODlnyHGUogJMJhkrnqd_KUNlafF56Oj_o1PGbZG54WxmI04PiyIxqViOH34V1miVTRFDpGMk_hzJqm62sBBKi84pu
cache-control: no-cache
cf-ray: 82258a317d2c9176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 39FA 43 B
198 B 65ms
35ms Image
image/gif 54.154.133.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEDwkmZygh0kChxJ9J-g-9mQ&google_cver=1&google_push=AXcoOmTsgirsQLfUGPncg_RY09J0ubvz5UFyMostKzKemI3Lty2L8CE_Dzz6sQEyCRtU2y1wYfF-kTBTTyy4lcm6LclIKZzNGPvS
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.154.133.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-133-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 12:22:06 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 39FA 0
12 B 17ms
16ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1YLE_19RhRKVJhazd5CCLyL0ZQjcCDmEw3Pq1xEMQqBwImY39hM0iuHdx0XPnTjpQhWCN

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 3D3B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72d5f594e21ae3a0ec94f2cac0164f51fa5654e0c1197731cfc1bd2d7cbcf648

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F735 38 KB
13 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 06:26:22 GMT
expires: Tue, 05 Nov 2024 06:26:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 14D6 46 KB
13 KB 187ms
186ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 06bf1392bd317316bc232d0114a050ff434ee599d3761216d4246628598a6359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2023 11:31:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83359
Connection: keep-alive
Content-Length: 13280
Expires: Wed, 08 Nov 2023 11:31:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4CDF 3 KB
980 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:500,regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d58c1e726f9c0c33808d6bd8a03711b904f093fd0e0121391b5a73d60c5d284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 12:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 12:22:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 12:22:06 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 4CDF 120 KB
41 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 08:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Nov 2023 08:25:03 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 839C 7 B
380 B 68ms
10ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 0D70 19 KB
7 KB 44ms
7ms Script
application/javascript 18.66.122.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1699359726426
Requested by: Host: adno.cdnwebcloud.com
URL: https://adno.cdnwebcloud.com/scripts/creatives/2005/22grados-aboramarca-23-de-728x90-de-22grados-prospecting-abora-de-22grados.js?n_o_ord=1699359724795797&n_o_ct=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CihXg7CtKZZXJMMvMgAfFtK3ABP6J3b1zm77ev4gSl8-ivcABEAEgitb8lwFgleKQgqAHoAGTjM_uAsgBCakClp26jPH3sT6oAwHIA5sEqgSfAk_QYFNW1WL1DzsV_XWsBwxq8764Jel_X-Vfpgs2Nmh7dCEg-zHPPcAv8OcoyxT1DcrZH2OvOHlb6RE6xtrd6rf7Eec-7V6nAse3hB1Arg3BMBhZHhK-xos2eYn3qnD2B8mK-mZ_vdeZubAkj2302y4h20d66444V9SZ1NZbPdHBbDEqIgu4RLS1LcC9V7CAICeprSXnCFl1mj1PjHGP0jZysCpKpkJRhcIAxWZsr5noj15Rz0W1z5ZpdYGzRTBo1x1Cn6mUw7SG42MHIcgvZJXV3xcqJOyRsxv4H34DOK90lkfchzR6th0qgzgUho4h3_oDerz4AEXCqKue-yMqU8xcuGX031yPl5Kw64Q9XF-V88A8lnaBUVTFPrkQpc_twASvq7WZugTgBAOIBcnIjvFMkAYBoAZNgAfV87CRAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMIndj1pfCxggMVSybgCh1FWgtIsBOEqY8V0BMA2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSPADICaaNK-KJi4ScuXYxxDSUuxfmh_IYqEPLt7E1-Oewa7cgSTx0kCCnEZgH2yNAD9qe_VIlaGmxISxkyhgB&sig=AOD64_2vgKgPqMxGSHF1rCWy-AR1fNl1Bg&client=ca-pub-9370473528685580&dbm_c=AKAmf-A6IIHuO9ry_dlUK1bpEgail0Yp4izB1McjSp44gFl4N8YDAa8mg8yRuX3-pMWdj8wY2vhhTV4fHzALtySTS7q0CuSuo1AV0d-2CUqGvN7CgnORj8MT0v68fR4rcKXyy05l5-_MBmALzY74QKlmn_WNJ34bB9O2p7guprazPH3HClmdruQ&cry=1&dbm_d=AKAmf-B49OgNDvIeRJIu5pODhETaZ0IHlxmNDz8rdbU5GJ-y4rgZQVnyuw6UspylhTNqlgm0Z4NQGF_Sd_42hrGkR00woiR-Wv2-LIsJwvIoRjgTEYhZw0uDgB15iD2bL_5la5XmZ3lkgTxxV4oHOpD0Fbbc4ELgLCud3zbGkJaa8MBg2Zl9cDSfVnPWf3YZIoffMxq_Ii6VOGgus2d5cjSalh2FbN9rJXhw1wLla2Qjw5EBzec4k2kr_l-MFJFKBnh3uEdb_N7mb6kQQhSsYQWAZx-Oy3LhCQYtX3CXrgDO7OnrrBswatZ_8kkYf_Xj_ASv3_6VkpuT0CY3a-pBWV68n2zfUCBFLLHKEHWvc9Y-PcaQ_NIscwn6Ak0ehpGDnN842LS5jU4oDA9lPJkaimOVpmQ3_n-BC5DMvm483ut4Nz0S1QGwytNvj4hVQcFi9al3NrVqSg9cNVCO5a67VgijSwf7P47BEPy-ixwqzg-FsdfYXgUyC5gbtv4OfIonPlj5HB_Bnnc_Ua0ACnxrJMNkvb9cMGKcx2Pwq-htFBG81xloJJN1_io&adurl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-129.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 03:21:15 GMT
content-encoding: br
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:02:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 32451
etag: W/"3c5a63b88b693279fc4d9dcff91d29c1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: a7zW_jiKKGc5QzOZAKUyFJ2mL3BH-ILvYId6apMtnrjP33kcHlW1tg==

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame AE29 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 22:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 22:02:22 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame F735 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 22:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 22:02:22 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 4CDF 34 KB
35 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:500,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 09:02:56 GMT
x-content-type-options: nosniff
age: 357550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 09:02:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D3B 0
0 45ms
44ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0mA7h5QhPWONML3BtjWRDN-HaLUk2lwJ34Sn52WhIxKvDt_i8JZVkdU2oVGCd66idjUzsS4Y9LIzfbbYM6RCWZKQgq4PrFKlIy5Rj-PIzse0kK2xiRPvfnUUngyN-ree0KT_X2YKYoMkecNAnqtGzY92rG8i5sgOXGXq-wb9_raTJbeCkGB1-PE26mcB6zKbdpoz0SN7e_TTQIxizOxrXptHaC6ZB2OwRXG0fpcQDOPyU7U_Ql1P4vi78mjImbbpJqrlQBnMH6gKe8TDnorW_FzIPB3cOPhgteFl3QMcn8MJc2ERBuLxWjCxQVGHPzAJZCJ0yZwE5K1HsyTA2471Y7wUVXRfhsn39g8lkCjsKOhn6ejPsDYquR-PLN94wBQXki7JYBoxWw9yHQ5YRa7uAkPOZPhWsU9tZwqTob37Mlhwgkk7VmKIv3uRjT-Vg0ZkzR5q60yL5qihnrUMbcPPFQ_Yga0OFDQ5JcNbiuj7UMLTf1nIbNlaz9zAOj17Skjd6cYoqGjC4HeaKyNCrAbfmA2Slo3B5uLcaUbhl59yZx60OZ15itGZltEl4HMrZMdkpCT3cKCzH65Z37hhTPzF2LFyxJKMqY-ZwFUlpSlkrE9ojnfb1AkBedo7Q_WoLy-ZE_u8GidAVlicmFsAyeFAmcerCezkDjasgbihm4B8H8hyyfXohkQBeLvKV3R0aahHNrQvqgpPsmzQdURfBEESrkIgTJPm0b1QpGsMZir1GrYuboTPiehdrecmH3y9nhGmkC3G1D70b1jzDCaU5Hz65FveTZ4ecxMkIsIfJcF47YN4zb2My8l9ARa7yAIC4BHM8sXagUsLUIidoDuwbKJut4Pp6vNyuY3KyAgdxIA3hVk10CtIedcmdItds75-flPFPrV89OZ2bkaHgxO545PGBL1lBNQ794usEAFqvLrayKKCnYYCHykhW-DibEPvbiH9YTtmEUX93mc6Xz3k-Vw2XzPyPTQp6JHwKex9bMynks_aVDEYt-ywwCdgNwzBQS-fao6LtUWYpocVldd83_3amS3tb55xAkli69vPmP3-w5T_0V2kQaCtIrm-SijRLaTwskPNgUNFDKVBrVIo90j0LMWreuVu_e_9B0qTQs4SRmVO0KY1b7bN24DbkvLE4EnDKZ9XbwRuo7ajIBCGM2Kja_3BedJBTtGzETX8PlWaNshVu8F6eP1oznjJgTuoIfWHQccS2adDYoWFPsCfoHbb41kiCj-xmpXVwOTFpfH91kNWsGApAUJ-qycXtGnGywE6Hjvix1i3xeKn8o8xajR-cOy2pQZeoxokSxxapIWdQdxi8me3APgtznKtQ0b01J0H9cV5HEmGU9tg_UDmO8eADblkUfMCVeGDRgjx7LSUZLWDOrrjm0hh9mJCjt7ZDs86XjpDVOvYWxjX-31n7w6L-BcWmBcAieZuYUqKDIxNfgv2gHoyTCVWZdORBBYWwKU6oq1RH1Feufg8-8HZ15hU9&sai=AMfl-YTmMOlJ3wp7awQHtFTyf10lI7MzAe1FD0tC_pGvfS-oDYVQ81M5918zQsyYsEmuiK4MpEQxZW-69ASIglklFus4P2SSRMnaFb7ekCznGZvLBu3R4EpkR8vt80XS2A8r34mllDyidz4N0chEu7t7D_b7bcV0gnnOqYNwAtclBSGpQAtSBVWlKEY--y-ThjlsFc24MFBQorlMr02qqJcUAjdtHs7BIZar_YAW3FiTf2GTQL44104uCenodFpxZfUxXWc5wKwy5UA2L0lKMuGdxtOwAqZqhGw7Jj9K9_bm2dblh9CUTGYijzpCpIEEcv17tbxXDOX4I8OxxbvNdXRt8omRC1fZ7IlGyr_0aYO4lVK2wvBvPnXNOTcQduDTTD5lW4VO8tIcgJuZVe6VB8K9wTN8NHUq&sig=Cg0ArKJSzPnIHzLshMLREAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=509&vt=11&dtpt=232&dett=3&cstd=262&cisv=r20231102.42282&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 atp
neural33.cdnwebcloud.com/ Frame 0D70 74 B
324 B 392ms
30ms Image
image/png 52.51.15.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural33.cdnwebcloud.com/atp?1166019498418=&tc=113138&n_o_oas=1&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.15.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-15-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 12:22:06 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 14D6 7 B
380 B 10ms
9ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4CDF 8 KB
6 KB 52ms
51ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2fb70f023b33aaae564ae6f81a5ab93b673bd325b61153395a4317fa5ae867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5934
x-xss-protection: 0

GET
H3 200 ic_volume_up_white_48px.png
s0.2mdn.net/sadbundle/3592507683027900859/ Frame 4CDF 2 KB
2 KB 16ms
12ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3592507683027900859/ic_volume_up_white_48px.png

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f936375a099fb7a462e72bbd1af4f0d0d3e6de89d45ccb3426302f91ad6cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 05:00:38 GMT
x-content-type-options: nosniff
age: 372088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 11:39:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 05:00:38 GMT

GET
H3 200 ic_volume_off_white_48px.png
s0.2mdn.net/sadbundle/3592507683027900859/ Frame 4CDF 2 KB
2 KB 14ms
11ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3592507683027900859/ic_volume_off_white_48px.png

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66caa5d2daa5d30ff168d8842dcdd2be58d5d647759c8b4d2df1b8a0a4a52505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 05:00:38 GMT
x-content-type-options: nosniff
age: 372088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1935
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 11:39:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 05:00:38 GMT

GET
H3 200 60035577_20231011135635945_NT_logo_horz.svg
s0.2mdn.net/ads/richmedia/studio/60035577/ Frame 4CDF 37 KB
11 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60035577/60035577_20231011135635945_NT_logo_horz.svg

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0529b0d0e46a5b3bcc215ffb50a34a143023f8ca51e65831f9b2946f96e7aaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11348
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:56:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Nov 2023 21:22:13 GMT

GET
H3 200 60035577_20231011135639290_SQ_logo.svg
s0.2mdn.net/ads/richmedia/studio/60035577/ Frame 4CDF 6 KB
2 KB 19ms
17ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60035577/60035577_20231011135639290_SQ_logo.svg

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c5c261261e39205abe9877dd0cf2e9e01e2984ca61cdff23cfc1b2d6e33b9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 20:56:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Nov 2023 05:05:09 GMT

GET
H3 200 CTA_NT.svg
s0.2mdn.net/sadbundle/3592507683027900859/ Frame 4CDF 2 KB
893 B 18ms
16ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3592507683027900859/CTA_NT.svg

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13a2a5e53189609780d51e1521258bee7797af366505e1accc7952fc1ffc7b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 05:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 864
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 11:39:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 05:00:38 GMT

GET
H3 200 video_BG.jpg
s0.2mdn.net/sadbundle/3592507683027900859/ Frame 4CDF 6 KB
6 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3592507683027900859/video_BG.jpg

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a714b94d9a4ce70611cf23a6045d4d80fb3852c048e8413667c9382ed6e84a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 05:00:38 GMT
x-content-type-options: nosniff
age: 372088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6173
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 11:39:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 05:00:38 GMT

GET
H3 200 BG_flood_MPU.png
s0.2mdn.net/sadbundle/3592507683027900859/ Frame 4CDF 4 KB
4 KB 15ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3592507683027900859/BG_flood_MPU.png

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6bcc631b1e15e70dcfeed71f1fae7ce7790f05195baef38af6f8471bbbf054d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 05:00:38 GMT
x-content-type-options: nosniff
age: 372088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3627
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 11:39:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 05:00:38 GMT

GET
H3 200 60035577_20230928152950433_blank.png
s0.2mdn.net/ads/richmedia/studio/60035577/ Frame 4CDF 938 B
964 B 16ms
15ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60035577/60035577_20230928152950433_blank.png

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50644b2f2d3df902996750b64dca3a25a940fd30b998ce8ec3a738898c877c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 08:16:23 GMT
x-content-type-options: nosniff
age: 14743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 938
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 22:29:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Nov 2023 08:16:23 GMT

GET
H3 200 hg3.jpg
s0.2mdn.net/sadbundle/3592507683027900859/ Frame 4CDF 30 KB
30 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3592507683027900859/hg3.jpg

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

888f1fa94d9e3840bb9c5a7e23d424db21797df2c9db145db73c3559e51aab29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 05:00:38 GMT
x-content-type-options: nosniff
age: 372088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30650
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 11:39:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 05:00:38 GMT

GET
H/1.1

206
Partial Content

file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/9b5a90deaef69fa9/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ip... Frame 4CDF
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/9b5a90deaef69fa9/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,i...
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/9b5a90deaef69fa9/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,...

4 MB
0

80ms
9ms

Media
video/mp4

2a00:1450:4001:65::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/9b5a90deaef69fa9/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/1E47C97A232B0F3D3921B89569BD15AD6829409A.0F9452FB1D3CB9121CA4AA50B4949D7AF808A3C9/key/cms1/cms_redirect/yes/mh/kf/mip/2001:ac8:20:3a00:1012:fd4a:4021:8d2c/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1699359401/mv/m/mvi/5/pl/50/file/file.mp4

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:65::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 12:22:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2023 08:56:39 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-4105855/4105856
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4105856
Expires: Tue, 07 Nov 2023 12:22:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/9b5a90deaef69fa9/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/1E47C97A232B0F3D3921B89569BD15AD6829409A.0F9452FB1D3CB9121CA4AA50B4949D7AF808A3C9/key/cms1/cms_redirect/yes/mh/kf/mip/2001:ac8:20:3a00:1012:fd4a:4021:8d2c/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1699359401/mv/m/mvi/5/pl/50/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 709
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame 4CDF 13 KB
5 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3592507683027900859/index.html?e=69&leftOffset=0&topOffset=0&c=IYAyihe2PD&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 06:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Nov 2023 06:32:59 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4CDF 17 KB
6 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 12:22:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE29 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bgx4L7StKZdTgNtCQjuwPuZ-MuAYAAAAAOAHgBAI&bg=!zs2lzYLNAAb4oU7C2KE7ADQBe5WfON80anJgaPhEG0Wqir5PT-imJ_WOoIs86ldKMA1k9WSYq2CAoDQFjwVi3nIxm-ogAgAAAN9SAAAABmgBB5kDSA17YXE_0phnjQttMuo7BBvkeWUSTNtx5ANpLOXiR1LBHtfBS-hWZtgCbgi5yETp6DfuRJLlkeYDc9AMjEjn0oiUug8ZCKK6goc8wxa_zheTuNyk9BGZmbrkFR4IQ7it3E8ES-TT5F90f8eVgGg0DbgjxmurHHoU03NcTWP3sWor8yfd_a7Q_oZRqbqH3UUpRg8iol0AfYS864k08qDPZjKUCsdcgUbzih-qQJdgkpGtK-zBcQEYzwMeWrXJrQ_1_MdS1VYKHKmMTxwIFxXd7k8IeJrdY-Va9Zg2k7tUOPO6gLd2ZN5RhvFNQGAIOotTyasa5MpF93dJ5cLgmbW3rk3GxKY_YK_l6W3kC4plyAz_tV-vHWtoRLOTBkxR-1VWJjRqecMMq7PfwVdTQW_afbY2jkhXgRoe9gCLllqjcHWApIWqy5M_pZxtzXh3c62Z7-tyOiibtPdo_yPEHDAdz3PflAG9OY5fke0PtbfuWKGbh9WnnX4M6qxBD4tf1sqyZBX-JiMSmWuUgZkOKopDgpFrayFmT6-6Ztsd0OF_TRi3Btt7Xuw-x3ulV1aU_SRBwOgpSt-_-zyZ8cr5YI-rhsPKeCeua6ndgwj-WYKj6kbQ2lKPfgmvuDQJBja6-nrXmI1i1s_f2LN9yVh2L9rZrz67AGDifVVyt8biW4zxOrU8dTSeWjQgiv7fQRjX6swH46HJOh49CRJR4jkpzO6ep1jEopU-a_I9KHx68Va5DJIF4bMRDjccR2k33KQL3pNX_b6PV9Q8U2rjHg1S3PAdR4cFMajbpjWEqDk2R6FJAbuy5K3EJFj4GvZx0RLU54momLSaZmXP7qSC1nPV38WcMZ1SVKBSynkF_-PFAuEi19oopiXnBi17XqKjMHUGP_wcbJYWCTEgGWjEkGL2zpKhjisy13_FumyCYcKqiHmB5H4tBjIOYXnSlACCvxG81V7Djae0iasbMlgfieCS76VxPD-CL_r3nM2KeT-yzIoOpPyHAuu79pOAAgfL--Tw9aq5cDpQZiXhppwNPIo4PkQFu8kkt6ZRO7hoiD4M0a2fPnLHeMBoFMbnGGy5WTT5tH69GBSOy0aNWuOlxVSqjTLa4e_A1_yvyhspIw

Requested by

Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F735 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYFok7StKZd2oFOG21PIPqomS2A0AAAAAOAHgBAI&bg=!hIelh8jNAAb4oU7C2KE7ADQBe5WfOLEX0HNOkpnjTL3x7zSEBYgglNgT3FCC0tFRorbBJUyaEemUJwzC2rlQ4VpAxFKnAgAAANdSAAAABmgBBwoAT1MH3xhpDhvPWe08taE07n4b1CKAkqC3MAoKapP8-NTY6ZrpEuLsDvfukrl_i_VooRvtOQskLpofBfc1JUnBiTl5MsrxzT6CZfxSRF5gbTeZAzLcECwrHjdaB_GmSXYtcIXWJQbRzafYzBw970fAmln4ah7F1nHu741SjC3B4VFg7FPAW54pyGJU_XRwJU67Tm_aF_hfEZ9c_A5d-7q2W-kMlGPxgkDVdFxbhl_AXwJpPLn7J6BMI_wmevoLyjRWGBEeS57FVfmanG_v9tzWI2DPB5PxLK3IoZrNoT35Dyk0ltKjNhiM1IdBwwal-D5i8cSne9kvws8hK58V31IVjEH407MJIczuFrzOLgH8FVS1mq30PUjseiNV1kUzx2-Jhqz4ZjwcjwYCLPSiiBIbr0joEBX8noLO5UyQOShAzK3_Yp1UDp9m1pTV-dGA0XM_t9wCQx8oyscNFRXWVdP8BTIzGSfNjjLCgk6lgEmCdIVCM1Iy9rzbKyz9Py_HKrxhPpkqThx4gkIbtzTZnHkJl_rzEVbZOIHgVmnPi4SP3jIwkY1yHSfsmghM-tPdb-sPdTmEOvda3XpufKVVjUugMU_GYi54XYY6M4sE9dyyj2lfiVzDoYS1p3jS6gIqdTfmow_4Pm6caha_IZflsid0udn1r8wstiJov0o6t6JMb9OteWtKif9V4ahtyw5EZ9UQcSDwJKEyuvIzKKnGSWotZcryKG_DKa4-ZTPUn7muG87kii3PRqRiPfGZOiTJQihyRcYzcGiO798fdQs74BCEeUN9wF_UIqJml3-eygi_5ESWLinG_r6pKZPKLFamdnxHoqYaC8leli-YRSRM-xliTjgySiyw2hpGVQ7UWUG3UZmTTaKzT-9wnfz7UQbQ9XvVscZkuaYcqRYVCCIgW0Xq4Lb2q9ygkTHLGNolGSPgqQ_dlX7N4r21UVEbUomJJxveJov9HW5WYjLz7ggMm5-HFUyHCxq77PgChnDTmYiUUM-rMZPruTTFBuYl9Lve6kmWNnxihP8JbiLk5HkQ5cyW_Pb6oJX-1U4ety8P0XLn3Mg4ZJjm35Rm3OSiOsN169SU2hFQ0ppjOnJ43e-_dZmR3xpeN03t_39QjC06uDnFjf71TqLGd3YffOd2XyGSNqYYrtA4araHHMPSXbzM4VUeTR5nhUsv3i1PqQyj1BhtpIsjoS-UIQ

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 avw
neural33.cdnwebcloud.com/ Frame 0D70 0
105 B 191ms
30ms Image
text/plain 52.51.15.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural33.cdnwebcloud.com/avw?1277532414401&tc=113138&n_o_oas=1
Requested by: Host: 1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com
URL: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.15.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-15-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 12:22:06 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
BLOB 206
Partial Content a0771dd3-b326-4d64-8fd4-4efb6e4cb11b
https://www.bigmir.net/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bigmir.net/a0771dd3-b326-4d64-8fd4-4efb6e4cb11b
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0FF1 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 22:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 22:02:22 GMT

GET
H2 200 ef3561e109f69fa0b437d0f19cf2f44c-quality_70Xresize_crop_1Xallow_enlarge_0Xw_730Xh_562.jpg
www.bigmir.net/i/73/62/95/0/7362950/ 38 KB
39 KB 15ms
15ms Image
image/jpeg 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bigmir.net/i/73/62/95/0/7362950/ef3561e109f69fa0b437d0f19cf2f44c-quality_70Xresize_crop_1Xallow_enlarge_0Xw_730Xh_562.jpg
Requested by: Host: www.bigmir.net
URL: https://www.bigmir.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e4a14209b40d9e58ff169e6761da5e6daf32fcba2cd9d576a4b5f97d24f3d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 07:46:39 GMT
x-amz-version-id: rDB6xlV6Dhs_3P97XJfqXNeGK52cy1OO
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 07:46:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 16528
etag: "da9757aad8bb0a4f614246305d62a5d7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 39159
x-amz-cf-id: mi74x6mS24TR-UEbjMhhNLUYERIaUxGSqNwtutZVCQMAcZ9Wli_lQg==

GET
H2 200 1 Show response
servicer.mgid.com/971155/ 6 KB
2 KB 263ms
237ms Script
application/x-javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/971155/1?mp4=1&ap=1&w=1580&h=356&ident_p=true&sz=300x345&szp=1,2,3,4,5&szl=1,2,3,4,5&cols=5&sessionId=654a2bef-0ce5e&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fwww.bigmir.net%2F&cbuster=1699359727007485785376&pvid=18ba9bb9803b369a99e&implVersion=11&cxurl=https%3A%2F%2Fbigmir.phnx.link%2F&scum=%3F0&scuw=%3F0&uniqId=0afc9&childs=1504199&niet=4g&nisd=false&pv=5&lct=1698883200&jsv=es6&pageView=1&dpr=1&ref=&apt=2018-10-11T16%3A41%3A48%2B03%3A00&tfre=3409

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/i/bigmir.net.971155.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef53b268f07a665aa5b4e61bb12846b629ad869e28eb711fe68ab02fcd3e8213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82258a360920bb8f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 dc_oe=ChMIndOYpvCxggMVYRtVCB2qhATbEAEYACD7l99g;met=1;&timestamp=1699359727118;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 3D3B 42 B
401 B 313ms
50ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIndOYpvCxggMVYRtVCB2qhATbEAEYACD7l99g;met=1;&timestamp=1699359727118;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D70 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstelg66Cqeh2cuvXspE0vCQ5-7R3eSLQcSkg-Oe7kUvXtgznS72J-YNyIZWI_-nhOBMKabuCfqT-ri-5bq4mmGFztEWcE0UFsG3BnYI2IjPEYBpqmWqsTlwwnaeLpv32CNiSFLRytso18z-&sai=AMfl-YSEvARs8ujufagDU5su3oQcH5lgf7wl8TTCSzjxb7L3gfF38hmumxQ36iknbVxQrB7LdDqL7sT7ifd0qXm66L6HGGXGdaJ8_PzsX3d48u3yDMHCwPO2lxPjMiB0&sig=Cg0ArKJSzMsPe3JfTS_aEAE&cid=CAQSPADICaaNK-KJi4ScuXYxxDSUuxfmh_IYqEPLt7E1-Oewa7cgSTx0kCCnEZgH2yNAD9qe_VIlaGmxISxkyhgB&id=lidar2&mcvt=1003&p=0,436,94,1164&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=4084058194&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699359725386&rpt=737&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvNzc2MjI2L2NmYzM4N...
s-img.mgid.com/g/16840762/328x328/-/ 15 KB
16 KB 132ms
31ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16840762/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvNzc2MjI2L2NmYzM4N2FlNTc3OTZkYWFhNzJkNzFkNzM0YjkyMTk4LmpwZWc.webp?v=1699359727-Ypw9JwhWIubuYHjaTxOxPBurawVBHhrp_2r_5HClG-Y

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d239c1b42a2d3a3ffd0535c3945313fc8ec596eceab17eda303e0d82860f218

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.bigmir.net/
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: f27bbb4a-7ae2-4764-b53d-7a5bc1f93d4f
age: 92473
alt-svc: h3=":443"; ma=86400
content-length: 15646
last-modified: Wed, 01 Nov 2023 10:20:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82258a382a1a65bb-FRA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvNjg3NjQwLzdkYjRiM...
s-img.mgid.com/g/16437146/328x328/-/ 7 KB
8 KB 129ms
29ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16437146/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvNjg3NjQwLzdkYjRiMWFlNmI2OWFiOGIwZWQ4MjczNTE4MjdmYWRiLmpwZw.webp?v=1699359727-EDv16nEkoXLHmhXNqamLTj0Gmwhtwe3xKBwOO6wx4VM

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe1f04705876d46082fe83e1b3234d1a0ca9094f6a2d4f8fdd694564f8192aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.bigmir.net/
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: a703b862-6bf1-4e4c-9773-9aa6a487b199
age: 9104
alt-svc: h3=":443"; ma=86400
content-length: 7256
last-modified: Tue, 07 Nov 2023 09:36:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82258a382a1e65bb-FRA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvMzY5NDAzL2VlMjBhO...
s-img.mgid.com/g/16973567/328x328/-/ 14 KB
15 KB 132ms
32ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16973567/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvMzY5NDAzL2VlMjBhODI2NTdjMzM5NTAyODYxNDc5YjdhNzg1ODQ3LmpwZw.webp?v=1699359727-wG2Sdiq_TByviAVRouFafwT3cvVO9HKcALuumemWUw0

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1336e4618e4c3acf75594f71863cf21bf6ed6f5957254f5023179eba8c7523f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.bigmir.net/
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 54e50b65-ed1b-468b-997b-4d3413aa70f3
age: 2740168
alt-svc: h3=":443"; ma=86400
content-length: 14580
last-modified: Sat, 19 Aug 2023 15:57:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82258a382a2065bb-FRA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTAvNzY2MDk0L2RiYTI2Y...
s-img.mgid.com/g/17455527/328x328/-/ 12 KB
13 KB 141ms
41ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17455527/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTAvNzY2MDk0L2RiYTI2YTRlOTlmMzZjMmZlNzAxYjQ0YmNmOGQ0Y2M1LmpwZWc.webp?v=1699359727-twB_tMdzQ4sZHuwY2_mTmXDFjD5VE8Ra4RhkE-Y-0_8

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a924d1084eea246b682c8b293ca36da274b77034edd411095e936e7064e1690c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.bigmir.net/
Origin: https://www.bigmir.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 9ebcd9ad-f67d-49a2-9711-02ff8aa528f3
age: 1663008
alt-svc: h3=":443"; ma=86400
content-length: 12674
last-modified: Mon, 16 Oct 2023 15:22:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82258a382a2265bb-FRA

GET
H2 206 015f458073da4c9355b19219cb710ebd.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-10/348419/ 131 KB
132 KB 116ms
18ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-10/348419/015f458073da4c9355b19219cb710ebd.mp4?v=1699359727-sz4IeTnMqQNiZF87zEBDCrF095e-QVGuptPArjUI4tw

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e1658024e14bbe4ee00c15535a33d626e5fc1546b2e4df891b72ab6ac9d75d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bigmir.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 07 Nov 2023 12:22:07 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16476
Content-Range: bytes 0-133887/133888
server-timing: cld-akam;mitm=co;dur=32;start=2023-11-07T07:46:13.540Z;desc=miss,rtt;dur=0,content-info;desc="width=680,height=680,abps=66944,fps=30.0,du=2.0,vc=\"h264\",bytes=133888,owidth=736,oheight=552,oabps=117527,ofps=30.0,odu=2.0,ovc=\"h264\",obytes=235053,oformat=\"mp4\"",cloudinary;dur=115;start=2023-11-05T10:29:43.670Z
alt-svc: h3=":443"; ma=86400
Content-Length: 133888
last-modified: Fri, 20 Oct 2023 09:47:01 GMT
server: cloudflare
etag: "44145925db2531870232bb5d1dc53ddd"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 82258a382eaa5c85-FRA

GET
H2 200 i.js Show response
cm.mgid.com/ 0
38 B 58ms
41ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?cbuster=1699359727301612417932

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/i/bigmir.net.971155.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82258a37cc11bb8f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame E7B4 0
104 B 29ms
25ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i-noref.js?cbuster=1699359727303387305194

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/i/bigmir.net.971155.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82258a37cc0dbb8f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 142 KB
31 KB 89ms
20ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/i/bigmir.net.971155.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3225c9376cd8f731c5d65175d9ca584616403f157a9e14c3e3439c7362d9486f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Nov 2023 12:11:14 GMT
server: cloudflare
x-amz-request-id: KYQB7ZAQ485M8HQ8
age: 1937
etag: W/"6ce75de2ac970b38b3610ecd0ccc9b5c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82258a382af93627-FRA
x-amz-id-2: 2tbFK7KPwMKFsijjpIofvFBqLW7C2MsMHEtmbwW/5TxvKywW1tft/aVqvhBOOf0XW6u/Bk/N4nk=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 159ms
157ms Script
application/javascript 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/i/bigmir.net.971155.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bigmir.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:22:07 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=134913
accept-ranges: bytes
content-length: 63913
expires: Thu, 09 Nov 2023 01:50:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3D3B 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN_XT984hT-b3STlR5ahqz7Y3H57cIBNZm8qrMlxuLAxaDMdUPs2hEARKmKpgal7dMjvqoyCwb6pyXu94x3r0SnLb5uGTG6aiWSw2CaiIAIoMwKMyhUzo_MQkLrpyLDOqwU4ffn1pTVbnU&sai=AMfl-YRjDYFfPJ8Q3fs8gTgy1hDTPDD-6yDZK1gI3bJlSkM3R73NFTUkSIdC4zqEIt1xCofwMoC38pXAgRBdSYvwNjqZrKDkTDiCK9HjdwYVkfMxqyf1ecjGRfi_3goL&sig=Cg0ArKJSzHLVqOSQqyBTEAE&cid=CAQSPADICaaNRkhYNN9q0GvXypDxXID8cE5Ys8fbmLvo01LY3M4OeR8Y5N0UHx5wlyUKj_EFjv5V0ApFNLamxhgB&id=lidar2&mcvt=1002&p=950,0,1200,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1232801003&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699359725948&rpt=395&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D70 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7168116118465&version=m202309260101&ct=77&x=1&cor=13739454882386823000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b5e4ee8c000a39f61afb3a004a86e54.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 12:22:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
87 B 8ms
7ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Requested by

Host: www.bigmir.net
URL: https://www.bigmir.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS