urlscan.io logo urlscan.io
SecurityTrails logo

win.gg Open in urlscan Pro
3.66.136.156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://win.gg/news/3378/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban
Effective URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Submission: On November 08 via manual from SK — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 13 countries across 79 domains to perform 304 HTTP transactions. The main IP is 3.66.136.156, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is win.gg.
TLS certificate: Issued by R3 on October 16th 2021. Valid for: 3 months.
This is the only time win.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51 3.66.136.156 16509 (AMAZON-02)
3 216.58.212.162 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 13.32.22.126 16509 (AMAZON-02)
22 185.220.204.220 41436 (CLOUDWEBM...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:224... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2600:9000:224... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 18.197.253.20 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 143.204.95.188 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2.18.233.180 16625 (AKAMAI-AS)
2 2 104.92.74.8 16625 (AKAMAI-AS)
6 104.117.200.100 16625 (AKAMAI-AS)
2 2 185.94.180.125 35220 (SPOTX-AMS)
2 8 34.98.64.218 15169 (GOOGLE)
1 2a0c:5c81:509... 55081 (24SHELLS)
13 212.115.110.216 204548 (CLOUDWEBM...)
5 6 18.196.176.125 16509 (AMAZON-02)
1 1 162.55.6.211 24940 (HETZNER-AS)
4 11 2.21.141.232 16625 (AKAMAI-AS)
2 3 185.33.220.242 29990 (ASN-APPNEX)
6 2a07:180:27b:... 209242 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.94.180.123 35220 (SPOTX-AMS)
1 2.21.142.210 16625 (AKAMAI-AS)
1 54.93.203.208 16509 (AMAZON-02)
1 3.123.168.197 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 35.81.242.146 16509 (AMAZON-02)
2 198.47.127.19 62713 (AS-PUBMATIC)
2 89.187.169.47 60068 (CDN77 ^_^)
1 5 46.249.52.249 50673 (SERVERIUS-AS)
3 2600:9000:224... 16509 (AMAZON-02)
2 3 37.157.3.28 198622 (ADFORM)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.198.109.212 16509 (AMAZON-02)
1 13 3.126.247.238 16509 (AMAZON-02)
5 5 23.22.109.62 14618 (AMAZON-AES)
2 2 104.89.42.102 16625 (AKAMAI-AS)
5 9 15.197.193.217 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
10 11 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
4 5.178.65.245 50673 (SERVERIUS-AS)
6 6 213.19.147.45 3356 (LEVEL3)
4 5.178.65.252 50673 (SERVERIUS-AS)
1 1 35.186.253.211 15169 (GOOGLE)
1 52.86.83.177 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 168.119.146.39 24940 (HETZNER-AS)
3 4 185.33.221.15 29990 (ASN-APPNEX)
3 178.162.133.149 60781 (LEASEWEB-...)
4 7 3.126.56.137 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 188.132.147.228 42910 (PREMIERDC...)
2 2a00:1450:400... 15169 (GOOGLE)
2 51.89.9.252 16276 (OVH)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 35.71.131.137 16509 (AMAZON-02)
1 143.204.97.29 16509 (AMAZON-02)
1 1 62.209.227.211 5588 (GTSCE GTS...)
3 4 35.227.248.159 15169 (GOOGLE)
1 2 37.157.6.253 198622 (ADFORM)
1 2a04:4e42::300 54113 (FASTLY)
1 2607:ae80:2::48 26558 (FREEWHEEL)
2 3 34.240.91.113 16509 (AMAZON-02)
2 2 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 35.201.81.244 15169 (GOOGLE)
3 5 34.249.68.36 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 35.176.195.187 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 52.51.5.121 16509 (AMAZON-02)
2 4 151.101.194.49 54113 (FASTLY)
1 1 2.21.141.186 16625 (AKAMAI-AS)
1 1 54.217.170.69 16509 (AMAZON-02)
1 1 54.88.126.210 14618 (AMAZON-AES)
1 2 52.94.223.37 16509 (AMAZON-02)
1 1 34.250.210.209 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 52.46.133.124 16509 (AMAZON-02)
1 1 34.194.30.250 14618 (AMAZON-AES)
1 51.178.20.139 16276 (OVH)
2 69.173.144.138 26667 (RUBICONPR...)
3 3 185.29.132.245 30419 (MEDIAMATH...)
1 143.204.98.13 16509 (AMAZON-02)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 51.15.145.115 12876 (Online SAS)
1 1 185.33.221.184 29990 (ASN-APPNEX)
1 1 54.93.151.69 16509 (AMAZON-02)
1 3 51.89.21.30 16276 (OVH)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
3 3 18.156.147.57 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 3.127.51.194 16509 (AMAZON-02)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
304 88
51    3.66.136.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
win.gg
3    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2606:4700:3036::ac43:a1d1 (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
g.ezodn.com
1    13.32.22.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-126.fra56.r.cloudfront.net
platform-api.sharethis.com
22    185.220.204.220 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2600:9000:224a:2200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2600:9000:2251:ea00:12:b1b7:8800:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-images.win.gg
1    2600:9000:2156:c600:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)
go.ezoic.net
10    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
2    2606:4700:3031::6815:496e (United States)

ASN13335 (CLOUDFLARENET, US)
gvl.ezodn.com
5    2600:9000:2240:6800:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
1    2600:9000:223c:5c00:13:c079:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.oribi.io
2    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
primis-d.openx.net
eu-u.openx.net
us-u.openx.net
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
13    212.115.110.216 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
6    18.196.176.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-176-125.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    162.55.6.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de
csync.loopme.me
11    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
3    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
6    2a07:180:27b:71f4:967e:7b66:dbda:fbaf (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
cdn.gin.bet
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    2.21.142.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    54.93.203.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-203-208.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    3.123.168.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-168-197.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    35.81.242.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-242-146.us-west-2.compute.amazonaws.com
gw.oribi.io
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
5    46.249.52.249 (Aalsmeer, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
3    2600:9000:224a:aa00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
3    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
l.sharethis.com
13    3.126.247.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
ih.adscale.de
5    23.22.109.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-109-62.compute-1.amazonaws.com
cs.choozle.com
2    104.89.42.102 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com
tags.bluekai.com
9    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
11    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
4    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
6    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    52.86.83.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-83-177.compute-1.amazonaws.com
a.audrte.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
4    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
7    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
4    188.132.147.228 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-228-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
18    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
1    143.204.97.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-29.fra50.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
1    62.209.227.211 (Prague, Czech Republic)

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
dmp.adform.net
c1.adform.net
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2607:ae80:2::48 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
3    34.240.91.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-91-113.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
5    34.249.68.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    35.176.195.187 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-195-187.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    52.51.5.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-5-121.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.21.141.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-186.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    54.217.170.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-170-69.eu-west-1.compute.amazonaws.com
engine.widespace.com
1    54.88.126.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-126-210.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    34.250.210.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-210-209.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
1    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.194.30.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-30-250.compute-1.amazonaws.com
sync.extend.tv
1    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    143.204.98.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net
tags.crwdcntrl.net
7    2606:4700:10::ac43:2ac6 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
1    51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-115.rev.poneytelecom.eu
js.cookieless-data.com
1    185.33.221.184 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 882.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
1    54.93.151.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-151-69.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p25.id5-sync.com
id5-sync.com
1    2a05:d018:d29:3601:98f2:3ed0:65d:a543 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    18.156.147.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    3.127.51.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
Apex Domain
Subdomains		 Transfer
59 win.gg
win.gg
cdn-images.win.gg
1 MB
35 primis.tech
live.primis.tech
video.primis.tech
3 MB
18 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
5 KB
16 adscale.de
js.adscale.de
ih.adscale.de
17 KB
16 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
145 KB
13 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
18 KB
12 youtube.com
www.youtube.com
img.youtube.com
411 KB
11 adsrvr.org
match.adsrvr.org
insight.adsrvr.org
4 KB
11 casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
13 KB
11 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
prebid-server.rubiconproject.com
token.rubiconproject.com
33 KB
9 yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
3 KB
9 openx.net
u.openx.net
primis-d.openx.net
rtb.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
8 adnxs.com
secure.adnxs.com
ib.adnxs.com
adscale-emea.adnxs.com
5 KB
8 sharethis.com
platform-api.sharethis.com
buttons-config.sharethis.com
platform-cdn.sharethis.com
l.sharethis.com
47 KB
7 quantumdex.io
sync.quantumdex.io
2 KB
7 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
22 KB
6 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
id.crwdcntrl.net
14 KB
6 admatic.com.tr
cdn.admatic.com.tr
ads3.admatic.com.tr
ads4.admatic.com.tr
22 KB
6 gin.bet
cdn.gin.bet
328 KB
6 bidswitch.net
x.bidswitch.net
3 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
42 KB
5 criteo.com
dis.criteo.com
gum.criteo.com
mug.criteo.com
2 KB
5 choozle.com
cs.choozle.com
3 KB
5 adform.net
cm.adform.net
dmp.adform.net
track.adform.net
c1.adform.net
2 KB
5 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
403 KB
4 mathtag.com
pixel.mathtag.com
sync.mathtag.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 tapad.com
pixel.tapad.com
2 KB
4 1rx.io
sync.1rx.io
2 KB
4 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
1 KB
4 ensighten.com
nexus.ensighten.com
11 KB
4 ezodn.com
go.ezodn.com
g.ezodn.com
gvl.ezodn.com
253 KB
3 id5-sync.com
id5-sync.com
3 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
941 B
3 demdex.net
dpm.demdex.net
2 KB
3 sonobi.com
sync.go.sonobi.com
1 KB
3 richaudience.com
sync.richaudience.com
742 B
3 rlcdn.com
idsync.rlcdn.com
1 KB
3 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
2 KB
3 google-analytics.com
www.google-analytics.com
55 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 googlesyndication.com
pagead2.googlesyndication.com
14 KB
2 weborama.fr
idsync.frontend.weborama.fr
840 B
2 exelator.com
loadeu.exelator.com
2 KB
2 onetag-sys.com
onetag-sys.com
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
971 B
2 google.it
www.google.it
608 B
2 google.com
www.google.com
analytics.google.com
842 B
2 bluekai.com
tags.bluekai.com
1 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 oribi.io
cdn.oribi.io
gw.oribi.io
35 KB
2 googletagmanager.com
www.googletagmanager.com
108 KB
1 quantserve.com
pixel.quantserve.com
499 B
1 ad4m.at
ad4m.at
1 turn.com
ad.turn.com
425 B
1 sharethrough.com
match.sharethrough.com
240 B
1 cookieless-data.com
js.cookieless-data.com
535 B
1 dyntrk.com
gu.dyntrk.com
215 B
1 extend.tv
sync.extend.tv
546 B
1 2mdn.net
s0.2mdn.net
17 KB
1 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
214 B
1 widespace.com
engine.widespace.com
471 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
386 B
1 bemail.it
bn01.er.bemail.it
659 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 taboola.com
trc.taboola.com
163 B
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
668 B
1 dotomi.com
prebid-match.dotomi.com
104 B
1 audrte.com
a.audrte.com
2 KB
1 sitescout.com
pixel.sitescout.com
288 B
1 stickyadstv.com
ads.stickyadstv.com
570 B
1 loopme.me
csync.loopme.me
243 B
1 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr Failed
1 KB
1 ezoic.net
go.ezoic.net
2 KB
1 jsdelivr.net
cdn.jsdelivr.net
23 KB
0 admanmedia.com Failed
cs.admanmedia.com Failed
304 79
Domain Requested by
51 win.gg 1 redirects win.gg
ajax.googleapis.com
22 live.primis.tech win.gg
live.primis.tech
15 mwzeom.zeotap.com ads.us.e-planning.net
spl.zeotap.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 video.primis.tech live.primis.tech
win.gg
11 cm.g.doubleclick.net 10 redirects u.openx.net
10 img.youtube.com win.gg
9 match.adsrvr.org 5 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
live.primis.tech
u.openx.net
8 cdn-images.win.gg win.gg
7 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
7 ups.analytics.yahoo.com 4 redirects ssum-sec.casalemedia.com
win.gg
6 cdn.gin.bet win.gg
6 x.bidswitch.net 5 redirects win.gg
6 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
ads.us.e-planning.net
5 cs.choozle.com 5 redirects
5 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
sync.quantumdex.io
ssum-sec.casalemedia.com
5 platform-cdn.sharethis.com win.gg
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
4 sync-tm.everesttech.net 2 redirects ssum-sec.casalemedia.com
win.gg
4 bcp.crwdcntrl.net 3 redirects ssum.casalemedia.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 ib.adnxs.com 3 redirects spl.zeotap.com
4 s.e-planning.net ads.us.e-planning.net
4 sync.1rx.io 4 redirects
4 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
4 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
ads.us.e-planning.net
4 nexus.ensighten.com www.googletagmanager.com
nexus.ensighten.com
3 pixel.advertising.com 3 redirects
3 id5-sync.com 1 redirects sync.quantumdex.io
live.primis.tech
3 sync.mathtag.com 3 redirects
3 dpm.demdex.net 2 redirects ssum-sec.casalemedia.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
3 sync.go.sonobi.com ads.us.e-planning.net
sync.quantumdex.io
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
3 idsync.rlcdn.com 2 redirects win.gg
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 secure.adnxs.com 2 redirects ssum.casalemedia.com
3 u.openx.net 2 redirects live.primis.tech
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 securepubads.g.doubleclick.net win.gg
securepubads.g.doubleclick.net
2 tracking.m6r.eu 2 redirects
2 ads.creative-serving.com 2 redirects
2 us-u.openx.net u.openx.net
2 eu-u.openx.net u.openx.net
2 mug.criteo.com win.gg
2 gum.criteo.com 1 redirects
2 track.adform.net 2 redirects
2 token.rubiconproject.com win.gg
eus.rubiconproject.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 pagead2.googlesyndication.com srcdoc
imasdk.googleapis.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 loadeu.exelator.com 2 redirects
2 insight.adsrvr.org 1 redirects d1eoo1tco6rr5e.cloudfront.net
2 onetag-sys.com ads.us.e-planning.net
sync.quantumdex.io
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 sync.targeting.unrulymedia.com 2 redirects
2 www.google.it win.gg
2 tags.bluekai.com 2 redirects
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 fonts.gstatic.com fonts.googleapis.com
2 sync.search.spotxchange.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 fonts.googleapis.com win.gg
live.primis.tech
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 gvl.ezodn.com g.ezodn.com
2 www.googletagmanager.com win.gg
www.googletagmanager.com
2 www.youtube.com win.gg
www.youtube.com
1 ads4.admatic.com.tr 1 redirects
1 c1.adform.net 1 redirects
1 pixel.quantserve.com 1 redirects
1 id.crwdcntrl.net live.primis.tech
1 dis.criteo.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 match.sharethrough.com 1 redirects
1 adscale-emea.adnxs.com 1 redirects
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 gu.dyntrk.com ssum.casalemedia.com
1 sync.extend.tv 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 bbnaut.ibillboard.com 1 redirects
1 d1eoo1tco6rr5e.cloudfront.net nexus.ensighten.com
1 analytics.google.com www.googletagmanager.com
1 prebid-match.dotomi.com ads.us.e-planning.net
1 a.audrte.com ads.us.e-planning.net
1 rtb.openx.net 1 redirects
1 pixel.sitescout.com 1 redirects
1 www.google.com win.gg
1 l.sharethis.com platform-api.sharethis.com
1 cm.adform.net s.console.adtarget.com.tr
1 gw.oribi.io cdn.oribi.io
1 hbopenbid.pubmatic.com live.primis.tech
1 ads.adaptv.advertising.com live.primis.tech
1 prebid-server.rubiconproject.com live.primis.tech
1 primis-d.openx.net live.primis.tech
1 ads.stickyadstv.com live.primis.tech
win.gg
1 search.spotxchange.com live.primis.tech
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr live.primis.tech
1 cdn.oribi.io win.gg
1 go.ezoic.net win.gg
1 g.ezodn.com win.gg
1 buttons-config.sharethis.com platform-api.sharethis.com
1 cdn.jsdelivr.net win.gg
1 ajax.googleapis.com win.gg
1 platform-api.sharethis.com win.gg
1 go.ezodn.com win.gg
0 cs.admanmedia.com Failed ads.us.e-planning.net
0 sync.console.adtarget.com.tr Failed s.console.adtarget.com.tr
js.adscale.de
ads.us.e-planning.net
304 130
Subject Issuer Validity Valid
win.gg
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
sharethis.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.ezoic.net
Amazon		 2021-02-15 -
2022-03-16		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
oribi.io
Amazon		 2021-06-18 -
2022-07-17		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
cdn.gin.bet
Cloudflare Inc ECC CA-3		 2021-09-15 -
2022-09-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.oribi.io
Amazon		 2021-08-29 -
2022-09-27		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.it
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.e-planning.net
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
ads4.admatic.com.tr
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.dyntrk.com
R3		 2021-10-23 -
2022-01-21		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh

This page contains 33 frames:

Primary Page: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Frame ID: 55CE9022233334958CCF956879E9C526
Requests: 128 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq&cbuster=1636365990&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 1808EFC7C25161034C1A135FF2916CEF
Requests: 34 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 24D9422F0BA5563E5C4932335A1F815D
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: E908CE40779F9F48A467AE753CCF4927
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Frame ID: A3C034D3ECB9ECA6F187F04553D812CD
Requests: 3 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=94&advUuid=8bfebafe-407b-11ec-b4f9-18a305860206
Frame ID: B8DF2DA59258627C9E7593715495B21A
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=98&advUuid=3420cf9a-0302-48a1-b694-8f178f043d36
Frame ID: DB4510C7C3204C8C2262531B715BC34C
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 4E748B603120354A541C1998A04F15C2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 0E118A2721CFBD69B02397A63AC6D555
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 865B5646A5C19B327C35BFB0B32A5CF4
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=T7I3qopZXNMZaRulIbuY&pi=admatic&tc=1
Frame ID: 8DDE1D71C0F1184013ECE5A8A6017C9F
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 21776714AD1B9CEE6163CDBFA3767975
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 6EFA95DA33EA2BEE6907C14CDF13630B
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 28A449AC07A0C4F14C170E19E2AFAEAB
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: AECB7AB37F65F9C10949E843413FF175
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 44C1DD367545E2A71A0D86A61B9724FC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0cdfb49c9c52beb7%26uid%3D
Frame ID: A3D3973C94E9AA425BC83FD7C2887C70
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Frame ID: B532ECB304F48F7D027D26648D226658
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 53AD7DF990DFB5F0F8FA1E915428B0FF
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&cmp=0
Frame ID: 381E49292927DB7FD4E3E5F68DA8A01E
Requests: 29 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 0C86770785F401FD6C0D246DE3144244
Requests: 11 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/iframe
Frame ID: B78ADEE323BB306CCE419B7C92BBBA48
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: AB2CBCBB573409780F4E40D01C4957C5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 16DD4A988930A64FB6F79BD7FA5C666B
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 40CE4292379D6BBCB1D08838DD6D502C
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: D9DB7F2C38997F0AEA13EA7AAAFD9421
Requests: 9 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ANTxg0dnlSGxgRr6
Frame ID: 0ADF3CD69C8DEFED9E35836D6A2668D8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 03261E9027D968533B62148185BCEFE7
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 9425C3E6299F1D5D382D5169010B630D
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: DFE58C895D4F72DA088666BB359B2D9A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 9D60BA0D8885C05A0CA134390A65BC60
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 58623B2ECAF303D247B577014E998078
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 87A3EE1F9D61547884F8EB085F030302
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Streamer Corinna Kopf moves to Facebook Gaming after ban - WIN.gg

Page URL History Show full URLs

  1. https://win.gg/news/3378/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban HTTP 301
    https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/ Page URL

Page Statistics

304
Requests

78 %
HTTPS

30 %
IPv6

79
Domains

130
Subdomains

88
IPs

13
Countries

6983 kB
Transfer

11940 kB
Size

126
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://win.gg/news/3378/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban HTTP 301
    https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=primis&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Request Chain 101
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=8bfebb3a-407b-11ec-b4f9-18a305860206 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=94&advUuid=8bfebafe-407b-11ec-b4f9-18a305860206
Request Chain 102
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=98&advUuid=3420cf9a-0302-48a1-b694-8f178f043d36
Request Chain 115
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=93&advUuid=0c639996-a96e-4a94-93d6-bbd869a8bf81
Request Chain 116
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=99&advUuid=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB
Request Chain 117
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D6188f6a6e112d%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=105&advUuid=4042676779816353614
Request Chain 149
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=T7I3qopZXNMZaRulIbuY&pi=admatic&tc=1
Request Chain 150
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 161
  • https://ih.adscale.de/uu?cbfn=receive&t=1636365992 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1636365992&nut&uu=14692ee794ae454db80a9aefd2c4851c
Request Chain 162
  • https://cs.choozle.com/dp/chz/24899?d=win.gg&cb=1398468924 HTTP 302
  • https://cs.choozle.com/sync HTTP 302
  • https://cs.choozle.com/sync?v=true&cid=2bbe5443-4972-4005-b45c-da039721ab3f HTTP 302
  • https://tags.bluekai.com/site/48443?id=2bbe5443-4972-4005-b45c-da039721ab3f&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3D2bbe5443-4972-4005-b45c-da039721ab3f HTTP 302
  • https://cs.choozle.com/sync?pid=$_BK_UUID&dpsync=bk&cid=2bbe5443-4972-4005-b45c-da039721ab3f HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_puid=2bbe5443-4972-4005-b45c-da039721ab3f&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
  • https://cs.choozle.com/sync?pid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&dpsync=ttd&cid=2bbe5443-4972-4005-b45c-da039721ab3f HTTP 302
  • https://idsync.rlcdn.com/459489.gif?partner_uid=2bbe5443-4972-4005-b45c-da039721ab3f HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJDJiYmU1NDQzLTQ5NzItNDAwNS1iNDVjLWRhMDM5NzIxYWIzZhAAGg0Iqe2jjAYSBQjoBxAAQgBKAA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBVaKliB0DMUeHrqZPiQxvA&google_cver=1
Request Chain 166
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D0cdfb49c9c52beb7 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=0cdfb49c9c52beb7
Request Chain 167
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2787065878 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2787065878 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/65dbf2bb-416e-4d90-8b8c-67dd8394c17e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e990eff5-c288-4dde-833c-4396eac3ef46-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-e990eff5-c288-4dde-833c-4396eac3ef46-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003&dc=1079cc634ca638f8&iss=1
Request Chain 170
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D0cdfb49c9c52beb7%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=0cdfb49c9c52beb7&uid=fa5ba6e5-f6db-43bb-997d-d921e217bcae
Request Chain 174
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D0cdfb49c9c52beb7 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 175
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0cdfb49c9c52beb7%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0cdfb49c9c52beb7&uid=4042676779816353614
Request Chain 177
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-nN3BkcNE2uFPHE2jViKpXYr7RFCtyCWpmMzLavg-~A
Request Chain 179
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 196
  • https://insight.adsrvr.org/tags/2tetedh/g27akpq/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/iframe
Request Chain 198
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=14692ee794ae454db80a9aefd2c4851c&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=101&tpuid=BBID-01-03110799924967396-16441020
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENEnaIAnYTOYSz7CNxkhGsk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Request Chain 201
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a81aa0f6-f3df-461d-8636-fa96b127eef8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Request Chain 203
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Request Chain 207
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=83756945867946239262221256354680191683&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Request Chain 208
  • https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&xl8blockcheck=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b83fe167d6429c5af02432314e23e2b6&zpartnerid=7&zdid=1361&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&w_k=&user_zi=&gdpr=&gdpr_consent=&optin=&uc=&z_p=&zem1=&zem2=&zem3=&zem4=&zem5=&zem6=&zph1=&zph2=&zph3=&zph4=&zph5=&zph6=&z_e_sha2_l=&z_e_sha2_u=&z_p_sha2_w=&z_p_sha2_wo=&email_hash=&zcluid=
Request Chain 209
  • https://bn01.er.bemail.it/zeotap.php?_bid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021110811-90924-0.237053001636365994-4931c8663203ede6175e78b15e32767f&zdid=533&env=mWeb
Request Chain 210
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600
Request Chain 211
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361&bounce=1&random=1463781952 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=LmSD5JVcYe.XPEonxlo8qe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Request Chain 212
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=30e9159f098efecee40bf413dcbb9908&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Request Chain 213
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-bARRCrVE2op2W4LsP4G1QbmzbYZqp_0DEA--~A&zpartnerid=570&env=mWeb
Request Chain 214
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=ITA&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=ITA&zdid=1361&cid=%2BU61mPffcLMFLiZ7l%2F%2FG%2Fm4%2FxIOHPuTv%2BS41iYitP1U%3D
Request Chain 218
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361&_test=YYj2qAAC_-j4vAAz HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YYj2qAAC_-j4vAAz&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&_test=YYj2qAAC_-j4vAAz
Request Chain 219
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b8976188-f6a8-4300-bc9c-d51836b6f909&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Request Chain 220
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.649090f3-0991-43e7-880b-29c430c995bf&zdid=1361
Request Chain 221
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Request Chain 222
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&dcc=t
Request Chain 223
  • https://tags.bluekai.com/site/87734?id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 224
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Request Chain 232
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYj2p3zmNZQOOhat0ZqWRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKKKp3KiAuTnU-dFjbyPS1s&google_cver=1&gdpr=1
Request Chain 233
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&dcc=t
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEUZQzywNEz6NEweaImuv9o&google_cver=1
Request Chain 237
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ae4446f3-078b-408d-881e-921509151891
Request Chain 238
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYj2p3zmNZQOOhat0ZqWRQAA%26699?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYj2p3zmNZQOOhat0ZqWRQAA%26699?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 243
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=6ed8b92dcc16872c848c58054959b712af20f30382ab4eb5e168d245f3549ccf&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=f4146188-f6a8-4f00-a131-213cd59f019b&gdpr=0&gdpr_consent=
Request Chain 252
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=75&tpuid=4042676779816353614&gdpr=0
Request Chain 253
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003&rndcb=6301148721 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003&rndcb=6301148721 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=6d299636-dff2-431f-bb39-638ac2c3a280&google_hm=NmQyOTk2MzYtZGZmMi00MzFmLWJiMzktNjM4YWMyYzNhMjgw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB4O2LoduYe_v6eXBTuXNy8&google_cver=1&ssp=adconductor&bsw_param=6d299636-dff2-431f-bb39-638ac2c3a280 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/6d299636-dff2-431f-bb39-638ac2c3a280?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e990eff5-c288-4dde-833c-4396eac3ef46-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-e990eff5-c288-4dde-833c-4396eac3ef46-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003
Request Chain 254
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=fc0905c1-3240-4a98-97e4-c05897a97460
Request Chain 255
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4042676779816353614
Request Chain 256
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nN3BkcNE2uFPHE2jViKpXYr7RFCtyCWpmMzLavg-~A
Request Chain 258
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 259
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4042676779816353614
Request Chain 267
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3041342999546826376
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELEIRhQH-8v8yiK583FfcEk&google_cver=1
Request Chain 273
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=bf4a894809b4be27c12854eb3deb8acd57460c937c4c5f1f4932e5a1aeabbebf&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YYj2p3zmNZQOOhat0ZqWRQAA%26699
Request Chain 275
  • https://track.adform.net/serving/cookie/match/?party=9&uid=654a82ce7210f7fdc6c8b3c111a07e9f5ac7def5c975517f352a2de8906e2709&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=654a82ce7210f7fdc6c8b3c111a07e9f5ac7def5c975517f352a2de8906e2709&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=42&gdpr=0&tpuid=4091595630757667348
Request Chain 276
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=d273aadcfa7ee37c4c99dc9f245692cd2efb4d2695a2bbffca16bb9e91def367&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=03600b29-fef1-400f-8067-a47c08115db0&gdpr=0
Request Chain 278
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwin.gg%2F&domain=win.gg&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=hnKZ7XxJZk1PdHRLRFRkbVJBck84cjdXYUJMd0lZVmVKMGVxeVp5d2hydW1pRHRjaG5xRTluOHFxcFhySXFmdThTeENjSkpnTSs2VXFLWFlRRWZDblYrcGt2TEo0bmFVSk5qVE5lcWd6YWNONlNEbHVhOS9sbGw3MzRrODY1NUhaV2ZPWHBLbkRzVTJNdXpMa3VpSnlnUkR4VUJZM3hZcmF3aWplWUwyUUIwSy9ML0FvQjUxc0F3NUJvSXpSWTc4NVVWR2ZMZUgzNklhSlUyeWlMTSt3Y3FLV2xQVXpDUHhhaWFhNHBleEtBcFZhWjBqZnl2RlAxQUZQeElWaDVCeWloZFRMKzQ1d1VkQUc2eFpmTzlLaVBsTUZMZz09fA&cppv=2
Request Chain 285
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=666d265fd0528a4e2bfe12d774546cd&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=c060_7028138419927539747 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjY2ZDI2NWZkMDUyOGE0ZTJiZmUxMmQ3NzQ1NDZjZA==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELkspbeqMgNuV_tZm1eqLEA&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=65dbf2bb-416e-4d90-8b8c-67dd8394c17e HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/666d265fd0528a4e2bfe12d774546cd&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-tkoJvm5E2oOmfYQCscJX_p83kKPuUloD_bKv70Ho~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=4042676779816353614 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b8976188-f6a8-4300-bc9c-d51836b6f909&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4091595630757667348 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=EaoSj2Pk1MK1xU5 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAA2aU7DEe0AABe52uxYKw&gdpr=0
Request Chain 286
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP8d084fd5-407b-11ec-9c8c-06f28f52458a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA4ZDA4NGZkNS00MDdiLTExZWMtOWM4Yy0wNmYyOGY1MjQ1OGE%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEKjg36_yL2Wl-3Q538G4454&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKjg36_yL2Wl-3Q538G4454&google_cver=1&apid=UP8d084fd5-407b-11ec-9c8c-06f28f52458a
Request Chain 287
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&_origin=1&gdpr=1&gdpr_consent=
Request Chain 290
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b8976188-f6a8-4300-bc9c-d51836b6f909
Request Chain 291
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=znkR2Z5-SNjVfh_WzXkEhMB4S4PVLBqAni1aPGHA
Request Chain 292
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4091595630757667348
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDJSgaDery5ad9KnRj02kvg&google_cver=1
Request Chain 296
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=b3c3a6d07c3df8fd274d3a1791009c78372c27d7201a7e08fc3a793888391a07&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b8976188-f6a8-4300-bc9c-d51836b6f909&gdpr=0&gdpr_consent=
Request Chain 297
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=6d299636-dff2-431f-bb39-638ac2c3a280 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=6d299636-dff2-431f-bb39-638ac2c3a280 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=716ccbb2-9860-4745-bb2a-7d39cc7c3eff&ssp=admatic&expires=30&user_group=5&bsw_param=6d299636-dff2-431f-bb39-638ac2c3a280 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=6d299636-dff2-431f-bb39-638ac2c3a280&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=6d299636-dff2-431f-bb39-638ac2c3a280&dsp_uuid=&dsp_id=
Request Chain 299
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=80703b339866bb0926bd948f72cd73a6615f0ea3910df4c3e141f20c8a7ad6a2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=80703b339866bb0926bd948f72cd73a6615f0ea3910df4c3e141f20c8a7ad6a2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/js?tpid=48&tpuid=b79dd9dcaf8489c68da7807f975d8f1a

304 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Redirect Chain
  • https://win.gg/news/3378/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban
  • https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
498 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
acd6b107cb468ecf25fbc56512f02601632653c1e77478a349870d901a363586
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

age
0
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 08 Nov 2021 10:06:30 GMT
display
pub_site_sol
expires
Sun, 07 Nov 2021 10:06:30 GMT
link
<https://win.gg/wp-json/>; rel="https://api.w.org/", <https://win.gg/wp-json/wp/v2/news/5086>; rel="alternate"; type="application/json", <https://win.gg/?p=5086>; rel=shortlink
pagespeed
off
response
200
server
nginx
strict-transport-security
max-age=300
vary
Accept-Encoding Accept-Encoding,Cookie,User-Agent
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-ezoic-cdn
Miss
x-middleton-display
pub_site_sol
x-middleton-response
200
x-origin-cache-control
private, proxy-revalidate, s-maxage=0, must-revalidate
x-pantheon-styx-hostname
styx-fe3fe4-d-5fd9d579db-242xj
x-served-by
cache-ams21054-AMS, cache-fra19145-FRA
x-sol
pub_site
x-styx-req-id
8b2641ec-407b-11ec-a2c9-42c89677102f
x-timer
S1636365990.126806,VS0,VE246

Redirect headers

age
0
cache-control
public, max-age=2592000
content-type
text/html; charset=UTF-8
date
Mon, 08 Nov 2021 10:06:30 GMT
display
staticcontent_sol
location
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
pagespeed
off
response
301
server
nginx
strict-transport-security
max-age=300
vary
Accept-Encoding Cookie,User-Agent,Origin,Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
301
x-origin-cache-control
no-cache, must-revalidate, max-age=0
x-pantheon-styx-hostname
styx-fe3fe4-d-5fd9d579db-qf4zq
x-redirect-by
WordPress
x-served-by
cache-ams12777-AMS, cache-fra19167-FRA
x-sol
pub_site
x-styx-req-id
8b09caa7-407b-11ec-b077-3e6bb4c3c842
x-timer
S1636365990.940279,VS0,VE96
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
588fd2ee49372883c884cc6f72b7b5b957d04edf38b2de6707317fa509932fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1037 / 96 of 1000 / last-modified: 1636364383"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27078
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Nov 2021 10:06:30 GMT
dall.js
go.ezodn.com/hb/ 		270 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,ix,medianet,onetag,pulsepoint,sharethrough,sovrn&cb=195-0-30
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37cf385965c418d9b3ef5d85817f002418404dfdd5d3acb7dbb4ae8c3d7f117b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 Nov 2021 10:06:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnK6zNUGCduUCvVGTQ%2FiIPidYfNUjKKbthd%2F7MArPx8zwi9wYEE8nTM332VitlVzWQvzgacnc4AGXNdEbmsSeaOiD5KL7L4o5UuHxDtzy4C62o3mQmFSoI2BIzqaATPymEmEu0ppPCfES4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6aadfd320b3bd618-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
index.css
win.gg/wp-content/themes/win/css/ 		167 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/themes/win/css/index.css?v=1.5.9
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0f0ed4587f01973cf025b4bfc4dfdbb1dbabf8d4c0d3a01e67f65ef9c887970f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-29d64-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;051fb6117f6a0b847ed0ff8c33d8ca9e;2-255604-79;6be99c0d-88b9-41ec-615f-3887d5136ce0
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-served-by
cache-ams12736-AMS, cache-fra19174-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.170896,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c85d9298-3c3d-11ec-9387-d6a21724134b
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
custom-styles.css
win.gg/wp-content/themes/win/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/themes/win/css/custom-styles.css?v=1.1.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
81a319202c5a41a82b4a1e0172a87b35172b463467c66ba5feda41ec36ce2cc7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-8bd-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;8361ae898528dceb63e038a4fc26ac6f;2-255604-79;dd46fe7a-7af3-483f-45b8-ae7c0fc9c96c
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
683
x-served-by
cache-ams21079-AMS, cache-fra19175-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902797.165804,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c87ecff5-3c3d-11ec-9429-8e31b195775f
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-4d42s
banger.js
win.gg/porpoiseant/ 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/porpoiseant/banger.js?cb=195-0&bv=83&v=55&PageSpeed=off
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4098a1bac66df8c517bb37d59d5a915ac296d00a8526b08d8272f9e2c4e2adc1

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
style.min.css
win.gg/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-13abe-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;27ec322a3270a9e8d23462faa90575b8;2-255604-79;009c5d9b-14bd-4799-7768-bf93217de5b2
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-served-by
cache-ams12725-AMS, cache-fra19139-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.169529,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c86520f2-3c3d-11ec-a9b0-aa1c53e674a7
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-525kb
blocks.style.build.css
win.gg/wp-content/plugins/embedpress/Gutenberg/dist/ 		2 KB
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/embedpress/Gutenberg/dist/blocks.style.build.css?ver=1636061687
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e0c0c0b607dcddedcb101ac6487d7b5c321a984e25d19bbd24337e7a9b1d6c22
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"618451f8-614-gzip"
x-sol
orig
age
0
x-ezoic-cdn
Hit ds;mm;f59d67bbccb91d9c81b1c7e578af3f91;2-255604-79;fb85b7ed-e696-41ff-6bff-7fe71277865d
x-cache
MISS, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
0, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
413
x-served-by
cache-ams12753-AMS, cache-fra19123-FRA
response
200
last-modified
Thu, 04 Nov 2021 21:34:48 GMT
server
nginx
x-timer
S1636061693.066137,VS0,VE15
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
0bf7b5f9-3db7-11ec-b367-326ab8d9aa62
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-5c5fdf9c46-sxnb8
dashicons.min.css
win.gg/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-includes/css/dashicons.min.css?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
88c476fb933e732d8d23b1c13aea7186bb93ebed952d72376efcf65a0bc81201
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d843-e688-gzip"
x-sol
orig
age
2139
x-ezoic-cdn
Hit ds;mm;a8a7a52692774d7acb27d9b0a41b72c7;2-255604-79;9ddd6ce4-bfb1-4e94-7dad-31ef2c9a16ba
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-served-by
cache-ams21031-AMS, cache-hhn4037-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:59 GMT
server
nginx
x-timer
S1635902797.164082,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
1badb52c-3c40-11ec-9387-d6a21724134b
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
rounded-thumbs.min.css
win.gg/wp-content/plugins/contextual-related-posts/css/ 		1 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=1.0.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0ca7188912ef3473bb7943356daf3909fb28acf076110495dd4eff399334fe70
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-4a9-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;d998c94939bb5942280b9358bc81d234;2-255604-79;39f9d606-b15e-42c4-55cc-6f1e067946e9
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
339
x-served-by
cache-ams21075-AMS, cache-fra19164-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.163156,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c864f9b3-3c3d-11ec-9387-d6a21724134b
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
embedpress.css
win.gg/wp-content/plugins/embedpress/assets/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/embedpress/assets/css/embedpress.css?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7940523b8dc250d607eb1c29860132762f634859ba03b88605b2e0a6591b34c5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-2397-gzip"
x-sol
orig
age
3137
x-ezoic-cdn
Hit ds;mm;cf3baf68d546401562595c2b5e43b6a2;2-255604-79;28581555-1d6f-404b-4b38-70e717247028
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
1986
x-served-by
cache-ams12749-AMS, cache-fra19174-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902797.157417,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c88e8cd1-3c3d-11ec-a9b0-aa1c53e674a7
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-525kb
mu-style.css
win.gg/wp-content/plugins/sharethis-share-buttons/css/ 		26 B
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-1a-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;95ae07a38703524064a74fd6c50d0b84;2-255604-79;dd61fcee-75cc-4d3f-633b-7b17eb2719f6
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
30
x-served-by
cache-ams12761-AMS, cache-fra19141-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902797.156752,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c86646bc-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
win-gg-public.css
win.gg/wp-content/plugins/win-gg/public/css/ 		98 B
472 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/win-gg/public/css/win-gg-public.css?ver=1.0.0
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-62-gzip"
x-sol
orig
age
3137
x-ezoic-cdn
Hit ds;mm;4ad16b3ce1ec8cca0416aaf40d44a1e4;2-255604-79;0d2390a7-c0ab-4c46-6860-a38f5db520cf
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
80
x-served-by
cache-ams21050-AMS, cache-fra19169-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.174378,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c88df9c5-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
style.css
win.gg/wp-content/themes/win/ 		2 KB
1014 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/themes/win/style.css?ver=1.0.0
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
caf6362ca050e7d51d7504ebc412a99948a580a37972447db3e711ede38120b0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-7d9-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;4aeda9832e2fea3b6684865acbd5e8e6;2-255604-79;e07d81ee-8b00-4122-6de9-416c843ecad9
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
775
x-served-by
cache-ams21041-AMS, cache-hhn4070-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.168778,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c8669410-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
pdfobject.min.js
win.gg/wp-content/plugins/embedpress/assets/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/embedpress/assets/js/pdfobject.min.js?ver=3.2.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c1a86d7c11a5c83b82c7e6f814aff6286a9fe3483b8e0e2c16089370bad4676d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-34d3-gzip"
age
3142
x-ezoic-cdn
Hit ds;mm;df872bece1306577295992dda13f1b20;2-255604-79;25596725-7c02-43ab-5158-b7819f9e08fc
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
4088
x-served-by
cache-ams12728-AMS, cache-hhn4030-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.209010,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c8681ae2-3c3d-11ec-9387-d6a21724134b
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
jquery.min.js
win.gg/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-15db1-gzip"
age
623
x-ezoic-cdn
Hit ds;mm;50d057da7aaf7d91656d68a151a7cca7;2-255604-79;c29d4559-8a76-45ce-4368-7fa1e1769983
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-served-by
cache-ams12731-AMS, cache-fra19135-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.204280,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
a5fa0ee7-3c43-11ec-806f-3269da417963
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
jquery-migrate.min.js
win.gg/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-2bd8-gzip"
age
623
x-ezoic-cdn
Hit ds;mm;7a11791901b6cd3c8ae1579f76ed157e;2-255604-79;f9f32603-873d-4b92-6fcb-8c76b76e6ab6
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
3998
x-served-by
cache-ams12723-AMS, cache-fra19142-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.205286,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
a5fa39df-3c43-11ec-9429-8e31b195775f
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-4d42s
sharethis.js
platform-api.sharethis.com/js/ 		183 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-126.fra56.r.cloudfront.net
Software
/
Resource Hash
b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 09:58:12 GMT
content-encoding
gzip
age
498
etag
W/"2dcf1-RQaJcGO9+DuZ32kDJGMESLkOoPg"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
yK1L8WGSKzBaaWgwmZRzfwHxycGgw_JnEG0XKAcNEYQ_fnAgiMy00g==
win-gg-public.js
win.gg/wp-content/plugins/win-gg/public/js/ 		838 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/win-gg/public/js/win-gg-public.js?ver=1.0.0
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-346-gzip"
age
3142
x-ezoic-cdn
Hit ds;mm;d1166ae83f155bbc2c21f0e958fbcb01;2-255604-79;64e85416-1640-4600-7593-93fb0c2070f6
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
412
x-served-by
cache-ams12728-AMS, cache-hhn4030-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.202542,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c869b954-3c3d-11ec-9387-d6a21724134b
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
gtm4wp-youtube.js
win.gg/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.13.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a83bf33080e6fd7aa375b48f11f4ac7b1a186d94a36af178e417cc00d6e09a7d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-1c80-gzip"
age
3142
x-ezoic-cdn
Hit ds;mm;eb6bfb4df1d0db5e874c628b191330b1;2-255604-79;712a1c27-e50a-4e03-62a3-4293980ad5c4
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
1281
x-served-by
cache-ams21075-AMS, cache-hhn4022-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902801.207020,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c8688d50-3c3d-11ec-9387-d6a21724134b
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
analytics-talk-content-tracking.js
win.gg/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.13.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c983bccbfa3aeec262e4469747aaf9d860d93fedcf3ba263c84bd7ef21430234
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-f16-gzip"
age
3142
x-ezoic-cdn
Hit ds;mm;b98db409ddaa9dc76b68a7d82cbfcba8;2-255604-79;d3c2397f-60c2-4775-77c2-bde2fa4cb9d8
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
1132
x-served-by
cache-ams12772-AMS, cache-fra19120-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902801.210557,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c869ddbb-3c3d-11ec-a9b0-aa1c53e674a7
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-525kb
wpp.min.js
win.gg/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-bc3-gzip"
age
3142
x-ezoic-cdn
Hit ds;mm;549c00d922e8d6404fa2101e17aba8d1;2-255604-79;488da5fd-1f87-42fc-558f-185e39ea18e1
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
1215
x-served-by
cache-ams21021-AMS, cache-hhn4042-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.210600,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c869a7e8-3c3d-11ec-9429-8e31b195775f
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-4d42s
myloadmore.js
win.gg/wp-content/themes/win/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/themes/win/js/myloadmore.js?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c555bc295bb01f8cf5343bf7e338efa35182951447d9362a01ab618b31935ed4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-490-gzip"
age
3142
x-ezoic-cdn
Hit ds;mm;ad4c2e8adceb41cfaec9258a0bc97592;2-255604-79;1ccdf83a-e8f5-4cf3-67aa-751ab959cfab
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
506
x-served-by
cache-ams12749-AMS, cache-fra19127-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902801.209728,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c86b687e-3c3d-11ec-9387-d6a21724134b
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
dashicons.ttf
win.gg/wp-includes/fonts/ 		55 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-includes/fonts/dashicons.ttf?99ac726223c749443b642ce33df8b800
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cacd900a2587c234c53e9d0108fc51ff6c61420c4f89a1731014b673a7b9a1a8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Origin
https://win.gg
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-dc48-gzip"
age
187
x-ezoic-cdn
Hit ds;mm;7853ef15cb261014823b6e1f4ce05260;2-255604-79;0faf6364-7551-46c0-763b-670ba081f7ca
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-served-by
cache-ams21041-AMS, cache-hhn4029-HHN
access-control-allow-origin
*
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.206988,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-font-ttf
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
a97e625a-3c44-11ec-9387-d6a21724134b
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
consentsettings.js
win.gg/detroitchicago/ 		1 KB
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/detroitchicago/consentsettings.js?cb=2
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
last-modified
Mon, 08 Nov 2021 07:53:24 GMT
server
nginx
etag
"5be-5d04249976735;5c701b9c2cf40-gzip"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
content-length
525
wp-emoji-release.min.js
win.gg/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d843-4705-gzip"
age
2142
x-ezoic-cdn
Hit ds;mm;687cacc22fbe4dece0618e83f2787bb3;2-255604-79;497fbaa2-ef4d-4769-7537-0d4ac2375947
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-served-by
cache-ams12767-AMS, cache-hhn4053-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:59 GMT
server
nginx
x-timer
S1635902801.401244,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
1c671b51-3c40-11ec-9387-d6a21724134b
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
liveView.php
live.primis.tech/live/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
61f3dad99daef0667788a692abd99669b5291a5a0da197372b7784765d6dd9ae

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:29 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 00:10:58 GMT
x-content-type-options
nosniff
age
208532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89476
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sun, 06 Nov 2022 00:10:58 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/bootstrap.bundle.min.js
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
Origin
https://win.gg
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1171178
x-jsd-version
5.0.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19121-FRA, cache-mxp6979-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1339c-XbTEDbxr09liPumKIGHdJliFzy4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6aadfd32488c59cb-MXP
custom.js
win.gg/wp-content/themes/win/js/ 		2 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/themes/win/js/custom.js?ver=1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cea9c3393f4b0a57475e38dbbff527aca7a3aa2d107b4b4742b937c2507e2063
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-762-gzip"
age
3141
x-ezoic-cdn
Hit ds;mm;ca5a6afa4bd45676d088dc73fae68cc5;2-255604-79;cb34ec04-4140-4d25-543b-5decb5921516
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
707
x-served-by
cache-ams21026-AMS, cache-hhn4059-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.228361,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c8acd03f-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
app.js
win.gg/wp-content/themes/win/js/ 		2 KB
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/themes/win/js/app.js?ver=1.0.4
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
935b2f1cdbf1af0439e86ecbd0ca09a2b3a91807ae651cf3f840f9237a45a667
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-718-gzip"
age
3141
x-ezoic-cdn
Hit ds;mm;bb0c8de94a1d9c208ce349ffedb8e213;2-255604-79;1054988a-937c-485b-7755-35ca669b99ef
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
411
x-served-by
cache-ams12720-AMS, cache-fra19182-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.230836,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c8ae7e97-3c3d-11ec-9429-8e31b195775f
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-4d42s
front.js
win.gg/wp-content/plugins/embedpress/assets/js/ 		2 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/plugins/embedpress/assets/js/front.js?ver=3.2.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-7bb-gzip"
age
3141
x-ezoic-cdn
Hit ds;mm;023c17ecc3422746f41ee0482784c7f2;2-255604-79;9bd23ba4-5792-49d4-6368-34381c189cb8
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
743
x-served-by
cache-ams12742-AMS, cache-fra19125-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.230084,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c8aeb862-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
navigation.js
win.gg/wp-content/themes/win/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/themes/win/js/navigation.js?ver=1.0.0
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
60e1017c6585464aa240b13f4074ab5ea100dcbdb72615124ff575bcc891a542
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-ba0-gzip"
age
3141
x-ezoic-cdn
Hit ds;mm;cca13f525d9d477139ac577db149a09b;2-255604-79;b64c7258-6477-44e6-699b-3ec165391df8
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
933
x-served-by
cache-ams21044-AMS, cache-fra19155-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902801.231564,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c8ae51c2-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
wp-embed.min.js
win.gg/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-592-gzip"
age
3141
x-ezoic-cdn
Hit ds;mm;87b14d717e46be9e1f6cd10883c73a49;2-255604-79;d05327a9-c003-41ce-5a2f-17f2679fb6ee
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
663
x-served-by
cache-ams12733-AMS, cache-fra19171-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.237268,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c8ae7d7d-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
ezcl.webp
win.gg/utilcave_com/inc/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/utilcave_com/inc/ezcl.webp?cb=4
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
x-sol
middleton
server
nginx
display
staticcontent_sol
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
staticcontent_sol
cache-control
max-age=86400
content-length
605
pubads_impl_2021110201.js
securepubads.g.doubleclick.net/gpt/ 		346 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118932
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 08:34:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Nov 2021 10:06:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		125 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=win.gg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
44e5edcc859742a0b45e017caa75b17dda8810b08b28fea2f900299d5473e075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Mon, 08 Nov 2021 10:06:30 GMT
60fa285f7c9b910013246b5d.js
buttons-config.sharethis.com/js/ 		1 KB
908 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/60fa285f7c9b910013246b5d.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f5b6267968f60e8c5f023222caa8cfdd05574076c8ea3740894ef93fd4b8ba3

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
etag
W/"b5b12554debecb814fc68e90517a2655"
last-modified
Mon, 11 Oct 2021 23:54:27 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control
public, max-age=60
x-amz-cf-id
r5AGFfIHtHhNLmRhRIgavj2ERkCQYXxW9UvcP2-X7UdWT_LKrLlgmg==
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: win.gg
URL: https://win.gg/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.13.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2aee396045e8313003eda4d9b0acc42c7a9cbd7c29b4a32480ba2489baacbecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Mon, 08 Nov 2021 10:06:30 GMT
popular-posts
win.gg/wp-json/wordpress-popular-posts/v1/ 		53 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-json/wordpress-popular-posts/v1/popular-posts
Requested by
Host: win.gg
URL: https://win.gg/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b3d7100f158f1d8aea27de077461869a54c87dade2792bb616cc76783d591c4f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-encoding
br
x-sol
pub_site
age
0
x-pantheon-styx-hostname
styx-fe3fe4-c-5c5fdf9c46-sxnb8
x-middleton-display
staticcontent_sol
strict-transport-security
max-age=300
x-served-by
cache-ams12745-AMS, cache-hhn4029-HHN
x-wp-nonce
4428d1b990
x-timer
S1636365991.879775,VS0,VE94
x-origin-cache-control
public, max-age=600
vary
Accept-Encoding, Origin,Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
x-styx-req-id
8b9928d9-407b-11ec-b367-326ab8d9aa62
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
public, max-age=600
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-cache-hits
0, 0
date
Mon, 08 Nov 2021 10:06:30 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
access-control-allow-origin
https://win.gg
x-ezoic-cdn
Miss
x-cache
MISS, MISS
x-middleton-response
201
content-length
51
link
<https://win.gg/wp-json/>; rel="https://api.w.org/"
response
201
server
nginx
allow
GET, POST
access-control-allow-credentials
true
display
staticcontent_sol
gtm.js
www.googletagmanager.com/ 		135 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-598L2T6
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
126c2f717e7156d14ab6202014846c69b291675708e42e8168a29b466eb8aebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49204
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Nov 2021 10:06:30 GMT
cmbv2.js
win.gg/detroitchicago/ 		84 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1c-2y1f-3y32-22y55-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1cx1fx32x55
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44dc71474fbcd388c4bc5811061cbc6f5e47bfa763bfc6c34ec21b3bb8fd32f7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public, max-age=31536000, public
x-robots-tag
noindex
liveView.php
live.primis.tech/live/ Frame 1808 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq&cbuster=1636365990&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c405bff54b72cd8c34a0993333da350939ef0e4eb370abbbe96da07f7c649ddf

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
nmash.js
win.gg/porpoiseant/ 		24 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://win.gg/porpoiseant/nmash.js?v=83
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d86923070cdd3b26c384dfb89877b54c56cc30ebcaca4b9ef0fefeb935d5c7ef

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
last-modified
Mon, 08 Nov 2021 00:00:15 GMT
server
nginx
etag
"6083-5d03bad723551;5c701b9c2cf40-gzip"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
imp.gif
win.gg/detroitchicago/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.gg/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A2%2C%22ad_lazyload_version%22%3A5%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%225%2C34%2C36%2C30%2C35%2C0%2C2%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A7%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Milan%22%2C%22country%22%3A%22IT%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A6%2C%22domain_id%22%3A255604%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A3%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A6%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1102%2C1103%2C1104%2C1106%2C1107%2C1137%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22ee2811f4-bf39-4e83-5124-58a3802ad660%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2220153%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A357660%2C%22response_time_orig%22%3A319%2C%22serverid%22%3A%223.120.173.158%3A28500%22%2C%22state%22%3A%22MI%22%2C%22sub_page_ad_positions%22%3A%221100%2C1102%2C1103%2C1104%2C1106%2C1107%2C1137%22%2C%22t_epoch%22%3A1636365990%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A627%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: win.gg
URL: https://win.gg/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1b-1y1c-2y1f-3y32-22y55-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1cx1fx32x55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/gif
x-middleton-display
imp_sol
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
47
cmbdv2.js
win.gg/detroitchicago/ 		47 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-5y0c-5y18-4y33-22y56-21&cmbcb=20&sj=x03x0cx18x33x56
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a792749b1c0f0fbeceaaa7a55d478e6ec200342af495d6a565478a5d271c0b55

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public, max-age=31536000, public
x-robots-tag
noindex
houston.js
win.gg/detroitchicago/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/detroitchicago/houston.js?gcb=0&cb=15
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cc3662d59dc02e7a992f8da286146a1b0825d81ca1a9ebaf041a0f080606b0e5

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1341
index.css
win.gg/wp-content/themes/win/css/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/themes/win/css/index.css?v=1.5.9
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-29d64-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;051fb6117f6a0b847ed0ff8c33d8ca9e;2-255604-79;6be99c0d-88b9-41ec-615f-3887d5136ce0
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-served-by
cache-ams12736-AMS, cache-fra19174-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.170896,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c85d9298-3c3d-11ec-9387-d6a21724134b
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
custom-styles.css
win.gg/wp-content/themes/win/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/themes/win/css/custom-styles.css?v=1.1.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-8bd-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;8361ae898528dceb63e038a4fc26ac6f;2-255604-79;dd46fe7a-7af3-483f-45b8-ae7c0fc9c96c
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
683
x-served-by
cache-ams21079-AMS, cache-fra19175-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902797.165804,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c87ecff5-3c3d-11ec-9429-8e31b195775f
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-4d42s
style.min.css
win.gg/wp-includes/css/dist/block-library/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-13abe-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;27ec322a3270a9e8d23462faa90575b8;2-255604-79;009c5d9b-14bd-4799-7768-bf93217de5b2
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-served-by
cache-ams12725-AMS, cache-fra19139-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.169529,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c86520f2-3c3d-11ec-a9b0-aa1c53e674a7
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-525kb
blocks.style.build.css
win.gg/wp-content/plugins/embedpress/Gutenberg/dist/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/plugins/embedpress/Gutenberg/dist/blocks.style.build.css?ver=1636061687
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"618451f8-614-gzip"
x-sol
orig
age
0
x-ezoic-cdn
Hit ds;mm;f59d67bbccb91d9c81b1c7e578af3f91;2-255604-79;fb85b7ed-e696-41ff-6bff-7fe71277865d
x-cache
MISS, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
0, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
413
x-served-by
cache-ams12753-AMS, cache-fra19123-FRA
response
200
last-modified
Thu, 04 Nov 2021 21:34:48 GMT
server
nginx
x-timer
S1636061693.066137,VS0,VE15
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
0bf7b5f9-3db7-11ec-b367-326ab8d9aa62
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-5c5fdf9c46-sxnb8
dashicons.min.css
win.gg/wp-includes/css/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-includes/css/dashicons.min.css?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d843-e688-gzip"
x-sol
orig
age
2139
x-ezoic-cdn
Hit ds;mm;a8a7a52692774d7acb27d9b0a41b72c7;2-255604-79;9ddd6ce4-bfb1-4e94-7dad-31ef2c9a16ba
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-served-by
cache-ams21031-AMS, cache-hhn4037-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:59 GMT
server
nginx
x-timer
S1635902797.164082,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
1badb52c-3c40-11ec-9387-d6a21724134b
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
rounded-thumbs.min.css
win.gg/wp-content/plugins/contextual-related-posts/css/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=1.0.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-4a9-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;d998c94939bb5942280b9358bc81d234;2-255604-79;39f9d606-b15e-42c4-55cc-6f1e067946e9
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
339
x-served-by
cache-ams21075-AMS, cache-fra19164-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.163156,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c864f9b3-3c3d-11ec-9387-d6a21724134b
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
embedpress.css
win.gg/wp-content/plugins/embedpress/assets/css/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/plugins/embedpress/assets/css/embedpress.css?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-2397-gzip"
x-sol
orig
age
3137
x-ezoic-cdn
Hit ds;mm;cf3baf68d546401562595c2b5e43b6a2;2-255604-79;28581555-1d6f-404b-4b38-70e717247028
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
1986
x-served-by
cache-ams12749-AMS, cache-fra19174-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902797.157417,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c88e8cd1-3c3d-11ec-a9b0-aa1c53e674a7
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-525kb
mu-style.css
win.gg/wp-content/plugins/sharethis-share-buttons/css/ 		26 B
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=5.8.1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d842-1a-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;95ae07a38703524064a74fd6c50d0b84;2-255604-79;dd61fcee-75cc-4d3f-633b-7b17eb2719f6
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
30
x-served-by
cache-ams12761-AMS, cache-fra19141-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902797.156752,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c86646bc-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
win-gg-public.css
win.gg/wp-content/plugins/win-gg/public/css/ 		98 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/plugins/win-gg/public/css/win-gg-public.css?ver=1.0.0
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-62-gzip"
x-sol
orig
age
3137
x-ezoic-cdn
Hit ds;mm;4ad16b3ce1ec8cca0416aaf40d44a1e4;2-255604-79;0d2390a7-c0ab-4c46-6860-a38f5db520cf
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
80
x-served-by
cache-ams21050-AMS, cache-fra19169-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.174378,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c88df9c5-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
style.css
win.gg/wp-content/themes/win/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/themes/win/style.css?ver=1.0.0
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
br
etag
W/"6181d841-7d9-gzip"
x-sol
orig
age
3138
x-ezoic-cdn
Hit ds;mm;4aeda9832e2fea3b6684865acbd5e8e6;2-255604-79;e07d81ee-8b00-4122-6de9-416c843ecad9
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
775
x-served-by
cache-ams21041-AMS, cache-hhn4070-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.168778,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c8669410-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, orig_site_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
cmp.js
g.ezodn.com/cmp/v2/ 		518 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/v2/cmp.js?v=49
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16910f012ec529e4bef4051c3f178f72302c5ef55973277ba7aa36b5d19b91e2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Nov 2021 07:11:22 GMT
server
cloudflare
age
469445
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vem%2FyMumhkzKdLulhAS7npjBMP8M17l0Lc7GlJXy0kYA6MS11UOoBfbWfq98%2Fi%2F%2FYq1me3mefUgSBqrjhDoo%2BtnEoxEKKx3539G31i1ehmyFIVlFDtFZPRmbktxL9I%2B8kgk96DoHn1WfHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6aadfd338d94d618-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
logo--dark.png
win.gg/wp-content/themes/win/assets/ 		13 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/themes/win/assets/logo--dark.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ebab19f74d95b1c10457dbf025009438a9479c198c5e96a829c64f4b4298cf46
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
etag
"6181d842-3435-gzip"
age
3137
x-ezoic-cdn
Hit ds;mm;83d6e92484cb3e75716d513d7359b9a8;2-255604-79;2ec3329a-f81c-44f6-5648-ec3421c60a4c
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, User-Agent,Origin,Accept-Encoding
x-served-by
cache-ams12754-AMS, cache-hhn4051-HHN
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902797.171769,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
image/png
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c8ef71ba-3c3d-11ec-9429-8e31b195775f
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-4d42s
sun--dark.png
win.gg/wp-content/themes/win/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/themes/win/assets/sun--dark.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
875ca1fe8a85b43fefb0206533f96bd56905305e6e0291c0b5284daf07b0c9e9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
etag
"6181d841-490-gzip"
age
3137
x-ezoic-cdn
Hit ds;mm;d8e71934369849cda63ffbee45913a44;2-255604-79;d7839b09-617c-4101-47b9-3c576af1d59f
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, User-Agent,Origin,Accept-Encoding
content-length
1172
x-served-by
cache-ams12733-AMS, cache-fra19125-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:57 GMT
server
nginx
x-timer
S1635902797.159249,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
image/png
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c8f0aa41-3c3d-11ec-9387-d6a21724134b
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-cnbbx
search--dark.svg
win.gg/wp-content/themes/win/assets/ 		608 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.gg/wp-content/themes/win/assets/search--dark.svg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
62c6ababbe88d3d4496203cd685f2b900a0cb382b8e24704ad25e84b8ed80833
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
etag
W/"6181d842-260-gzip"
age
3137
x-ezoic-cdn
Hit ds;mm;ccf92ad84bedceade2dc9e9a6c739300;2-255604-79;d4165aa8-7f0b-4c14-65d5-1b729552a0f3
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
339
x-served-by
cache-ams21045-AMS, cache-hhn4081-HHN
access-control-allow-origin
*
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902797.163511,VS0,VE10
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
image/svg+xml
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
x-styx-req-id
c8f157a4-3c3d-11ec-806f-3269da417963
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-d-9d8bc846d-jptrv
streamer-corinna-kopf-moves-to-facebook-gaming-after-ban.jpg
cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/ 		222 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:12:b1b7:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ebcae6ba16085b0700c2c866566d775af24018d91ccab531df4cb474fe860a9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Sat, 28 Aug 2021 01:09:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"a07e4092cb405b4c639f82692cf5d79f"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
227420
x-amz-cf-id
mX5pls_qc983488u1fO4r0fIxky5mBiOFL0pac5iwoBgUexPYr_ofQ==
alinity-called-out-by-peta-streamers-for-alleged-animal-abuse.jpg
cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/alinity-called-out-by-peta-streamers-for-alleged-animal-abuse.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:12:b1b7:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d3c4d3ebd4f0144277eed85a99295d62d802ae7f4d90fab87d333d7f6b52eb3

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 20:42:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"665e3346f1d0e4047495911e5a0c1ff1"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
80810
x-amz-cf-id
VAI7k0koYODSj_ivtZTGe6i3yP4jFaNHlZI3scKdvRHr-2p5WdibWg==
facebook-announces-new-esports-service-facebook-tournaments.jpg
cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/facebook-announces-new-esports-service-facebook-tournaments.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:12:b1b7:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25d9ec4bd2ed72448c55c80aba80549b5bbf69b23fa96445fb7fd394c8e11098

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 23:28:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"e193a5ba0ca9b88d0376c991a7550f45"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
RefreshHit from cloudfront
content-length
127278
x-amz-cf-id
QD61USs5-pNWcYdoa_8tmneoJ4coEzcFaYSHOC6vydHH4jcd-Z2YIQ==
who-is-pokimane-question-mark-learn-all-about-the-famous-twitch-streamer.jpg
cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/who-is-pokimane-question-mark-learn-all-about-the-famous-twitch-streamer.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:12:b1b7:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
723efdc024e9d856d94f2ccd152d787bd807295723ac1b819a4d5b6963fbf288

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 19:24:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"8ce0464fa68bd33f24676221c1e69de5"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
RefreshHit from cloudfront
content-length
205386
x-amz-cf-id
zl_N_p8ZZVnh6V6GKqWxepx4GVvDUkaTSJhxizzZ0ldFvTb3SJqL3w==
is-twitch-giving-alinity-and-amouranth-special-treatment-question-mark.png
cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/is-twitch-giving-alinity-and-amouranth-special-treatment-question-mark.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:12:b1b7:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bc7feddf838dc83d0f801f327604a35f7c4d4a16413fd9de85a275459bc2f71

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 19:24:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"df75713308197d4601dc197b8d6669bf"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
162758
x-amz-cf-id
gtVVHqR-cSB0mrT5nMPeeju7EGTIOzlYntYG4dovJmalpmRh7YW7zg==
disguisedtoast-reveals-reason-behind-switching-to-facebook-gaming.jpg
cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/1000/format/webp/type/progressive/fit/cover/path/wp/uploads/2021/08/disguisedtoast-reveals-reason-behind-switching-to-facebook-gaming.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:12:b1b7:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9913b8b14b4fc039820519bd3d99077f7110c157c9aa7adf790e19a9665327c6

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Sat, 28 Aug 2021 02:48:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"1f8d3001105d777bc0fb72f2a812a3fb"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
87108
x-amz-cf-id
DiZRjUbqs31kJaRpfEb4U_-EfjcdulyHHVLKJSD1xzee8yn4F8mg3g==
ezoic.png
go.ezoic.net/utilcave_com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c600:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 07:27:28 GMT
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-sol
middleton
age
9543
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
content-length
1181
x-amz-cf-id
fGRWbvKUokZzUPW9gZwt7et6divBjnWr3o66MM81xoFQH9_Zhz4abw==
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
etag
"49d-5bd497273b080-gzip-gzip"
vary
Accept-Encoding,Accept-Encoding
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
display
staticcontent_sol
expires
Mon, 15 Nov 2021 07:27:28 GMT
0.jpg
img.youtube.com/vi/DyhFqURfrD4/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/DyhFqURfrD4/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e042e763cc2cf729d788a418763a5b8e64ff4dcfb19f204f95266cca6cb596
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:02:04 GMT
x-content-type-options
nosniff
age
267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38757
x-xss-protection
0
server
sffe
etag
"1636112422"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 10:07:04 GMT
0.jpg
img.youtube.com/vi/rq1s-F9y3rA/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/rq1s-F9y3rA/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53fd83eaca8a5b5d851df8710ee239da10fa09d446e6fa2f4a014bf66a9c8140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 09:55:23 GMT
x-content-type-options
nosniff
age
668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32940
x-xss-protection
0
server
sffe
etag
"1636045189"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 11:55:23 GMT
0.jpg
img.youtube.com/vi/w1Qft5E94wM/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/w1Qft5E94wM/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4eab981ff34f8cb5ee9a7d114ebe5f28f4e3a390d81276801de1fd4710d3105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 08:08:50 GMT
x-content-type-options
nosniff
age
7061
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33005
x-xss-protection
0
server
sffe
etag
"1635854695"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 10:08:50 GMT
0.jpg
img.youtube.com/vi/AMExtK7lPWI/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/AMExtK7lPWI/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbff3ed0ba29af09e05a3080ffbec67eb6e20ac062535baaef3f660b9557e3f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 09:51:25 GMT
x-content-type-options
nosniff
age
906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45113
x-xss-protection
0
server
sffe
etag
"1636016602"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 11:51:25 GMT
0.jpg
img.youtube.com/vi/sN2NOuyxUnw/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/sN2NOuyxUnw/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
026b86883e9a229fa0788ba6fb68e51d8dea063a746234c0c0d1c258874c30b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 09:14:08 GMT
x-content-type-options
nosniff
age
3143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37404
x-xss-protection
0
server
sffe
etag
"1635758809"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 11:14:08 GMT
0.jpg
img.youtube.com/vi/m0gnmm3WLRw/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/m0gnmm3WLRw/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a7300bc3d6addbe32fe20ccf8888f19ff2a7e11220552d68579b97c4d0eea8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 09:09:09 GMT
x-content-type-options
nosniff
age
3442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43942
x-xss-protection
0
server
sffe
etag
"1635183273"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 11:09:09 GMT
0.jpg
img.youtube.com/vi/bcJmnEnaMvo/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/bcJmnEnaMvo/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afa7154724b0a7ce743bf2b11250f9af787a3aeb2b12a6391de669cd06bb5285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 09:02:07 GMT
x-content-type-options
nosniff
age
3864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35764
x-xss-protection
0
server
sffe
etag
"1635169834"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 11:02:07 GMT
0.jpg
img.youtube.com/vi/o_GSpRqP6zg/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/o_GSpRqP6zg/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d27694d44fa22602efcc92caf61eff0b9c2bc85455e964f78a092040c1a9592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 08:42:15 GMT
x-content-type-options
nosniff
age
5056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34857
x-xss-protection
0
server
sffe
etag
"1635505364"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 10:42:15 GMT
0.jpg
img.youtube.com/vi/Wyhbd9fYJPQ/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/Wyhbd9fYJPQ/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98385317c6bdcf8c203beeda9c8e4e8dc2622e7d6405a11b2639e5a7a84c1452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 09:34:20 GMT
x-content-type-options
nosniff
age
1931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37652
x-xss-protection
0
server
sffe
etag
"1635438357"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 11:34:20 GMT
0.jpg
img.youtube.com/vi/VdziGu5GgVE/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/VdziGu5GgVE/0.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dddea515a7535c5f8382cd21e6a362464f3932f4445663f420c1ef0158b0238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 08:25:12 GMT
x-content-type-options
nosniff
age
6079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30799
x-xss-protection
0
server
sffe
etag
"1635348337"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 08 Nov 2021 10:25:12 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 1808 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq&cbuster=1636365990&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 08 Nov 2022 10:06:30 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 1808 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq&cbuster=1636365990&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 08 Nov 2022 10:06:30 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 1808 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq&cbuster=1636365990&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 08 Nov 2022 10:06:31 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 1808 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq&cbuster=1636365990&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 08 Nov 2022 10:06:31 GMT
prebidVid.5.18.0_2.min.js
live.primis.tech/content/prebid/ Frame 1808 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq&cbuster=1636365990&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f436d7ccb58e150e6cabdc18fed5a45fe1d7835adc4a9e15399f84cdb9e41430

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 09:24:05 GMT
server
nginx
etag
W/"618103b5-78922"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 08 Nov 2022 10:06:30 GMT
liveVideo.php
live.primis.tech/live/ Frame 1808 		619 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&vp_content=plembed2011ghzmiptq&cbuster=1636365990&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f1d5caf941bfbe38302e7fff6b23973cef5e32304c2c72d85bc601b0e6acbf71

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
www-widgetapi.js
www.youtube.com/s/player/8eb5bf0c/www-widgetapi.vflset/ 		143 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8eb5bf0c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b64f85d8068989c158ba9a881e4b5f4971eb769a6ec9ae697f5a0728ba294fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 08:56:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47334
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 00:18:20 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 08:56:58 GMT
admin-ajax.php
win.gg/wp-admin/ 		22 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-admin/admin-ajax.php?action=ai_ajax&ip-data=ip-address-country-city&ai_check=47f7d417e1&ver=1636365991066-70613
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f1eec9308aa07093c74acf7f47b64d93a4890b49d6e7b042096470c45b6fdb0c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
x-ezoic-cdn
Bypass
x-cache
MISS, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
0, 0
x-middleton-response
200
content-length
26
x-served-by
cache-ams12777-AMS, cache-hhn4077-HHN
referrer-policy
strict-origin-when-cross-origin
pagespeed
off
response
200
server
nginx
x-timer
S1636365991.185866,VS0,VE138
x-frame-options
SAMEORIGIN
x-origin-cache-control
no-cache, must-revalidate, max-age=0
vary
Accept-Encoding, Accept-Encoding,Cookie,Origin
strict-transport-security
max-age=300
content-type
text/html; charset=UTF-8
via
1.1 varnish, 1.1 varnish
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
x-styx-req-id
8bc7e4f3-407b-11ec-b367-326ab8d9aa62
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-5c5fdf9c46-sxnb8
GVL
gvl.ezodn.com/gvlcache/ 		293 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gvl.ezodn.com/gvlcache/GVL?gvlSpecificationVersion=2&language=en&vb=114&cmpv=55
Requested by
Host: g.ezodn.com
URL: https://g.ezodn.com/cmp/v2/cmp.js?v=49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c10ad7ad72209b5d2ccd624383a0d28ae20b75ff07343c36989e4fd9c767fd1c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
gvlcache-hit
true
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnPKeiEGAkQBb6DZZ9Co0pqcAVdt%2BuzFCBD2X5wK8D8kmK3i%2F71U1O718a8XLAQ6u1AD67Ubs1gtvavQ0a1HqQfLJx4oBfCRCSn4Gyo%2Frs9fN1nPJ6P%2BZnXdRGigjOy1lR%2FhJ1bQhhNdly3z"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cf-ray
6aadfd354b5c3763-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
twitter.svg
platform-cdn.sharethis.com/img/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Nov 2021 05:11:20 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
449712
etag
"0af2fb38987598376c99e21af17ade45"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
731
x-amz-cf-id
0hUpIqtOVC5E4Qx9_xzYdzXAr-21b-kukU7Ykd51Ml0UdML23PfkpQ==
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 02 Nov 2021 13:05:51 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
507641
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
301
x-amz-cf-id
VSUmPHABnQLVQ7lPPZLCNWcWHvT4qVENlmZSd-oQkmJm2VTbYRfzqA==
messenger.svg
platform-cdn.sharethis.com/img/ 		372 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/messenger.svg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 02 Nov 2021 02:47:09 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
544762
etag
"a5aa43fa302867d3e888ac2f69b7b288"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
372
x-amz-cf-id
9uKQ0a08XwN0nshvJ9O36HoHc-__Sm24fD0V10mVDEPQeMvGbkz_Mw==
reddit.svg
platform-cdn.sharethis.com/img/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/reddit.svg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Nov 2021 21:48:25 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
389886
etag
"78d796ca648d8a5e665b48ed0217c56a"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
910
x-amz-cf-id
MNpvG5YWB3S8gn61x5CWUhGJptpzOKl2_HpVRUs0MECOTZud5a0Sdg==
email.svg
platform-cdn.sharethis.com/img/ 		343 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 17 Oct 2021 01:54:40 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
1930312
etag
"5977437466e857c7ddcadda6f6d88c2a"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
343
x-amz-cf-id
ZE3qBC7OyFdU9gLBogSzc1BSAiEV85SLKJmEZv-PKPOprnBzYEgpig==
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-598L2T6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
325
date
Mon, 08 Nov 2021 10:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 08 Nov 2021 12:01:06 GMT
js
www.googletagmanager.com/gtag/ 		160 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-916JLHZYLF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-598L2T6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c2f6bd59f146f7acd0fe197ad6d91734c9152fc9d085c12dffce65719e0aeab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60854
x-xss-protection
0
expires
Mon, 08 Nov 2021 10:06:31 GMT
Bootstrap.js
nexus.ensighten.com/choozle/15154/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/15154/Bootstrap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-598L2T6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2fb07bc2036b6b6338b8632cdb49566bb1a3fdaa471b628345de4459692362c8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 19:30:44 GMT
server
nginx
etag
W/"61390f64-7013"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
oribi.js
cdn.oribi.io/Xy0xODg1MDA0Nzk1/ 		108 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.oribi.io/Xy0xODg1MDA0Nzk1/oribi.js
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5c00:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
de8bcb64a320b1a2b1e4788b6aaaf8e4ac888a7eb62a66c5e214cc43ce0bb777

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:03 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
age
27
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=60
x-amz-cf-pop
FRA56-P2
content-encoding
gzip
x-amz-cf-id
WFM9p2uGZnEuitVjleM9oRFNg2GM44YTCVfBronmXwBpJkAqlmVICw==
x-application-context
application
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 1808 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
okBBdl4mniljyIhAB_yWlERThSsUPvbQ
content-encoding
gzip
etag
fc2e1be4d234471752ea2ebee7e63d1e
age
601
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1XXBTNNM50ARV51Q23SF
date
Mon, 08 Nov 2021 09:56:38 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
T9aW0-BIKflu_T3aPT9Kl-w1LjkPHnTnlTn4hIril1M49xQ7EWeMxA==
css
fonts.googleapis.com/ Frame 24D9 		2 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 08:53:42 GMT
server
ESF
date
Mon, 08 Nov 2021 10:06:31 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 08 Nov 2021 10:06:31 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 09:03:17 GMT
server
ESF
date
Mon, 08 Nov 2021 10:06:31 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 08 Nov 2021 10:06:31 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E908 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=156895
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Mon, 08 Nov 2021 10:06:31 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A3C0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=primis&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Nov 2021 10:06:31 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Date
Mon, 08 Nov 2021 10:06:31 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
liveCS.php
live.primis.tech/live/ Frame B8DF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=94&advUuid=8bfebafe-407b-11ec-b4f9-18a305860206
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=94&advUuid=8bfebafe-407b-11ec-b4f9-18a305860206
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

server
nginx
date
Mon, 08 Nov 2021 10:06:30 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 08 Nov 2021 10:06:31 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=94&advUuid=8bfebafe-407b-11ec-b4f9-18a305860206
X-fe
4
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
liveCS.php
live.primis.tech/live/ Frame DB45
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D98%2...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=98&advUuid=3420cf9a-0302-48a1-b694-8f178f043d36
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=98&advUuid=3420cf9a-0302-48a1-b694-8f178f043d36
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

server
nginx
date
Mon, 08 Nov 2021 10:06:31 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=98&advUuid=3420cf9a-0302-48a1-b694-8f178f043d36
date
Mon, 08 Nov 2021 10:06:31 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync.html
s.console.adtarget.com.tr/ Frame 4E74 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e9dfbbd7c3fd43b5b4ff6fb1979e70617ad33aba9dbd112333ae934704572ed9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

Server
VertaMedia 1.0
Date
Mon, 08 Nov 2021 10:06:31 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
851
Access-Control-Allow-Origin
https://win.gg
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 1808 		63 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwx5MDxyMxZ2nWRyo181ZwZuZwAjMWFuZTFvMwY0MmUlMDQ1JTJGqzyxNwE4ODM3NTNyNmyyZTA4MTQlMTY3Ml5gpDQzqzyxX2NioaRyoaRsnWQ9MTxmNmx1OSZ2nWRsY29hqGVhqF9xZXNwPUFaZW50KmE3K0NbYW1vZXIzqzyxX2NioaRyoaRsqGy0oGU9QWqyoaQeMTpeQ2uuoWJypvZ2nWRsY29hqGVhqF9xqXJuqGyiow05NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTY0NCZ5PTM2MvZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3nW4hZ2pyMxZhZXqmJTJGp3RlZWFgZXIgY29lnW5hYS1eo3BzLW1iqzVmLXRiLWZuY2Vvo29eLWquoWyhZl1uZaRypv1vYW4yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMTJEMmEmMTJEMmAmODVGMmEmMwqEN0I3MmMkMmQmODMjMmxmMwMkMmY3RDqCNDMmMTM2MmQ3RDqCNTM2NDMlNxM3NTRDNxQ2NDZFN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM3MmUmMDqEN0I1OTM0MmImNDqEN0I2NwMkN0Q3QwRDMmtmNTM1MmY3REZFRxUznXNBpHA9MCZaZW9MYXRcPTQ1LwQ3MwIzZ2ViTG9hZm05LwE5MwIzqXNypxyjQWRxpw05NS4kNmQhNwQhMwAmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY4OS4jLwQmODxhNmIeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwE4OGY2YTZyMTElZCZwYaVmqGVlPTE2MmYmNwU5OTEmNTQzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
bb57bb507f3b53ff7c9e095383e1a646c1bccde197e4291078e7d4bbc478b2c9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://win.gg
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
8147
liveView.php
live.primis.tech/live/ Frame 1808 		157 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwx5MDxyMxZ2nWRyo181ZwZuZwAjMWFuZTFvMwY0MmUlMDQ1JTJGqzyxNwE4ODM3NTNyNmyyZTA4MTQlMTY3Ml5gpDQzqzyxX2NioaRyoaRsnWQ9MTxmNmx1OSZ2nWRsY29hqGVhqF9xZXNwPUFaZW50KmE3K0NbYW1vZXIzqzyxX2NioaRyoaRsqGy0oGU9QWqyoaQeMTpeQ2uuoWJypvZ2nWRsY29hqGVhqF9xqXJuqGyiow05NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3nW4hZ2pyMxZhZXqmJTJGp3RlZWFgZXIgY29lnW5hYS1eo3BzLW1iqzVmLXRiLWZuY2Vvo29eLWquoWyhZl1uZaRypv1vYW4yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMTJEMmEmMTJEMmAmODVGMmEmMwqEN0I3MmMkMmQmODMjMmxmMwMkMmY3RDqCNDMmMTM2MmQ3RDqCNTM2NDMlNxM3NTRDNxQ2NDZFN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM3MmUmMDqEN0I1OTM0MmImNDqEN0I2NwMkN0Q3QwRDMmtmNTM1MmY3REZFRxUznXNBpHA9MCZaZW9MYXRcPTQ1LwQ3MwIzZ2ViTG9hZm05LwE5MwIzqXNypxyjQWRxpw05NS4kNmQhNwQhMwAmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY4OS4jLwQmODxhNmIeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwE4OGY2YTZyMTElZCZwYaVmqGVlPTE2MmYmNwU5OTEmNTUzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
db0de098a35d52631b5026fa7471bd0ab10eed17aa3d46d3466705a5a4101c36

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://win.gg
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
12332
liveView.php
live.primis.tech/live/ Frame 1808 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwx5MDxyMxZ2nWRyo181ZwZuZwAjMWFuZTFvMwY0MmUlMDQ1JTJGqzyxNwE4ODM3NTNyNmyyZTA4MTQlMTY3Ml5gpDQzqzyxX2NioaRyoaRsnWQ9MTxmNmx1OSZ2nWRsY29hqGVhqF9xZXNwPUFaZW50KmE3K0NbYW1vZXIzqzyxX2NioaRyoaRsqGy0oGU9QWqyoaQeMTpeQ2uuoWJypvZ2nWRsY29hqGVhqF9xqXJuqGyiow05NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTY0NCZ5PTM2MvZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3nW4hZ2pyMxZhZXqmJTJGp3RlZWFgZXIgY29lnW5hYS1eo3BzLW1iqzVmLXRiLWZuY2Vvo29eLWquoWyhZl1uZaRypv1vYW4yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMTJEMmEmMTJEMmAmODVGMmEmMwqEN0I3MmMkMmQmODMjMmxmMwMkMmY3RDqCNDMmMTM2MmQ3RDqCNTM2NDMlNxM3NTRDNxQ2NDZFN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM3MmUmMDqEN0I1OTM0MmImNDqEN0I2NwMkN0Q3QwRDMmtmNTM1MmY3REZFRxUznXNBpHA9MCZaZW9MYXRcPTQ1LwQ3MwIzZ2ViTG9hZm05LwE5MwIzqXNypxyjQWRxpw05NS4kNmQhNwQhMwAmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY4OS4jLwQmODxhNmIeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwE4OGY2YTZyMTElZCZwYaVmqGVlPTE2MmYmNwU5OTEmNTtzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
dedab5002e651eacc73e03b530c6387021f2b9d0a18e94647c37235fa8d6d009

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:30 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://win.gg
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3223
chunklist_480.m3u8
video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/ 		641 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
175c1838f8a29dc3943d08fc552c13a38d0dfcfa1809456f9f60a146c195399c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
641
last-modified
Sun, 07 Nov 2021 20:32:57 GMT
server
Tengine
etag
"65314d64da5e3c8ebd5c0fd36d973b6a"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
jmvWKF_qkr84Pj_dTpVbAp8lDPpMq7HjGF1j4gumNxij5WGkIZVvBw==
expires
Mon, 22 Nov 2021 10:06:31 GMT
vid61883753e79ee081421673_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/29909/video_5f6af001aae1b264352045/ Frame 24D9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673_thumb.jpg?cbuster=1636317329
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c9ba955bb5e749f1ffdf4d60245b2625b8c5bc2b71fbbf538335faeec3621fa9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified
Sun, 07 Nov 2021 20:35:30 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"94c128abe9498b45fc26c72d43336fa3"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 22 Nov 2021 10:06:31 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4700
x-amz-cf-id
mdWyKqySzAVd1fXyJVGtlaz8x8Vk10EcnkwRvey9ZUxh--JUf2fGlg==
x-proxy-cache
HIT
vid6186f0120342d875476376_thumb.jpg
video.primis.tech/uploads/cn18/video/users/converted/29909/video_5f6af001aae1b264352045/ Frame 24D9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn18/video/users/converted/29909/video_5f6af001aae1b264352045/vid6186f0120342d875476376_thumb.jpg?cbuster=1636236770
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
3b176aaa639598399777a9038810cc766df54fcba4e602fb826ce3335d4cf75b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 c8d2dd017ae345697950b9af4e41ff18.cloudfront.net (CloudFront)
last-modified
Sat, 06 Nov 2021 22:12:51 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"662dd4729a6eb4dc69937137f41c1078"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 22 Nov 2021 10:06:31 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3467
x-amz-cf-id
jmIEBNy-pXR2HGDKEZHL-IbL9Ft0TvpWv8PIlCtVYm4jvqepZJHzww==
x-proxy-cache
HIT
vid61858d0e5c3ba993858745_thumb.jpg
video.primis.tech/uploads/cn17/video/users/converted/29909/video_5f6af001aae1b264352045/ Frame 24D9 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn17/video/users/converted/29909/video_5f6af001aae1b264352045/vid61858d0e5c3ba993858745_thumb.jpg?cbuster=1636143918
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
bdb330c6f9f1437527c93b73cdcf04d786b8d802f4d40a4e321a681a0132580c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 20:25:19 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"734a1f05013c51476d67380bce1ac8c1"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 22 Nov 2021 10:06:31 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
5524
x-amz-cf-id
RObx89YJ6CGqf_ImAFlDVAiXvv7smvaSH0hmXKezk233YCETmWkUjg==
x-proxy-cache
HIT
vid61842fc5dc6b3810095258_thumb.jpg
video.primis.tech/uploads/cn16/video/users/converted/29909/video_5f6af001aae1b264352045/ Frame 24D9 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn16/video/users/converted/29909/video_5f6af001aae1b264352045/vid61842fc5dc6b3810095258_thumb.jpg?cbuster=1636058489
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
ba87da3ae2bef11156e0ca6440a0212bba1e6eeb051197095ad32c8be1fa061a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 d821b8789930abef3b648d54ffad08de.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 20:41:30 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"74393312bd4d9cb86de31f416c1b340f"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 22 Nov 2021 10:06:31 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
5287
x-amz-cf-id
Kkht3OtqFEHnsEEwaLSSutbl7410Q7NYQG7kAUl0XGXNtL-G5WZiXw==
x-proxy-cache
HIT
vid6182cd3b03a0d264832385_thumb.jpg
video.primis.tech/uploads/cn15/video/users/converted/29909/video_5f6af001aae1b264352045/ Frame 24D9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn15/video/users/converted/29909/video_5f6af001aae1b264352045/vid6182cd3b03a0d264832385_thumb.jpg?cbuster=1636017567
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
522b7e3ff459e82d26f3daa82b3f8c8ea0df6d4ff12c981e4dddeaf9c8a25421

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 a0fe1039294d0869a0a4148110d3c48d.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 09:19:28 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"76c63964b3e2a21cbaef1afaac426352"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 22 Nov 2021 10:06:31 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4191
x-amz-cf-id
jRornagJG8-qXUDKMKAmgXXDQiGAyIjW2x2Pq9GB3IDMymQiLz3dwA==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTYmNwM2NTx5MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA0NwY5JaN0YT0jJat9NmUjJax9NDI0JaZcZF9jYXNmRG9gYWyhPXqcov5aZlZmqWJJZD13nW4hZ2pzZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMkMxQmMTMkMxQmMDM4NUYmMTMlN0Q3QwpmMmEmNDM4MmAmOTMlMmEmNwqEN0I0MmMkMmYmNDqEN0I1MmY0MmI2Qmp1NEM2RDY0NxU3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmpmNTMjN0Q3QwU5MmQmMwM0N0Q3QwY2MmE3RDqCNEMmODM1MmUmNwqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw05NS4kNmQhNwQhMwAmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwt5LwAhNDM4OS43MvUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwE4OGY2YTZyMTElZCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM2MmY1OTxkMmQ2JaVcZD1TZWgcozRiU1BfYXyypwYkODuzNzE3MTFyMGUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq2yhLzqaJTJGozV3plUlRaN0pzVuoWVlLWNipzyhozEgn29jZv1go3Zypl10ol1zYWNyYz9inl1aYW1cozpgYWZ0ZXIgYzFhJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 1808 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=6188f6a6e112d&custom_data=6188f6a6e112d;live.primis.tech&gdpr=1&gdpr_consent=
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.176.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-176-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 10:06:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 1808
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=93&advUuid=0c639996-a96e-4a94-93d6-bbd869a8bf81
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=93&advUuid=0c639996-a96e-4a94-93d6-bbd869a8bf81
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=93&advUuid=0c639996-a96e-4a94-93d6-bbd869a8bf81
date
Mon, 08 Nov 2021 10:06:31 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 1808
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=99&advUuid=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=99&advUuid=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=99&advUuid=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 08 Nov 2021 10:06:31 GMT
liveCS.php
live.primis.tech/live/ Frame 1808
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D6188f6a6e112d%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=105&advUuid=4042676779816353614
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=105&advUuid=4042676779816353614
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:31 GMT
X-Proxy-Origin
95.174.64.203; 95.174.64.203; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
46e6e47e-ba3d-4528-a73d-77daaf4bbd60
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6188f6a6e112d&pixel=&advId=105&advUuid=4042676779816353614
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid61883753e79ee081421673.jpg
video.primis.tech/uploads/cn19/video/users/converted/29909/video_5f6af001aae1b264352045/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.jpg?cbuster=1636317329
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
968fbcdac55faf8697d9c4ceec7040836f549f345701d44194bc45cd7971ae8a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 43228f633da333c6de62c0c5b2122cf0.cloudfront.net (CloudFront)
last-modified
Sun, 07 Nov 2021 20:35:29 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"8429fcbb86b5c230de91b95afac36bf1"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 22 Nov 2021 10:06:31 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
37899
x-amz-cf-id
CNqaZdXQTKL16puPFIZr-GlxiWVviuaUqy6FPm_2ws2HzmJMw9uZdA==
x-proxy-cache
HIT
app.js
win.gg/wp-content/themes/win/js/ 		2 KB
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.gg/wp-content/themes/win/js/app.js?ver=1.0.4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
935b2f1cdbf1af0439e86ecbd0ca09a2b3a91807ae651cf3f840f9237a45a667
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
etag
W/"6181d842-718-gzip"
age
3141
x-ezoic-cdn
Hit ds;mm;bb0c8de94a1d9c208ce349ffedb8e213;2-255604-79;1054988a-937c-485b-7755-35ca669b99ef
x-cache
HIT, MISS
x-middleton-display
staticcontent_sol, staticcontent_sol
x-cache-hits
1, 0
x-middleton-response
200
vary
Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length
411
x-served-by
cache-ams12720-AMS, cache-fra19182-FRA
response
200
last-modified
Wed, 03 Nov 2021 00:30:58 GMT
server
nginx
x-timer
S1635902801.230836,VS0,VE9
x-origin-cache-control
max-age=31622400
strict-transport-security
max-age=300
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
x-styx-req-id
c8ae7e97-3c3d-11ec-9429-8e31b195775f
display
staticcontent_sol, staticcontent_sol
x-pantheon-styx-hostname
styx-fe3fe4-c-7885c47964-4d42s
CSGOFast-banner-300x250-1.jpg
cdn-images.win.gg/wp/uploads/2021/09/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/wp/uploads/2021/09/CSGOFast-banner-300x250-1.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:12:b1b7:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8293bdedd66b50dcaf53d569261107d3eb3c9b18caa18cbe3479b6f037d233c8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Mon, 20 Sep 2021 14:46:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"e18db40c9928399f18d687264ed67297"
vary
Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
content-length
28979
x-amz-cf-id
AQxPO0nRiELsJamcQh0_pcOMpq3d3UsE6pTy0yDqAQ_OfOuZ9dJqRQ==
light.png
cdn-images.win.gg/wp/uploads/2021/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/wp/uploads/2021/10/light.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ea00:12:b1b7:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e0e2fbaa7a89c64df6b30953123d55b39e38cb0933d59425ecb11c9989d477b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Fri, 08 Oct 2021 15:56:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"7d33bf45dbe240bfc75db6ba977aba38"
vary
Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
content-length
5857
x-amz-cf-id
tDdGZ7sjdA_c0_FOupeGCSCR_2_SBboWBdwQA-_VfO3Vx9Bc9q9J_A==
t4632611d266e1deca672586792.png
cdn.gin.bet/team/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gin.bet/team/t4632611d266e1deca672586792.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:27b:71f4:967e:7b66:dbda:fbaf , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c043de6ee3f28405d8054af02cd419a5cde55106cd98a5b60d28c757bddc09cb

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Aug 2021 15:25:34 GMT
server
cloudflare
age
384811
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6aadfd37df2e3743-MXP
t4643611d267205c76955302018.png
cdn.gin.bet/team/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gin.bet/team/t4643611d267205c76955302018.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:27b:71f4:967e:7b66:dbda:fbaf , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc6709fc570b771f4ad0a4318851017a99c7a2688a77cde314f5a9efa380cb0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Aug 2021 15:25:38 GMT
server
cloudflare
age
346191
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6aadfd37df323743-MXP
t71646124685e36ee2504799327.png
cdn.gin.bet/team/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gin.bet/team/t71646124685e36ee2504799327.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:27b:71f4:967e:7b66:dbda:fbaf , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fb55f3efed19c359ae87c711b7d7f0280948220e76f2209a3f8032c8476ea6

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Aug 2021 03:32:46 GMT
server
cloudflare
age
829382
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6aadfd37df343743-MXP
t24963611d250e85246924121402.png
cdn.gin.bet/team/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gin.bet/team/t24963611d250e85246924121402.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:27b:71f4:967e:7b66:dbda:fbaf , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b2fadd231227b89a6be9c018ff4e45be4209586784653504d27530f9fd8397

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Aug 2021 15:19:42 GMT
server
cloudflare
age
829382
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6aadfd37df293743-MXP
t462961552fab2965e779724133.png
cdn.gin.bet/team/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gin.bet/team/t462961552fab2965e779724133.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:27b:71f4:967e:7b66:dbda:fbaf , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
083a5f6f7ae231895dbddf5f9049032ecab4af6afe64f70b552d6faa0ddfedbd

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 03:31:55 GMT
server
cloudflare
age
113248
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6aadfd37df363743-MXP
vitality_nologo5da021df21ad8903349046.png
cdn.gin.bet/team/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gin.bet/team/vitality_nologo5da021df21ad8903349046.png
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:27b:71f4:967e:7b66:dbda:fbaf , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
996f4ac1a650150f7e44b893de304fcfe5c9b1bb7fb146b749610fee94285c68

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
cf-cache-status
HIT
last-modified
Fri, 11 Oct 2019 06:31:59 GMT
server
cloudflare
age
758806
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6aadfd37df353743-MXP
GVL
gvl.ezodn.com/gvlcache/ 		31 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gvl.ezodn.com/gvlcache/GVL?gvlSpecificationVersion=2&language=it&vb=114&cmpv=55
Requested by
Host: g.ezodn.com
URL: https://g.ezodn.com/cmp/v2/cmp.js?v=49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24302a009863150046e73b021927c5b2840c4ffbbfbfd3fe05f4cbf42b19fcc0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
gvlcache-hit
true
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QB%2BBtx2cKxH2p9na5C3%2BXi1gYY7e3k31TUZUBv4Hnhnr56qQzcFcgkrDE%2BgUNFkHJjMGhuJSr0%2FtW2bE4B6O%2FDYsce46W53if73ecdxoqoIkqL9MnRmPiUihExuVkSpRF9PqL2neYMUnbBXD"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cf-ray
6aadfd396d223763-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://win.gg
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:01 GMT
x-content-type-options
nosniff
age
534870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Nov 2022 05:32:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 24D9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://win.gg
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:01 GMT
x-content-type-options
nosniff
age
534870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Nov 2022 05:32:01 GMT
171621
search.spotxchange.com/openrtb/2.3/dados/ Frame 1808 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/171621?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 08 Nov 2021 10:06:32 GMT
X-SpotX-Timing-Transform
0.000419
X-SpotX-Timing-SpotMarket
0.087876
X-SpotX-Timing-Page-Mux
0.000403
X-SpotX-Timing-Page-Require
0.000531
X-fe
061
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000047
X-SpotX-Timing-Page
0.097082
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.001429
Last-Modified
Mon, 08 Nov 2021 10:06:32 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.025826
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://win.gg
X-SpotX-Timing-Page-Misc
0.006360
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.062050
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
liveInternalSsp.php
live.primis.tech/live/ Frame 1808 		2 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22ver%22%3A%22ver_1.5%22%2C%22minBid%22%3A0%2C%22buzzer%22%3A%7B%22count%22%3A0%2C%22titleLen%22%3A100%2C%22w%22%3A200%2C%22h%22%3A160%7D%2C%22width%22%3A644%2C%22height%22%3A362%2C%22spaceId%22%3A%2258057%22%2C%22spaceType%22%3A%22vast%22%2C%22videoPlacementType%22%3A1%2C%22ip%22%3A%2295.174.64.203%22%2C%22geoId%22%3A164%2C%22alpha2Geo%22%3A%22IT%22%2C%22devicetype%22%3A2%2C%22txtDevicetype%22%3A%22desktop%22%2C%22browser%22%3A%22chrome%22%2C%22os%22%3A%22Windows%22%2C%22txtOs%22%3A%22windows%22%2C%22deviceModel%22%3A%22%22%2C%22osVersion%22%3A%2210.0%22%2C%22deviceManufacturer%22%3A%22%22%2C%22deviceCodeName%22%3A%22%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22lat%22%3A%2245.4722%22%2C%22lon%22%3A%229.1922%22%2C%22appName%22%3A%22%22%2C%22appId%22%3A%22%22%2C%22isApp%22%3A0%2C%22appBundleId%22%3A%22https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F%22%2C%22appStoreUrl%22%3A%22%22%2C%22appPrivacyPolicy%22%3A%22%22%2C%22appIsPaid%22%3A%22%22%2C%22appDeveloper%22%3A%22%22%2C%22ifa%22%3A%22%22%2C%22ifv%22%3A%22%22%2C%22atts%22%3A%22%22%2C%22appVersion%22%3A%22%22%2C%22referrer%22%3A%22https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F%22%2C%22gdpr%22%3A1%2C%22gdprConsent%22%3A%22%22%2C%22isWePassGdpr%22%3A%220%22%2C%22ccpa%22%3A0%2C%22ccpaConsent%22%3A%22%22%2C%22domain%22%3A%22win.gg%22%2C%22website%22%3A%22www.sekindo.com%22%2C%22secure%22%3A1%2C%22geoSource%22%3A%22IP%22%2C%22coppa%22%3A0%2C%22uuid%22%3A%226188f6a6e112d%22%2C%22blockBrands%22%3A%5B%5D%2C%22extUserIds%22%3A%5B%5D%2C%22mraidAllowed%22%3A0%2C%22debugInformation%22%3A%22%22%2C%22siteId%22%3A104669%2C%22publisherId%22%3A29909%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2229909%22%2C%22hp%22%3A1%7D%5D%7D%2C%22region%22%3A%22EU%22%2C%22campaigns%22%3A%7B%2269811%22%3A%7B%22tracker%22%3A%22campaignFreqCap%3D0%252F0%26campaignId%3D69811%26space2AdId%3D13913619%22%2C%22prebidNsspIndex%22%3A0%2C%22space2AdId%22%3A%2213913619%22%2C%22deal%22%3A%7B%22isRtbDeal%22%3A0%2C%22rtbDealId%22%3A%22%22%2C%22rtbSeatId%22%3A%22%22%7D%2C%22rtbWSeat%22%3A%22%22%2C%22campaignId%22%3A69811%2C%22campaignScope%22%3A%22public%22%2C%22buyerUid%22%3A%22%22%2C%22adUserId%22%3A29378%2C%22bcat%22%3A%22%22%2C%22bidfloor%22%3A1.3%2C%22ext%22%3A%7B%22partner%22%3A%2293%22%2C%22revShare%22%3A%220.92%22%2C%22endpointPrefix%22%3A%22primis%22%7D%2C%22referenceId%22%3A7%7D%7D%2C%22pagecat%22%3A%5B%22IAB9-30%22%5D%2C%22placementCat%22%3A%5B%22IAB9-30%22%5D%2C%22contentcat%22%3A%5B%22IAB9-30%22%5D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://win.gg
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 1808 		67 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1636365991683&pKey=-1355820317&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwin.gg%2F&playerSize=644x362&schain=1.0,1!primis.tech,29909,1,,,
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://win.gg
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1636365991839065-381
Expires
Mon, 08 Nov 2021 10:06:32 GMT
avjp
primis-d.openx.net/v/1.0/ Frame 1808 		106 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4527f85e-9a98-4a3e-9df2-bee26b9025d0&nocache=1636365991685&gdpr_consent=&gdpr=1&schain=1.0,1!primis.tech,29909,1,,,&skip=1&auid=540289187&vwd=644&vht=362&aumfs=1300
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://win.gg
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 1808 		173 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.203.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-203-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b10e0ededb19771ff59098d6ea2c5eada343987160936bf1445ec3549ea63201

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
openrtb
ads.adaptv.advertising.com/rtb/ Frame 1808 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.168.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-168-197.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win.gg
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ Frame 1808 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win.gg
date
Mon, 08 Nov 2021 10:06:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwM2MmY1OTxkJaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTAkMwx4MDxzrD02NDQzrT0mNwIzoXN0YT0kNDtjOTIkNvZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXqcov5aZlZmqWJJZD13nW4hZ2pzZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTx1LwE3NC42NC4lMDMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGODxhMC40Mmt5LwplJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MTt4ZwZuNzUkMTJxJaJ2ow0xr1ZQX1JWTy9NQUNST30zYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmNwM2NTx5MTY2MvZ1nWQ9U2VenW5xo1NQoGF5ZXI2MTt4ZwZuNmEkZTByJaB1YyVloD1bqHRjplUmQSUlRvUlRaqcov5aZlUlRz5yq3MyMxZmqHJyYW1ypv1wo3Jcoz5uLWgipGYgoW92ZXMgqG8gZzFwZWJio2fgZ2FgnW5aLWFzqGVlLWJuovUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
w_480_00000.ts
video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/ 		455 KB
455 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
3e8c7c4773e3e97ad0d9aaf4ab471c5f065f9e9e3f079e3aecb40ad4f10fa693

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
465488
last-modified
Sun, 07 Nov 2021 20:32:58 GMT
server
Tengine
etag
"4e5fa6416388b9ae3ebd50fe3dcde69c"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
-Iac3SjVb02dFmlKNX0ecXYNXrkOHp8x3gPPb57FOhIjOO901FzPSg==
expires
Mon, 22 Nov 2021 10:06:31 GMT
collect
www.google-analytics.com/j/ 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=903232161&t=pageview&_s=1&dl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&ul=en-us&de=UTF-8&dt=Streamer%20Corinna%20Kopf%20moves%20to%20Facebook%20Gaming%20after%20ban%20-%20WIN.gg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=1714324648&gjid=373215371&cid=1861230327.1636365992&tid=UA-125662552-1&_gid=199282214.1636365992&_r=1&gtm=2wgb31598L2T6&cg1=&cg2=article&cd1=article&cd2=&cd9=Olivia%20Richman&cd11=5086&cd12=&z=1017826894
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-T8SWN4K&t=gtm5&cid=1861230327.1636365992
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b774efff8ebd5dcfed96617d230391466c61abbb0f03ae3ffec0843c790bf818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35239
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Nov 2021 10:06:31 GMT
event
gw.oribi.io/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.oribi.io/event
Requested by
Host: cdn.oribi.io
URL: https://cdn.oribi.io/Xy0xODg1MDA0Nzk1/oribi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.242.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-242-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://win.gg
date
Mon, 08 Nov 2021 10:06:32 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
x-application-context
application
content-type
text/plain
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1808 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
31321
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Mon, 08 Nov 2021 01:24:31 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Ke_n7aY7vslYIRJLBD0Fi3M_iBZ3NBVaMgWJxSvSdel_sL-uA3ZuuA==
e3bd4fab-6960-4744-b13d-1a758819ef8f
https://win.gg/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://win.gg/e3bd4fab-6960-4744-b13d-1a758819ef8f
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
usync.js
eus.rubiconproject.com/ Frame A3C0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 10:06:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83056
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9506
Expires
Tue, 09 Nov 2021 09:10:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E908 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93364885&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6188f6a6e112d%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-length
0
user
cdn.admatic.com.tr/ Frame 0E11 		251 B
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
IT
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
c0978be3ff4afa60c29c8db6dd85c30c
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 865B 		0
0
csync
sync.console.adtarget.com.tr/ Frame 8DDE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=T7I3qopZXNMZaRulIbuY&pi=admatic&tc=1
0
0
/
ads.us.e-planning.net/uspd/1/ Frame 2177
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b5b87f36ebb4e2f450a07992b822efd29a80d21c23d179bbbb442710f9d2faf8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Mon, 08 Nov 2021 10:06:32 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Mon, 08 Nov 2021 10:06:32 GMT
x-sid
AMS-738
content-encoding
gzip

Redirect headers

server
openresty
date
Mon, 08 Nov 2021 10:06:32 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-738
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6EFA 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=156895
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Mon, 08 Nov 2021 10:06:31 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 28A4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:aa00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Wed, 03 Nov 2021 12:30:58 GMT
x-amz-version-id
QdHVeJNZx0vktkBJzc6umsZhQi6jSn18
server
AmazonS3
content-encoding
br
date
Mon, 08 Nov 2021 08:31:02 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
cl6X8h1gTRVN9VWsZ4iFO3szw_Emm6db_6me-5ObhooAs8jiD2idcw==
age
5731
cookie
cm.adform.net/ Frame AECB 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Mon, 08 Nov 2021 10:06:32 GMT
content-type
image/gif
content-length
43
csync
sync.console.adtarget.com.tr/ Frame 4E74 		0
0
serverComponent.php
nexus.ensighten.com/choozle/15154/ 		401 B
543 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/15154/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/15154/code/&publishedOn=Wed%20Sep%2008%2019:30:43%20GMT%202021&ClientID=923&PageID=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15154/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d1288e3df38ebd0e8a3ca04b6e8ddea2c46bfa3580de1825d815ccc9350f46bd

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
401
expires
Mon, 08 Nov 2021 10:06:30 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-125662552-1&cid=1861230327.1636365992&jid=1714324648&gjid=373215371&_gid=199282214.1636365992&_u=YEBAAEACQAAAAC~&z=393359055
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Nov 2021 10:06:32 GMT
content-type
text/plain
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pview
l.sharethis.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=win.gg&location=%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&product=unknown&url=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=Streamer%20Corinna%20Kopf%20moves%20to%20Facebook%20Gaming%20after%20ban%20-%20WIN.gg&cms=unknown&publisher=60fa285f7c9b910013246b5d&sop=true&version=st_sop.js&lang=en&description=Twitch%20is%20losing%20more%20big%20names.%20-%20December%2028%2C%202019%20-%20WIN.gg
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 10:06:32 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://win.gg
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
023efb217eee1cbb71f657f0ff77d993.js
nexus.ensighten.com/choozle/15154/code/ 		1 KB
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/15154/code/023efb217eee1cbb71f657f0ff77d993.js?conditionId0=4912064&conditionId1=4912065
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15154/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96ae6a03a75db67d90cdae793dabdb904860f79f05feeaea10a4e09428719763

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 19:14:38 GMT
server
nginx
etag
W/"61390b9e-5cc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
7e3bcccbe9be6061a65a6eb142929580.js
nexus.ensighten.com/choozle/15154/code/ 		2 KB
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/15154/code/7e3bcccbe9be6061a65a6eb142929580.js?conditionId0=421905
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15154/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 19:09:28 GMT
server
nginx
etag
W/"61390a68-746"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
bundle.js
cdn.admatic.com.tr/user/ Frame 0E11 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
87de8b735eef342e4dfc14d0711f3ac2
cdn-requestcountrycode
IT
cdn-status
200
cdn-requestpullsuccess
True
uu
ih.adscale.de/ Frame 28A4
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1636365992
  • https://ih.adscale.de/uu?cbfn=receive&t=1636365992&nut&uu=14692ee794ae454db80a9aefd2c4851c
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1636365992&nut&uu=14692ee794ae454db80a9aefd2c4851c
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
41c802a7decfb590e463570a4394929934d1a62a96f4926718aa67d733065338

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1636365992&nut&uu=14692ee794ae454db80a9aefd2c4851c
date
Mon, 08 Nov 2021 10:06:32 GMT
content-length
0
362358.gif
idsync.rlcdn.com/
Redirect Chain
  • https://cs.choozle.com/dp/chz/24899?d=win.gg&cb=1398468924
  • https://cs.choozle.com/sync
  • https://cs.choozle.com/sync?v=true&cid=2bbe5443-4972-4005-b45c-da039721ab3f
  • https://tags.bluekai.com/site/48443?id=2bbe5443-4972-4005-b45c-da039721ab3f&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3D2bbe5443-4972-4005-b45c-da039...
  • https://cs.choozle.com/sync?pid=$_BK_UUID&dpsync=bk&cid=2bbe5443-4972-4005-b45c-da039721ab3f
  • https://match.adsrvr.org/track/cmf/generic?ttd_puid=2bbe5443-4972-4005-b45c-da039721ab3f&ttd_pid=gdmv7qs&ttd_tpi=1
  • https://cs.choozle.com/sync?pid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&dpsync=ttd&cid=2bbe5443-4972-4005-b45c-da039721ab3f
  • https://idsync.rlcdn.com/459489.gif?partner_uid=2bbe5443-4972-4005-b45c-da039721ab3f
  • https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJDJiYmU1NDQzLTQ5NzItNDAwNS1iNDVjLWRhMDM5NzIxYWIzZhAAGg0Iqe2jjAYSBQjoBxAAQgBKAA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBVaKliB0DMUeHrqZPiQxvA&google_cver=1
42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBVaKliB0DMUeHrqZPiQxvA&google_cver=1
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 10:06:33 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBVaKliB0DMUeHrqZPiQxvA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_480_00001.ts
video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/ 		483 KB
484 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
15770468a1704759435695a14f23c4fa7ec3059b1cbd2dd85faf4db3a2eda98b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 d821b8789930abef3b648d54ffad08de.cloudfront.net (CloudFront)
x-amz-cf-pop
OTP50-C1
content-length
494252
last-modified
Sun, 07 Nov 2021 20:32:58 GMT
server
Tengine
etag
"549c648b64ff7d0ff15bd95a15b242c5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
xCCqlWZK28LCQA7_wqD4VRAft9E8tK32o5IIr3EAQ0emDULjlduSqA==
expires
Mon, 22 Nov 2021 10:06:32 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-125662552-1&cid=1861230327.1636365992&jid=1714324648&_u=YEBAAEACQAAAAC~&z=3360515
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-125662552-1&cid=1861230327.1636365992&jid=1714324648&_u=YEBAAEACQAAAAC~&z=3360515
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams02.e-planning.net/ Frame 2177
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D0cdfb49c9c52beb7
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=0cdfb49c9c52beb7
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=0cdfb49c9c52beb7
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=0cdfb49c9c52beb7
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame 2177
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2787065878
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2787065878
  • https://sync.1rx.io/usersync/tradedesk/65dbf2bb-416e-4d90-8b8c-67dd8394c17e
  • https://sync.targeting.unrulymedia.com/csync/RX-e990eff5-c288-4dde-833c-4396eac3ef46-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-e990eff5-c288-4dde-833c-4396eac3ef46-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003&dc=1079cc634ca638f8&iss=1
date
Mon, 08 Nov 2021 10:06:32 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe990eff5c2884dde833c4396eac3ef46003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 2177 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 07 Nov 2026 10:06:31 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 2177 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 07 Nov 2026 10:06:31 GMT
um
u-ams02.e-planning.net/ Frame 2177
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D0cdfb49c9c52beb7%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=0cdfb49c9c52beb7&uid=fa5ba6e5-f6db-43bb-997d-d921e217bcae
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=0cdfb49c9c52beb7&uid=fa5ba6e5-f6db-43bb-997d-d921e217bcae
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:31 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=0cdfb49c9c52beb7&uid=fa5ba6e5-f6db-43bb-997d-d921e217bcae
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
12lk0o2apl84m3s7tlujl2gutgh3c7bs
ptag
a.audrte.com/ Frame 2177 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.83.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-83-177.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
fe1d9d6a59ca420393fe9918c207d04a09e28bb98976edbc58e1a179b0abc405

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 10:06:32 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 2177 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 07 Nov 2026 10:06:31 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 2177 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D0cdfb49c9c52beb7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 2177
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D0cdfb49c9c52beb7
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 08 Nov 2021 10:06:32 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 2177
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0cdfb49c9c52beb7%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0cdfb49c9c52beb7&uid=4042676779816353614
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0cdfb49c9c52beb7&uid=4042676779816353614
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
X-Proxy-Origin
95.174.64.203; 95.174.64.203; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0ecdef28-bf03-4f61-ba89-bc0ed0238aee
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0cdfb49c9c52beb7&uid=4042676779816353614
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 2177 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D0cdfb49c9c52beb7%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 2177
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-nN3BkcNE2uFPHE2jViKpXYr7RFCtyCWpmMzLavg-~A
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-nN3BkcNE2uFPHE2jViKpXYr7RFCtyCWpmMzLavg-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-nN3BkcNE2uFPHE2jViKpXYr7RFCtyCWpmMzLavg-~A
date
Mon, 08 Nov 2021 10:06:32 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
eplanning
cs.admanmedia.com/sync/ Frame 2177 		0
0
usync.html
eus.rubiconproject.com/ Frame 44C1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Nov 2021 10:06:32 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Mon, 08 Nov 2021 10:06:32 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A3D3 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0cdfb49c9c52beb7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=156894
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Mon, 08 Nov 2021 10:06:32 GMT
vary
Accept-Encoding
collect
analytics.google.com/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-916JLHZYLF&gtm=2oeb31&_p=903232161&sr=1600x1200&_gaz=1&ul=en-us&cid=1861230327.1636365992&_s=1&dl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&dt=Streamer%20Corinna%20Kopf%20moves%20to%20Facebook%20Gaming%20after%20ban%20-%20WIN.gg&sid=1636365992&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.game=&ep.author=Olivia%20Richman&ep.content_type=article&ep.tag=&epn.item_id=5086
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-916JLHZYLF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-916JLHZYLF&cid=1861230327.1636365992&gtm=2oeb31&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-916JLHZYLF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-916JLHZYLF&cid=1861230327.1636365992&gtm=2oeb31&aip=1&z=741743392
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 44C1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 10:06:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83055
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9506
Expires
Tue, 09 Nov 2021 09:10:47 GMT
user
ads3.admatic.com.tr/ Frame 0E11 		75 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.228 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-228-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
115ccd207fe3b7633eaa48b7a44f27c163274f2d35d20368a00a40b83d8afbf1

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
79
w_480_00002.ts
video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/ 		516 KB
517 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
34d421a3b0ead306cef4a445313ca5809756632f7c4ac677ec066ba05be73ec1

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
528468
last-modified
Sun, 07 Nov 2021 20:32:58 GMT
server
Tengine
etag
"1a01bd596b96e50bef1040b8e489a4e5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
wG7K9kb7CtClvak5I0YePReHnaOKCXE-QNeSX_sDLWKe9RrWe4k5uw==
expires
Mon, 22 Nov 2021 10:06:32 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1808 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125171
x-xss-protection
0
expires
Mon, 08 Nov 2021 10:06:32 GMT
userconnect.js
js.adscale.de/ Frame 28A4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:aa00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_MrzQtF9UBvoAFyvgr_X89zr3JHNDNtA
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 12:30:58 GMT
server
AmazonS3
age
5731
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 08 Nov 2021 08:31:02 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
QEeUbeISq9ZBaB3CklDcLBHw0Y6RDHmC9EHjYh-Za4MhMCGSAL4Zsw==
csync
sync.console.adtarget.com.tr/ Frame 28A4 		0
0
userconnect
ih.adscale.de/ Frame 28A4 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1636365992195&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-length
149
content-type
application/javascript
usermatch
ssum.casalemedia.com/ Frame B532 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1f5cb32b860bc09952a7c7257d834997bee174de54db56534af69b13dfa52466

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|230|39|46|152|221|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1662
Expires
Mon, 08 Nov 2021 10:06:32 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 53AD 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 381E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd990a08c039a9d1388b8e182fa25280b71d0ebfe98f21ff93116cf0de7469d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6aadfd3c08e63747-MXP
content-encoding
br
map
ih.adscale.de/ Frame 0C86 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6d975e40ad1e951d9d2a87cdc5a82e9be3fe0cf8ac40ebf75d8ebe851957b831

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2702
w_480_00003.ts
video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/ 		474 KB
475 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
ece688f60b3b488b21f3aa30a0a0f7178e6da09b5f67ff98200b09dc69f93e42

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 f813184316cc9264bb50439c82a80f89.cloudfront.net (CloudFront)
x-amz-cf-pop
OTP50-C1
content-length
485040
last-modified
Sun, 07 Nov 2021 20:32:58 GMT
server
Tengine
etag
"65ae3f83eabe04ea3e8c1702e5a61fa3"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
94LWZskXZw5E1V1bEk0mFPlM9x-AxHQUhLXywL_VLq5rn6oGMk9s4g==
expires
Mon, 22 Nov 2021 10:06:32 GMT
iframe
d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/ Frame B78A
Redirect Chain
  • https://insight.adsrvr.org/tags/2tetedh/g27akpq/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/iframe
138 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15154/code/023efb217eee1cbb71f657f0ff77d993.js?conditionId0=4912064&conditionId1=4912065
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.97.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-29.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b98d73c9da43ab088e858bcfadfa96208819a10c743b730ccf229e427655cd82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

Content-Type
text/html
Content-Length
138
Connection
keep-alive
Last-Modified
Fri, 01 Oct 2021 23:46:10 GMT
x-amz-server-side-encryption
AES256
Accept-Ranges
bytes
Server
AmazonS3
Date
Mon, 08 Nov 2021 07:19:47 GMT
Cache-Control
max-age=86400
ETag
"8c0625cd3448e60af6c1f4784d6f3573"
X-Cache
Hit from cloudfront
Via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
H6m4kjQpp1OxfWYQjDqpVzEDAXMNs1NspSJ0Ug_eIATKjMSGb7nDRg==
Age
10006

Redirect headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-type
text/html; charset=UTF-8
content-length
183
location
https://d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
match.js
js.adscale.de/ Frame 0C86 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:aa00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
trc55p8MIfgti2EifEco1Vi7JFS12hcu
content-encoding
br
last-modified
Wed, 03 Nov 2021 12:30:58 GMT
server
AmazonS3
age
5731
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 08 Nov 2021 08:31:02 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
bS5iCE18B-g1rfi5EkBExx0cqpT4BHw5XYbGOF24T6VIUI595TlO1g==
img
ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/ Frame 0C86
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=14692ee794ae454db80a9aefd2c4851c&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=101&tpuid=BBID-01-03110799924967396-16441020
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=101&tpuid=BBID-01-03110799924967396-16441020
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=101&tpuid=BBID-01-03110799924967396-16441020
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
getuid
ib.adnxs.com/ Frame 381E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-5...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENEnaIAnYTOYSz7CNxkhGsk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESENEnaIAnYTOYSz7CNxkhGsk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3dcd443747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESENEnaIAnYTOYSz7CNxkhGsk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=a81aa0f6-f3df-461d-8636-fa96b127eef8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a81aa0f6-f3df-461d-8636-fa96b127eef8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3d5c403747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=a81aa0f6-f3df-461d-8636-fa96b127eef8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 381E 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D3...
  • https://mwzeom.zeotap.com/mw?cid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3d2be03747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 381E 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
82
date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1636365992.457141,VS0,VE82
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6952-MXP
u
dmp.v.fwmrm.net/ad/ Frame 381E 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:2::48 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 381E 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1edb-ee9b-4f69-5e3f-fb812d6fc600%26reqId%3D36d5e4c4-b84c-4c41-55b1-1113aac92118%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=83756945867946239262221256354680191683&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=83756945867946239262221256354680191683&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3e7f533747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v019-0a95db146.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Qn/6Yli7QVc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=83756945867946239262221256354680191683&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
  • https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&xl8b...
  • https://mwzeom.zeotap.com/mw?cid=b83fe167d6429c5af02432314e23e2b6&zpartnerid=7&zdid=1361&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&w_k=&user_zi=&gdpr=&gdpr_consent=&optin=&uc=&z_p=&zem1=&zem2=&zem...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b83fe167d6429c5af02432314e23e2b6&zpartnerid=7&zdid=1361&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&w_k=&user_zi=&gdpr=&gdpr_consent=&optin=&uc=&z_p=&zem1=&zem2=&zem3=&zem4=&zem5=&zem6=&zph1=&zph2=&zph3=&zph4=&zph5=&zph6=&z_e_sha2_l=&z_e_sha2_u=&z_p_sha2_w=&z_p_sha2_wo=&email_hash=&zcluid=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3e4ec63747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://mwzeom.zeotap.com/mw?cid=b83fe167d6429c5af02432314e23e2b6&zpartnerid=7&zdid=1361&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&w_k=&user_zi=&gdpr=&gdpr_consent=&optin=&uc=&z_p=&zem1=&zem2=&zem3=&zem4=&zem5=&zem6=&zph1=&zph2=&zph3=&zph4=&zph5=&zph6=&z_e_sha2_l=&z_e_sha2_u=&z_p_sha2_w=&z_p_sha2_wo=&email_hash=&zcluid=
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021110811-90924-0.237053001636365994-4931c8663203ede6175e78b15e32767f&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021110811-90924-0.237053001636365994-4931c8663203ede6175e78b15e32767f&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3d2be43747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021110811-90924-0.237053001636365994-4931c8663203ede6175e78b15e32767f&zdid=533&env=mWeb
Date
Mon, 08 Nov 2021 10:06:34 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
check
pixel.tapad.com/idsync/ex/receive/ Frame 381E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600
date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=LmSD5JVcYe.XPEonxlo8qe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=LmSD5JVcYe.XPEonxlo8qe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3d7c863747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
last-modified
Mon, 08 Nov 2021 10:06:32 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=LmSD5JVcYe.XPEonxlo8qe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=30e9159f098efecee40bf413dcbb9908&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b8...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=30e9159f098efecee40bf413dcbb9908&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3ed86a3747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=30e9159f098efecee40bf413dcbb9908&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
cache-control
no-cache
x-server
10.45.20.14
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-bARRCrVE2op2W4LsP4G1QbmzbYZqp_0DEA--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-bARRCrVE2op2W4LsP4G1QbmzbYZqp_0DEA--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3e6f243747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 08 Nov 2021 10:06:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-bARRCrVE2op2W4LsP4G1QbmzbYZqp_0DEA--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=ITA&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=ITA&zdid=1361&cid=%2BU61mPffcLMFLiZ7l%2F%2FG%2Fm4%2FxIOHPuTv%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=ITA&zdid=1361&cid=%2BU61mPffcLMFLiZ7l%2F%2FG%2Fm4%2FxIOHPuTv%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3e5ed83747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=ITA&zdid=1361&cid=%2BU61mPffcLMFLiZ7l%2F%2FG%2Fm4%2FxIOHPuTv%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 381E 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 381E 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.5.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-5-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
cache-control
private, no-cache, no-store
x-request-time
D=69 t=1636365992
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 381E 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YYj2qAAC_-j4vAAz&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-111...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YYj2qAAC_-j4vAAz&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&_test=YYj2qAAC_-j4vAAz
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3ed8673747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636365993.756615,VS0,VE0
x-served-by
cache-mxp6971-MXP
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YYj2qAAC_-j4vAAz&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&_test=YYj2qAAC_-j4vAAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=b8976188-f6a8-4300-bc9c-d51836b6f909&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b8976188-f6a8-4300-bc9c-d51836b6f909&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3eb8113747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=b8976188-f6a8-4300-bc9c-d51836b6f909&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 08 Nov 2021 10:06:31 GMT
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b8...
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.649090f3-0991-43e7-880b-29c430c995bf&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.649090f3-0991-43e7-880b-29c430c995bf&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3f28e13747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.649090f3-0991-43e7-880b-29c430c995bf&zdid=1361
pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
cache-control
must-revalidate, no-store, no-cache
server
nginx/1.20.1
content-length
0
expires
-1
usermatch.gif
beacon.krxd.net/ Frame 381E
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac9...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
52.51.5.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-5-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
cache-control
private, no-cache, no-store
x-request-time
D=59 t=1636365993
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
date
Mon, 08 Nov 2021 10:06:33 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a007-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 381E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3R5JV4S27YD424P23WJE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VG0PP7E4ZQ9M7Q0NQ4YH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd403b103747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Mon, 08 Nov 2021 10:06:32 GMT
Connection
keep-alive
Content-Length
0
BK-Server
1722
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 381E
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00da1...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6aadfd3fda413747-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
date
Mon, 08 Nov 2021 10:06:32 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 381E 		557 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c7fc28552d6512db2e2dbb761a1df856f4f6b5dbdbc2ae551f05d9ab20dadf

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
6aadfd3c9a993747-MXP
date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 08 Nov 2021 10:06:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
new
ads3.admatic.com.tr/user/ Frame 0E11 		169 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.228 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-228-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
b3ad72027c2c2de9f78c6d95e70cd3c0a19aa31a2a2735278d86b8512ca2fde7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 10:06:31 GMT
content-encoding
br
etag
Qa30Q2lcu15fhYoVxzB7E5fGBbL1w0AWMC00RKtvChcY7qx4HcMtuHQwb2p2OpriT5T0i08bnWDb_6a_c_ezhw
last-modified
Mon, 08 Nov 2021 11:06:31 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
173
bridge3.487.0_en.html
imasdk.googleapis.com/js/core/ Frame AB2C 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194247
date
Fri, 05 Nov 2021 10:09:33 GMT
expires
Sat, 05 Nov 2022 10:09:33 GMT
last-modified
Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
259019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 1808 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 08 Nov 2021 10:06:32 GMT
csync
sync.console.adtarget.com.tr/ Frame 0E11 		0
0
cmp
spl.zeotap.com/ Frame 381E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6aadfd3d1bc23747-MXP
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 16DD 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 09:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 08 Nov 2021 10:18:40 GMT
crum
dsum-sec.casalemedia.com/ Frame B532
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYj2p3zmNZQOOhat0ZqWRQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKKKp3KiAuTnU-dFjbyPS1s&google_cver=1&gdpr=1
43 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKKKp3KiAuTnU-dFjbyPS1s&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 10:06:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKKKp3KiAuTnU-dFjbyPS1s&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B532
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Protocol
HTTP/1.1
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R04BA7V30SPEY46R47EH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EMW1ZG5BBRN82R004YMR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B532
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEUZQzywNEz6NEweaImuv9o&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEUZQzywNEz6NEweaImuv9o&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 08 Nov 2021 10:06:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEUZQzywNEz6NEweaImuv9o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B532 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame B532 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame B532
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ae4446f3-078b-408d-881e-921509151891
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ae4446f3-078b-408d-881e-921509151891
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 10:06:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ae4446f3-078b-408d-881e-921509151891
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
tpid=YYj2p3zmNZQOOhat0ZqWRQAA%26699
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame B532
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYj2p3zmNZQOOhat0ZqWRQAA%26699?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYj2p3zmNZQOOhat0ZqWRQAA%26699?gdpr_consent=&us_privacy=&gdpr=1
49 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYj2p3zmNZQOOhat0ZqWRQAA%26699?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Protocol
H2
Server
34.249.68.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.12
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYj2p3zmNZQOOhat0ZqWRQAA%26699?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.2.152
content-length
0
expires
0
us.php
gu.dyntrk.com/adx/ie/ Frame B532 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193669.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
um
u-ams02.e-planning.net/ Frame B532 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=0cdfb49c9c52beb7&uid=YYj2p3zmNZQOOhat0ZqWRQAA%26699
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cdfb49c9c52beb7%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
openresty
content-type
image/gif
w_480_00004.ts
video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/ 		483 KB
484 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
f56ca818087834a737c9427dcf1aca0b5620455e029e2b7c3f95aac4ad8bbf70

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 a7ed0e2562a9e213a639323d1327bbbc.cloudfront.net (CloudFront)
x-amz-cf-pop
OTP50-C1
content-length
495004
last-modified
Sun, 07 Nov 2021 20:32:58 GMT
server
Tengine
etag
"3d383cc4b5bab96fcd85501843ae2278"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
Wmd_jGlRVV7JjHDHNteiABj7dkmQfOHz1LRSqMUApI1nk1oq9tHaIQ==
expires
Mon, 22 Nov 2021 10:06:32 GMT
khaos.jpg
token.rubiconproject.com/ Frame A3C0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0C86
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=6ed8b92dcc16872c848c580...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=f4146188-f6a8-4f00-a131-213cd59f019b&gdpr=0&gdpr_consent=
49 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=f4146188-f6a8-4f00-a131-213cd59f019b&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=f4146188-f6a8-4f00-a131-213cd59f019b&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 10:06:31 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame 2177 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 02:25:04 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
27688
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OMQf8emOQ2awFU07Ronvg5WP5z6F7qFzlKD84Q7FAzU0koQvyY-5bg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 40CE 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Mon, 08 Nov 2021 10:06:31 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sat, 07 Nov 2026 10:06:31 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame D9DB 		2 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
061a92542d7fc14c3451c324b480e101cbcea6926137e62b47f3b42d4e3947ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6aadfd3ddcae3757-MXP
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 0ADF 		0
0
w_480_00005.ts
video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/ 		517 KB
518 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/29909/video_5f6af001aae1b264352045/vid61883753e79ee081421673.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
416f737d3a2459a6215f3a4ecf5e8b4dbb8227c3af23671b7408c276d2e44ba7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
529032
last-modified
Sun, 07 Nov 2021 20:32:58 GMT
server
Tengine
etag
"c042cc3f226c7eae2c4ed28a3385bd06"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
sFrj5Y5JVlr2ScJzv4MxXeoLqXYdMI0i6BMBqgMRwgp3OL4RxzfRDg==
expires
Mon, 22 Nov 2021 10:06:32 GMT
GS.d
js.cookieless-data.com/ Frame 40CE 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1636365992557
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
/
insight.adsrvr.org/track/pxl/ Frame B78A 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=2tetedh&ct=0:g27akpq&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
khaos.jpg
token.rubiconproject.com/ Frame 44C1 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/jpg
img
ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/ Frame 0C86
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785cc61925460%2F1636365992309%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=75&tpuid=4042676779816353614&gdpr=0
49 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=75&tpuid=4042676779816353614&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
X-Proxy-Origin
95.174.64.203; 95.174.64.203; 882.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bcc87e83-2f4c-4e99-a6fb-fdde5c9186ae
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=75&tpuid=4042676779816353614&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame D9DB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003&rndcb=6301148721
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003&rndcb=6301148721
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=6d299636-dff2-431f-bb39-638ac2c3a280&google_hm=NmQyOTk2MzYtZGZmMi00MzFmLWJiMzktNjM4YWMyYzNh...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB4O2LoduYe_v6eXBTuXNy8&google_cver=1&ssp=adconductor&bsw_param=6d299636-dff2-431f-bb39-638ac2c3a280
  • https://sync.1rx.io/usersync/bidswitch/6d299636-dff2-431f-bb39-638ac2c3a280?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-e990eff5-c288-4dde-833c-4396eac3ef46-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-e990eff5-c288-4dde-833c-4396eac...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6aadfd40ba243757-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-e990eff5-c288-4dde-833c-4396eac3ef46-003
date
Mon, 08 Nov 2021 10:06:33 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe990eff5c2884dde833c4396eac3ef46003
content-type
text/html
setuid
sync.quantumdex.io/ Frame D9DB
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=fc0905c1-3240-4a98-97e4-c05897a97460
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=fc0905c1-3240-4a98-97e4-c05897a97460
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6aadfd3fb8403757-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=fc0905c1-3240-4a98-97e4-c05897a97460
date
Mon, 08 Nov 2021 10:06:32 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame D9DB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4042676779816353614
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4042676779816353614
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6aadfd3fb8463757-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
X-Proxy-Origin
95.174.64.203; 95.174.64.203; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8878af2b-e78e-4e98-a523-0f4c9f0d0254
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4042676779816353614
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame D9DB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nN3BkcNE2uFPHE2jViKpXYr7RFCtyCWpmMzLavg-~A
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nN3BkcNE2uFPHE2jViKpXYr7RFCtyCWpmMzLavg-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6aadfd3f0eee3757-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nN3BkcNE2uFPHE2jViKpXYr7RFCtyCWpmMzLavg-~A
date
Mon, 08 Nov 2021 10:06:32 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame D9DB 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
1.gif
id5-sync.com/c/495/0/0/ Frame D9DB
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p25.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 10:06:47 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Mon, 08 Nov 2021 10:06:47 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame D9DB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4042676779816353614
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4042676779816353614
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6aadfd3fb81e3757-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
X-Proxy-Origin
95.174.64.203; 95.174.64.203; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8b6d2051-87e2-46df-9fba-bdaa577be279
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4042676779816353614
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
sync.e-planning.net/ Frame D9DB 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=2e461a18-9186-4f45-8ff6-9f8ab4f447cd
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
openresty
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame 0326 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3729a2dc4375502ab7d1391dfa909b15b3ef4efdd1beef9c2950ad13b732351b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|88|206|4|218|5|230|39
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1570
Expires
Mon, 08 Nov 2021 10:06:32 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 9425 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame DFE5 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 08 Nov 2021 10:06:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0326 		43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:98f2:3ed0:65d:a543 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 0326 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636365993.920538,VS0,VE98
x-served-by
cache-mxp6971-MXP
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 0326 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:32 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 0326
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3041342999546826376
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3041342999546826376
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 10:06:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3041342999546826376
pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=23728&dpuuid=YYj2p3zmNZQOOhat0ZqWRQAA%26699
dpm.demdex.net/ Frame 0326 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YYj2p3zmNZQOOhat0ZqWRQAA%26699?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.91.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-91-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ix
ad4m.at/ad/sim/ Frame 0326 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usermatchredir
ssum-sec.casalemedia.com/ Frame 0326
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELEIRhQH-8v8yiK583FfcEk&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELEIRhQH-8v8yiK583FfcEk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 08 Nov 2021 10:06:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELEIRhQH-8v8yiK583FfcEk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0326 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
sync.quantumdex.io/ Frame 0326 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YYj2p3zmNZQOOhat0ZqWRQAAArsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6aadfd3fc8543757-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0C86
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=bf4a894809b4be27c12854eb3...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YYj2p3zmNZQOOhat0ZqWRQAA%26699
49 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YYj2p3zmNZQOOhat0ZqWRQAA%26699
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 10:06:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YYj2p3zmNZQOOhat0ZqWRQAA%26699
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
309
Expires
Mon, 08 Nov 2021 10:06:32 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame AB2C 		136 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21734706084%2C22144266561%2Fworldintersportsnetwork&description_url=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&env=vp&correlator=401944770642362&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Dtnlubl&sdkv=h.3.487.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=44d&adk=131214266&sdk_apis=2%2C8&sid=AFBD282F-7166-4472-8CC4-9466A2D8F00F&eid=44730895&url=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&dlt=1636365990837&idt=2004&dt=1636365992919&scor=2734365449768747&ged=ve4_td2_tt0_pd2_la2000_er856.-2757.1009.-2457_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/ Frame 0C86
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=654a82ce7210f7fdc6c8b3c111a07e9f5ac7def5c975517f352a2de8906e2709&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57af6785...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=654a82ce7210f7fdc6c8b3c111a07e9f5ac7def5c975517f352a2de8906e2709&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b57a...
  • https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=42&gdpr=0&tpuid=4091595630757667348
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=42&gdpr=0&tpuid=4091595630757667348
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
server
nginx
location
https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/img?tpid=42&gdpr=0&tpuid=4091595630757667348
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0C86
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=03600b29-fef1-400f-8067-a47c08115db0&gdpr=0
49 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=03600b29-fef1-400f-8067-a47c08115db0&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:32 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=03600b29-fef1-400f-8067-a47c08115db0&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1464145
content-length
0
expires
Mon, 08 Nov 2021 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwin.gg%2F&domain=win.gg&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://win.gg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://win.gg
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1709
date
Mon, 08 Nov 2021 10:06:32 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 1808
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwin.gg%2F&domain=win.gg&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=hnKZ7XxJZk1PdHRLRFRkbVJBck84cjdXYUJMd0lZVmVKMGVxeVp5d2hydW1pRHRjaG5xRTluOHFxcFhySXFmdThTeENjSkpnTSs2VXFLWFlRRWZDblYrcGt2TEo0bmFVSk5qVE5lcWd6YWNONlNEbHVhOS9sbGw3MzRrOD...
408 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hnKZ7XxJZk1PdHRLRFRkbVJBck84cjdXYUJMd0lZVmVKMGVxeVp5d2hydW1pRHRjaG5xRTluOHFxcFhySXFmdThTeENjSkpnTSs2VXFLWFlRRWZDblYrcGt2TEo0bmFVSk5qVE5lcWd6YWNONlNEbHVhOS9sbGw3MzRrODY1NUhaV2ZPWHBLbkRzVTJNdXpMa3VpSnlnUkR4VUJZM3hZcmF3aWplWUwyUUIwSy9ML0FvQjUxc0F3NUJvSXpSWTc4NVVWR2ZMZUgzNklhSlUyeWlMTSt3Y3FLV2xQVXpDUHhhaWFhNHBleEtBcFZhWjBqZnl2RlAxQUZQeElWaDVCeWloZFRMKzQ1d1VkQUc2eFpmTzlLaVBsTUZMZz09fA&cppv=2
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c7f05437fa4d06d727e447eb25e1194de15f17dc602e0464644613e73af7ffdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 08 Nov 2021 10:06:32 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2164
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 08 Nov 2021 10:06:32 GMT
location
https://mug.criteo.com/sid?cpp=hnKZ7XxJZk1PdHRLRFRkbVJBck84cjdXYUJMd0lZVmVKMGVxeVp5d2hydW1pRHRjaG5xRTluOHFxcFhySXFmdThTeENjSkpnTSs2VXFLWFlRRWZDblYrcGt2TEo0bmFVSk5qVE5lcWd6YWNONlNEbHVhOS9sbGw3MzRrODY1NUhaV2ZPWHBLbkRzVTJNdXpMa3VpSnlnUkR4VUJZM3hZcmF3aWplWUwyUUIwSy9ML0FvQjUxc0F3NUJvSXpSWTc4NVVWR2ZMZUgzNklhSlUyeWlMTSt3Y3FLV2xQVXpDUHhhaWFhNHBleEtBcFZhWjBqZnl2RlAxQUZQeElWaDVCeWloZFRMKzQ1d1VkQUc2eFpmTzlLaVBsTUZMZz09fA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1979
content-length
541
expires
0
212.json
id5-sync.com/g/v2/ Frame 1808 		213 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p25.id5-sync.com
Software
/
Resource Hash
978f80b35fd2704fa1a0cd8ae14eed06c11c3bbf10d151dc1321b3d0888142cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://win.gg
Date
Mon, 08 Nov 2021 10:06:47 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 1808 		154 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.68.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3b21dfd13871087372d536f09d473baf16f741522e7bf830222de7739f06957f

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://win.gg
cache-control
no-cache
x-server
10.45.31.18
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ Frame 1808 		108 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
a2f7dfb7d4d1fc2bcb98a82944dced05692dd9b275dc99e3c5f5683a9930ff7c

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win.gg
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 08 Dec 2021 10:06:33 GMT
pd
u.openx.net/w/1.0/ Frame 9D60 		668 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
19f0dd48b789bc96d7f1aa6bfc0d82538cfc0b29bd679ff8e92763bd3d1815e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 08 Nov 2021 10:06:33 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame 5862 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Nov 2021 10:06:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 87A3 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=156893
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Mon, 08 Nov 2021 10:06:33 GMT
vary
Accept-Encoding
user-registering
ads.stickyadstv.com/ Frame 1808
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=666d265fd0528a4e2bfe12d774546cd&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=c060_7028138419927539747
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjY2ZDI2NWZkMDUyOGE0ZTJiZmUxMmQ3NzQ1NDZjZA==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELkspbeqMgNuV_tZm1eqLEA&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=65dbf2bb-416e-4d90-8b8c-67dd8394c17e
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/666d265fd0528a4e2bfe12d774546cd&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-tkoJvm5E2oOmfYQCscJX_p83kKPuUloD_bKv70Ho~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=4042676779816353614
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b8976188-f6a8-4300-bc9c-d51836b6f909&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4091595630757667348
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=EaoSj2Pk1MK1xU5
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAA2aU7DEe0AABe52uxYKw&gdpr=0
0
0
sync
ups.analytics.yahoo.com/ups/57304/ Frame 1808
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP8d084fd5-407b-11ec-9c8c-06f28f52458a
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA4ZDA4NGZkNS00MDdiLTExZWMtOWM4Yy0wNmYyOGY1MjQ1OGE%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEKjg36_yL2Wl-3Q538G4454&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKjg36_yL2Wl-3Q538G4454&google_cver=1&apid=UP8d084fd5-407b-11ec-9c8c-06f28f52458a
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKjg36_yL2Wl-3Q538G4454&google_cver=1&apid=UP8d084fd5-407b-11ec-9c8c-06f28f52458a
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKjg36_yL2Wl-3Q538G4454&google_cver=1&apid=UP8d084fd5-407b-11ec-9c8c-06f28f52458a
date
Mon, 08 Nov 2021 10:06:33 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 1808
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&_origin=1&gdpr=1&gdpr_consent=
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=65dbf2bb-416e-4d90-8b8c-67dd8394c17e&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame 1808 		85 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636365993.227468,VS0,VE101
x-served-by
cache-mxp6971-MXP
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 5862 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 10:06:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83054
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9506
Expires
Tue, 09 Nov 2021 09:10:47 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9D60
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b8976188-f6a8-4300-bc9c-d51836b6f909
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b8976188-f6a8-4300-bc9c-d51836b6f909
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 08 Nov 2021 10:06:33 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b8976188-f6a8-4300-bc9c-d51836b6f909
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 10:06:32 GMT
sd
us-u.openx.net/w/1.0/ Frame 9D60
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=znkR2Z5-SNjVfh_WzXkEhMB4S4PVLBqAni1aPGHA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=znkR2Z5-SNjVfh_WzXkEhMB4S4PVLBqAni1aPGHA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=znkR2Z5-SNjVfh_WzXkEhMB4S4PVLBqAni1aPGHA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9D60
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4091595630757667348
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4091595630757667348
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4091595630757667348
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 9D60 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c385292a-4f44-7052-f2f1-1934634c7e23&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9D60 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWZlYWZhZTAtODYzMy0yZWY2LWU3MTEtNDM4ZGE5YWViMDQz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9D60
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDJSgaDery5ad9KnRj02kvg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDJSgaDery5ad9KnRj02kvg&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDJSgaDery5ad9KnRj02kvg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0C86
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=b3c3a6d07c3df8fd274d3a17...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b8976188-f6a8-4300-bc9c-d51836b6f909&gdpr=0&gdpr_consent=
49 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b8976188-f6a8-4300-bc9c-d51836b6f909&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 08 Nov 2021 10:06:33 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b8976188-f6a8-4300-bc9c-d51836b6f909&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 10:06:32 GMT
user
ads3.admatic.com.tr/ Frame 0E11
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=6d299636-dff2-431f-bb39-638ac2c3a280
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=6d299636-dff2-431f-bb39-638ac2c3a280
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=716ccbb2-9860-4745-bb2a-7d39cc7c3eff&ssp=admatic&expires=30&user_group=5&bsw_param=6d299636-dff2-431f-bb39-638ac2c3a280
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=6d299636-dff2-431f-bb39-638ac2c3a280&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=6d299636-dff2-431f-bb39-638ac2c3a280&dsp_uuid=&dsp_id=
35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=6d299636-dff2-431f-bb39-638ac2c3a280&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.228 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-228-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 10:06:32 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=6d299636-dff2-431f-bb39-638ac2c3a280&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hnKZ7XxJZk1PdHRLRFRkbVJBck84cjdXYUJMd0lZVmVKMGVxeVp5d2hydW1pRHRjaG5xRTluOHFxcFhySXFmdThTeENjSkpnTSs2VXFLWFlRRWZDblYrcGt2TEo0bmFVSk5qVE5lcWd6YWNONlNEbHVhOS9sbGw3MzRrODY1NUhaV2ZPWHBLbkRzVTJNdXpMa3VpSnlnUkR4VUJZM3hZcmF3aWplWUwyUUIwSy9ML0FvQjUxc0F3NUJvSXpSWTc4NVVWR2ZMZUgzNklhSlUyeWlMTSt3Y3FLV2xQVXpDUHhhaWFhNHBleEtBcFZhWjBqZnl2RlAxQUZQeElWaDVCeWloZFRMKzQ1d1VkQUc2eFpmTzlLaVBsTUZMZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1567
date
Mon, 08 Nov 2021 10:06:32 GMT
content-encoding
gzip
vary
Accept-Encoding
js
ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/ Frame 0C86
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=80703b339866bb0926bd948f72cd73a6615f0ea3910df4c3e141f20c8a7ad6a2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=80703b339866bb0926bd948f72cd73a6615f0ea3910df4c3e141f20c8a7ad6a2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F069b6f5c1b2f4b...
  • https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/js?tpid=48&tpuid=b79dd9dcaf8489c68da7807f975d8f1a
44 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/js?tpid=48&tpuid=b79dd9dcaf8489c68da7807f975d8f1a
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
baae3817652bc0a099b24dc2c5fc6991040dcd07fb10fcb64bdd18b344f7301a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 10:06:33 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Mon, 08 Nov 2021 10:06:33 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/069b6f5c1b2f4b57af6785cc61925460/1636365992309/0/js?tpid=48&tpuid=b79dd9dcaf8489c68da7807f975d8f1a
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTYmNwM2NTx5MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA0NwY5JaN0YT0jJat9NmUjJax9NDI0JaZcZF9jYXNmRG9gYWyhPXqcov5aZlZmqWJJZD13nW4hZ2pzZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTx1LwE3NC42NC4lMDMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGODxhMC40Mmt5LwplJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MTt4ZwZuNzUkMTJxJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2MmYmNwU5OTM1MmQzqWyxPVNyn2yhZG9TUGkurWVlNwE4OGY2YTpkMWUjZSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3nW4hZ2pyMxZhZXqmJTJGp3RlZWFgZXIgY29lnW5hYS1eo3BzLW1iqzVmLXRiLWZuY2Vvo29eLWquoWyhZl1uZaRypv1vYW4yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: win.gg
URL: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sium
ih.adscale.de/ Frame 0C86 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 08 Nov 2021 10:06:33 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
liveMatching.php
live.primis.tech/live/ Frame 1808 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D30385F31327D7B7331343830393231367D7B433136347D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=95.174.64.203&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6188f6a6e112d&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2011ghzmiptq&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2Fstreamer-corinna-kopf-moves-to-facebook-gaming-after-ban%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 10:06:35 GMT
content-encoding
gzip
server
nginx
age
0
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=T7I3qopZXNMZaRulIbuY&pi=admatic&tc=1
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D0cdfb49c9c52beb7%26uid%3D%7B%24UID%7D
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=14692ee794ae454db80a9aefd2c4851c
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=R7zVwFx-eCmoxwR81VraOiJ77F-bnjcjJgbWjxGvHq2Q9UtSdP1RGELK0dRcAB62uPdI5MQYBOBTHyNTI9HPtw
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ANTxg0dnlSGxgRr6
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAA2aU7DEe0AABe52uxYKw&gdpr=0

Verdicts & Comments Add Verdict or Comment

357 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| __tcfapi object| __ez string| __sellerid string| __ez_nid object| __advertiserRule object| ezasVars boolean| ezhbopt object| __banger_pmp_deals object| _ebcids number| ezobv function| ez_isclean object| ezSlotKVStore function| ezSetSlotTargeting function| ezGetSlotById function| ezSetTargetingFromMap object| ez_queue function| sort_queue function| execute_ez_queue function| ez_write_tag function| in_array object| ezrpos undefined| ez_current_interval number| ez_current_load function| __ez_fad_load boolean| __ez_fad_floatshowd function| __ez_fad_floatshow object| __ez_fad_initslot object| __ez_fad_fastd object| __ez_fad_fastdiv object| __ez_fad_fastslots object| __ez_fad_viewslots object| __ez_fad_instaslots object| ezslit_run object| __ez_fad_divs object| __ez_fad_divsd number| __ez_fad_vw number| __ez_fad_vh number| __ez_fad_count function| __ez_fad_invisible function| __ez_fad_position function| __ez_fad_fast function| __ez_fad_csnt boolean| __ez_fad_haspo function| __ez_fad_rdy function| __ez_fad_docht function| __ez_fad_vpht number| __ez_fad_doc_ht number| __ez_fad_vp_ht boolean| __ez_fad_hascp object| ez_ad_units object| ezslots object| ezsrqt object| __ez_fad_divpos object| ezorbf boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezoibfh object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd function| __ez_fad_gpt function| __ez_fad_pb function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat string| gtm4wp_datalayer_name object| dataLayer boolean| gtm4wp_scrollerscript_debugmode number| gtm4wp_scrollerscript_callbacktime number| gtm4wp_scrollerscript_readerlocation string| gtm4wp_scrollerscript_contentelementid number| gtm4wp_scrollerscript_scannertime object| _wpemojiSettings object| PDFObject function| $ function| jQuery object| ggeac object| google_js_reporting_queue object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ number| gtm4wp_youtube_percentage_tracking object| gtm4wp_youtube_percentage_tracking_timeouts object| gtm4wp_youtube_percentage_tracking_marks object| tag object| firstScriptTag undefined| gtm4wp_err function| gtm4wp_onYouTubePlayerReady function| gtm4wp_onYouTubePlayerStateChange function| gtm4wp_onYouTubePlaybackQualityChange function| gtm4wp_onYouTubePlaybackRateChange function| gtm4wp_onYouTubeError function| gtm4wp_onYouTubeApiChange function| gtm4wp_onYouTubePercentageChange function| onYouTubeIframeAPIReady object| wpp_params object| WordPressPopularPosts object| misha_loadmore_params object| dataLayer_content boolean| __ez_conestreq object| adsbygoogle string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl boolean| cmpIsOn object| ezConsentCategories object| __ezconsent function| ezConsentSettings object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent535 number| _ez_fad_vw object| twemoji object| wp string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL object| ezomash function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosethbbids function| ezoSyncToDfp function| ezoGetDFPSlot function| ezGetSlotViewedTime function| formatBid function| adjustHbValues function| ezorefgsl function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString function| __ezDotData object| ezux function| _ez_TOS_TrackEvent function| ezocfol number| netStartTime function| hashCode function| ezogetrqbykey function| ezorqs function| ezorqe function| _fEzDt function| xhrSuccess function| xhrError function| loadFile function| lex undefined| _comments undefined| _depth undefined| _position undefined| _tokens function| parse function| astNode function| next function| parseAtGroup function| parseAtImport function| parseCharset function| parseComment function| parseNamespace function| parseProperty function| parseSelector function| parseToken function| parseTokensWhile function| parseDeclarations function| parseRules undefined| _compress undefined| _indentation undefined| _level undefined| _n undefined| _s function| indent function| stringifyComment function| stringifyRule function| reduce function| stringifyBlock function| stringifyChildren function| stringifyDeclaration function| stringifyProperty function| CSSurgeon object| surgeon function| eachAsync function| getRandomInt function| printCSS function| runsurgeon string| UA object| metricNameMap function| ezlogVital object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| ES6Promise function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| loadCSS object| webVitals number| uidEvent object| bootstrap function| insert_ads_in_repeater function| insertParam function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active boolean| ai_tracking_finished boolean| ai_js_code boolean| __inScopeForCCPA function| __uspapi function| __receiveUspapiMessage function| __ez_fad_ezpbinit object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __allBidders function| __ez_tkn_evnt function| __ez_fad_scroll number| __ez_fad_scrollint function| __ez_fad_chkpos object| ezRBA function| __ez_addAllListeners number| indexKey undefined| __ez_dims boolean| ezCanEngagePage object| cmpCookies object| __ezCmpConfig number| ezodomstart number| ezoIint function| uglipop object| __ezcl function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| ai_process_lists function| ai_process_ip_addresses function| ai_install_standard_click_trackers function| ai_install_click_trackers function| ai_process_impressions undefined| google_measure_js_timing function| epbjsRequestAdUnits function| epbjsRefreshSlot object| ezoptbid object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| ct object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty function| ezoChar function| ezoCharSize object| google_tag_manager boolean| ai_ip_data_requested object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| nunjucksPrecompiled object| ezCMP object| google_tag_data string| GoogleAnalyticsObject function| ga object| ORIBI boolean| sekindoFlowingPlayerOn string| ai_ip_data object| ensBootstraps object| Bootstrapper object| gaplugins object| gaGlobal object| gaData object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| freewheelssp_cache object| google_optimize number| google_global_correlator object| closure_lm_869074 function| arrive function| unbindArrive function| leave function| unbindLeave

126 Cookies

Domain/Path Name / Value
.win.gg/ Name: ezoadgid_255604
Value: -1
.win.gg/ Name: ezoref_255604
Value:
.win.gg/ Name: ezoab_255604
Value: mod1-c
.win.gg/ Name: active_template::255604
Value: pub_site.1636365990
.win.gg/ Name: ezopvc_255604
Value: 1
.win.gg/ Name: ezepvv
Value: 112
.win.gg/ Name: ezovid_255604
Value: 2090611249
.win.gg/ Name: lp_255604
Value: https://win.gg/news/streamer-corinna-kopf-moves-to-facebook-gaming-after-ban/
.win.gg/ Name: ezovuuidtime_255604
Value: 1636365990
.win.gg/ Name: ezovuuid_255604
Value: 2ddcf8d1-42cf-4af2-7257-196dc489d37b
.win.gg/ Name: ezCMPCCS
Value: false
.win.gg/ Name: ezosuigeneris-0
Value: 2bfbef86a0e0188cd2280f4a1112d50d
win.gg/ Name: ezouspvv
Value: 0
win.gg/ Name: ezouspva
Value: 0
win.gg/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
win.gg/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.youtube.com/ Name: YSC
Value: Rzg_JKMq_8g
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: qTWC0LtvkQ4
.openx.net/ Name: i
Value: 10291673-e6c3-4fa5-a827-d1dc076b4dde|1636365991
.spotxchange.com/ Name: audience
Value: 8bfebafe-407b-11ec-b4f9-18a305860206
.adnxs.com/ Name: uuid2
Value: 4042676779816353614
.casalemedia.com/ Name: CMID
Value: YYj2p3zmNZQOOhat0ZqWRQAA
.casalemedia.com/ Name: CMPS
Value: 324
win.gg/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.win.gg/ Name: _gid
Value: GA1.2.199282214.1636365992
.win.gg/ Name: _gat_UA-125662552-1
Value: 1
.win.gg/ Name: oribi_user_guid
Value: 532461c0-d696-1ccd-4186-1f255162f6d4
.win.gg/ Name: oribi_session
Value: f2920e11-877b-6b82-ab3e-31d8444f9761
.casalemedia.com/ Name: CMPRO
Value: 699
ads.stickyadstv.com/ Name: UID
Value: 666d265fd0528a4e2bfe12d774546cd
ads.us.e-planning.net/ Name: CT
Value: 1
.creativecdn.com/ Name: u
Value: T7I3qopZXNMZaRulIbuY
.creativecdn.com/ Name: ts
Value: 1636365992
.e-planning.net/ Name: E
Value: ANTxg0dnlSGxgRr6
.win.gg/ Name: _ga_916JLHZYLF
Value: GS1.1.1636365992.1.0.1636365992.60
.win.gg/ Name: _ga
Value: GA1.1.1861230327.1636365992
.adscale.de/ Name: uu
Value: 14692ee794ae454db80a9aefd2c4851c
.zeotap.com/ Name: zc
Value: 00da1edb-ee9b-4f69-5e3f-fb812d6fc600
.zeotap.com/ Name: zsc
Value: hc%A3WW%AA%13%01%CE%89+7%23%AFB%ECD%96%F2%F3g%ED%07%5D%D8h%9D%AAh%2B%EE%BE%D5%E2%CE%C9%17W%F0%BDV%B8%DD%F9%86%02%01%84%FF%ED%11%B6h%AD%A5f%B9%0Ci%FA_%C5m%B5%16%7D4%FB%1A%99%13%B7%8C%F6h%E8J%D2%3Ev%D5%FAUT%0C%7C%08%865%7D%F6%B5%CC%EBQ%1D%D7%CF%1B%26%C1%EF%F5%AA%8A%9F%3E%9E%D2%8Ep%FF%28%DA4+%C4%04%D4%EA%E9%96VbL%F5%97r%CF%8F3%90%3F%7C%FC%EB%18%D2~%EB%12%DA%CBc74%F4%B2%A9%A4Cj%0FGJ%22x%E5Z%94%B1%11%A2%CF
.yahoo.com/ Name: A3
Value: d=AQABBKj2iGECEP9FbkQjXIxkAdBPcT__gbkFEgEBAQFIimGSYQAAAAAA_eMAAA&S=AQAAAj1Dz4aP0M6om3Ob147vTTQ
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 2b3c5e0cc673ff293e2280700eede1cd5e856e50cd6bc5467474bd96537910c9
.adsrvr.org/ Name: TDID
Value: 65dbf2bb-416e-4d90-8b8c-67dd8394c17e
gw.oribi.io/ Name: bridge_sid_Xy0xODg1MDA0Nzk1
Value: cda6cd2f-191f-414e-a75b-7689a498c102
gw.oribi.io/ Name: bridge_uid_Xy0xODg1MDA0Nzk1
Value: 0ac402bf-fedf-4e53-91a6-24ebd614bc0d
.richaudience.com/ Name: avcid-zeo-uid
Value: 00da1edb-ee9b-4f69-5e3f-fb812d6fc600
.tapad.com/ Name: TapAd_TS
Value: 1636365992460
.tapad.com/ Name: TapAd_DID
Value: a81aa0f6-f3df-461d-8636-fa96b127eef8
.weborama.fr/ Name: AFFICHE_W
Value: oewxRzil6FCh28
.ibillboard.com/ Name: ibbid
Value: BBID-01-03110799924967396-16441020
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUleKKEYI0fXisMvPLH9j0SjbuPeqgRoLO1lGYLZ25J5mnC3BvwqFAnLvrh_oUg
.exelator.com/ Name: EE
Value: "b83fe167d6429c5af02432314e23e2b6"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e990eff5-c288-4dde-833c-4396eac3ef46-003%22%7D
.demdex.net/ Name: demdex
Value: 83756945867946239262221256354680191683
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHJwjgt1dDMPMXMxMgy2TQxzcDIxNjI2NAk1cg41SjJbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJySX5RZvoiz5DFRSlpDItKik8F76tvAgBfzSna"
.agkn.com/ Name: ab
Value: 0001%3AHpasSEC2%2F66ibJNd0ZE3dI1t5dXvrxYm
.dpm.demdex.net/ Name: dpm
Value: 83756945867946239262221256354680191683
.krxd.net/ Name: _kuid_
Value: OeCM5O8r
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 30e9159f098efecee40bf413dcbb9908
.mathtag.com/ Name: uuid
Value: b8976188-f6a8-4300-bc9c-d51836b6f909
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YYj2qAAC_-j4vAAz
.quantumdex.io/ Name: uid
Value: 2e461a18-9186-4f45-8ff6-9f8ab4f447cd
.bidswitch.net/ Name: tuuid
Value: 6d299636-dff2-431f-bb39-638ac2c3a280
.bidswitch.net/ Name: c
Value: 1636365992
.bidswitch.net/ Name: tuuid_lu
Value: 1636365992
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: 93660880-fde7-4599-a23b-d3d8b8b746db#1636366007884#1
.sharethrough.com/ Name: stx_user_id
Value: fc0905c1-3240-4a98-97e4-c05897a97460
.id5-sync.com/ Name: callback
Value:
.fwmrm.net/ Name: _uid
Value: "c060_7028138419927539747"
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e990eff5-c288-4dde-833c-4396eac3ef46-003%22%7D
.turn.com/ Name: uid
Value: 3041342999546826376
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMRUM3
Value: e66188f6a82760&586188f6a805a0&2e6188f6a805a0&046188f6a927603041342999546826376&056188f6a805a0&c46188f6a805a0&dd6188f6a82760&496188f6a805a0&986188f6a82760ae4446f3-078b-408d-881e-921509151891&f16188f6a805a0&2d6188f6a82760CAESEKKKp3KiAuTnU-dFjbyPS1s&ce6188f6a805a0&da6188f6a82760&276188f6a80b40
.casalemedia.com/ Name: CMST
Value: YYj2p2GI9qkA
.adform.net/ Name: uid
Value: 4091595630757667348
.openx.net/ Name: pd
Value: v2|1636365993|gekin0vNiygu
ads.stickyadstv.com/ Name: sessionId
Value: bc7d719c6d561c89f7c131489ade7924
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDZItTQ0tUwzsLRITUtNTk01MUhKMzE0TklOSrK0NLBgAILEjm8rQTQUAABrjQvW"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7Pi2EkhBAQAfEwKJ"
.criteo.com/ Name: uid
Value: 03600b29-fef1-400f-8067-a47c08115db0
win.gg/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2265dbf2bb-416e-4d90-8b8c-67dd8394c17e%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-08T10%3A06%3A33%22%7D
win.gg/ Name: pbjs-unifiedid_last
Value: Mon%2C%2008%20Nov%202021%2010%3A06%3A33%20GMT
.advertising.com/ Name: APID
Value: UP8d084fd5-407b-11ec-9c8c-06f28f52458a
.win.gg/ Name: panoramaId_expiry
Value: 1636970793233
.win.gg/ Name: _cc_id
Value: 30e9159f098efecee40bf413dcbb9908
.win.gg/ Name: panoramaId
Value: 31140a791e507faa695e48138c5e4945a702944b665513ced073d6d78f280259
.choozle.com/ Name: chzdpsync
Value: eyJjaG9vemxlQ29va2llSWQiOiIyYmJlNTQ0My00OTcyLTQwMDUtYjQ1Yy1kYTAzOTcyMWFiM2YiLCJwcm92aWRlckNvb2tpZU1ldGEiOnsiT1JBQ0xFIjp7InByb3ZpZGVyIjoiT1JBQ0xFIiwicHJvdmlkZXJDb29raWVJZCI6IiRfQktfVVVJRCIsInByb3ZpZGVyUmVkaXJlY3RSZXF1ZXN0ZWQiOmZhbHNlLCJwcm92aWRlclJlZGlyZWN0U2VudCI6ZmFsc2V9LCJUVEQiOnsicHJvdmlkZXIiOiJUVEQiLCJwcm92aWRlckNvb2tpZUlkIjoiNjVkYmYyYmItNDE2ZS00ZDkwLThiOGMtNjdkZDgzOTRjMTdlIiwicHJvdmlkZXJSZWRpcmVjdFJlcXVlc3RlZCI6ZmFsc2UsInByb3ZpZGVyUmVkaXJlY3RTZW50IjpmYWxzZX19LCJ2ZXJpZmllZCI6dHJ1ZSwic3BlY2lmaWNQcm92aWRlcnMiOltdfQ==
.analytics.yahoo.com/ Name: IDSYNC
Value: "192m~21ey:192w~21ey:187s~21ey"
.yahoo.com/ Name: APID
Value: UP8d084fd5-407b-11ec-9c8c-06f28f52458a
.yahoo.com/ Name: APIDTS
Value: 1636365993
.adscale.de/ Name: cct
Value: 1636365993409
.rlcdn.com/ Name: rlas3
Value: w9pCEqHuVJB7hP+/K4Mida7CSDiV3iIcBUhYf5Qa89E=
.quantserve.com/ Name: d
Value: EPgBDAHWJIqsMA
.quantserve.com/ Name: mc
Value: 6188f6a9-66751-e80bb-d3afe
.rlcdn.com/ Name: pxrc
Value: CKnto4wGEgUI6AcQABIGCLrqARAA
ads.stickyadstv.com/ Name: uid-bp-36033
Value: c060_7028138419927539747
ads.stickyadstv.com/ Name: MRM_UID
Value: c060_7028138419927539747
.m6r.eu/ Name: test
Value: true
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESELkspbeqMgNuV_tZm1eqLEA
win.gg/ Name: cto_bundle
Value: 88WAeF9wRWE1RVA0b3BlSHAwSkZIWkw2VDhvQ3NlSjJ0QURIQWdsTmQzbEhlUHphMnMyVjVwR1lFVFU4S25oclpiJTJGZnJqdFc5a2RwVnYxRGJWSmhlNVNrU05jTTVKbFFwOHVyR2tWVXJZRHFkVXBSeGdYemtyMk9OTWdwRnV5emglMkJ1UldlZE1MUWVDQ01JYmd5bUZsRkNYNEZBJTNEJTNE
win.gg/ Name: cto_bidid
Value: TiVFCF9MNkpreXRPYXlSZDlTYTh3akVLRTVWSFlualpGN2dtekt4OGpMVk1na3FVRmlJM1MlMkZwUTJtNiUyRlJ4RUN0QWlnOWRMZFBFWWtPWjVrRWJsTU44OSUyQjlrc0x6RTYlMkJ1V0ZnVEw4R3VBcWNrakRvJTNE
.m6r.eu/ Name: cct
Value: 1636365993665
.m6r.eu/ Name: id
Value: b79dd9dcaf8489c68da7807f975d8f1a
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjuqrXJxaqROhAFOAFaCXN0aWNreWFkc2AC
.ih.adscale.de/ Name: tu
Value: 4#1805489242#48~b79dd9dcaf8489c68da7807f975d8f1a~454546~0~0#101~BBID-01-03110799924967396-16441020~454546~0~0#39~b8976188-f6a8-4300-bc9c-d51836b6f909~454546~0~0#40~03600b29-fef1-400f-8067-a47c08115db0~454546~0~0#42~4091595630757667348~454546~0~0#75~4042676779816353614~454546~0~0#108~f4146188-f6a8-4f00-a131-213cd59f019b~454546~0~0#63~YYj2p3zmNZQOOhat0ZqWRQAA&699~454546~0~0
.creative-serving.com/ Name: tuuid
Value: 716ccbb2-9860-4745-bb2a-7d39cc7c3eff
.creative-serving.com/ Name: c
Value: 1636365993
.creative-serving.com/ Name: tuuid_lu
Value: 1636365993
ads.stickyadstv.com/ Name: uid-bp-892
Value: 65dbf2bb-416e-4d90-8b8c-67dd8394c17e
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: 5dd00dcd77b7042d3512fca60e59e168e301ff85b8ed11251db8153ef2b2550e
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-tkoJvm5E2oOmfYQCscJX_p83kKPuUloD_bKv70Ho~A
ads.stickyadstv.com/ Name: uid-bp-951
Value: 4042676779816353614
ads.stickyadstv.com/ Name: uid-bp-529
Value: b8976188-f6a8-4300-bc9c-d51836b6f909
ads.stickyadstv.com/ Name: uid-bp-617
Value: 4091595630757667348
.w55c.net/ Name: wfivefivec
Value: EaoSj2Pk1MK1xU5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: EaoSj2Pk1MK1xU5
.bidr.io/ Name: bito
Value: AAA2aU7DEe0AABe52uxYKw
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAA2aU7DEe0AABe52uxYKw

7 Console Messages

Source Level URL
Text
deprecation warning URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js(Line 1)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74)
Message:
Unrecognized feature: 'conversion-measurement'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00da1edb-ee9b-4f69-5e3f-fb812d6fc600&reqId=36d5e4c4-b84c-4c41-55b1-1113aac92118&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAA2aU7DEe0AABe52uxYKw&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
ajax.googleapis.com
analytics.google.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bn01.er.bemail.it
buttons-config.sharethis.com
c.amazon-adsystem.com
c1.adform.net
cdn-images.win.gg
cdn.admatic.com.tr
cdn.gin.bet
cdn.jsdelivr.net
cdn.oribi.io
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cs.admanmedia.com
cs.choozle.com
csync.loopme.me
d1eoo1tco6rr5e.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsum-sec.casalemedia.com
engine.widespace.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
go.ezodn.com
go.ezoic.net
gu.dyntrk.com
gum.criteo.com
gvl.ezodn.com
gw.oribi.io
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
ih.adscale.de
image6.pubmatic.com
imasdk.googleapis.com
img.youtube.com
insight.adsrvr.org
js.adscale.de
js.cookieless-data.com
l.sharethis.com
live.primis.tech
loadeu.exelator.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
mwzeom.zeotap.com
nexus.ensighten.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
platform-api.sharethis.com
platform-cdn.sharethis.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
primis-d.openx.net
rtb.openx.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.console.adtarget.com.tr
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
video.primis.tech
win.gg
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
ads.stickyadstv.com
cs.admanmedia.com
sync.console.adtarget.com.tr
104.117.200.100
104.89.42.102
104.92.74.8
13.32.22.126
142.250.186.162
143.204.95.188
143.204.97.29
143.204.98.13
15.197.193.217
151.1.205.165
151.101.194.49
162.55.6.211
168.119.146.39
178.162.133.149
178.250.0.163
178.250.2.146
18.156.147.57
18.196.176.125
18.197.253.20
18.198.109.212
185.220.204.220
185.29.132.245
185.33.220.242
185.33.221.15
185.33.221.184
185.64.189.112
185.94.180.123
185.94.180.125
188.132.147.228
198.47.127.19
2.18.233.180
2.21.141.186
2.21.141.232
2.21.142.210
2001:678:cb4:bbbb::11
212.115.110.216
212.82.100.182
213.19.147.45
216.58.212.162
23.22.109.62
2600:9000:2156:c600:2:cb38:840:93a1
2600:9000:223c:5c00:13:c079:7880:93a1
2600:9000:2240:6800:1d:85c3:6640:93a1
2600:9000:224a:2200:c:abe:f440:93a1
2600:9000:224a:aa00:f:4f64:8940:93a1
2600:9000:2251:ea00:12:b1b7:8800:93a1
2606:4700:10::6816:1957
2606:4700:10::ac43:2ac6
2606:4700:20::681a:bd1
2606:4700:3031::6815:496e
2606:4700:3036::ac43:a1d1
2606:4700::6810:5514
2607:ae80:2::48
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:802::2006
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2004
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:fa8:8806:20::2010
2a04:4e42::300
2a05:d018:d29:3601:98f2:3ed0:65d:a543
2a07:180:27b:71f4:967e:7b66:dbda:fbaf
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.123.168.197
3.126.247.238
3.126.56.137
3.127.51.194
3.66.136.156
34.194.30.250
34.240.91.113
34.249.68.36
34.250.210.209
34.98.64.218
34.98.67.61
35.176.195.187
35.186.253.211
35.201.81.244
35.227.248.159
35.244.174.68
35.71.131.137
35.81.242.146
37.157.3.28
37.157.6.253
46.249.52.249
5.178.65.245
5.178.65.252
51.15.145.115
51.178.20.139
51.89.21.30
51.89.9.252
52.46.133.124
52.51.5.121
52.86.83.177
52.94.223.37
54.217.170.69
54.78.254.47
54.88.126.210
54.93.151.69
54.93.203.208
62.209.227.211
66.155.71.150
69.173.144.138
72.251.244.140
89.187.169.47
026b86883e9a229fa0788ba6fb68e51d8dea063a746234c0c0d1c258874c30b0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02b2fadd231227b89a6be9c018ff4e45be4209586784653504d27530f9fd8397
061a92542d7fc14c3451c324b480e101cbcea6926137e62b47f3b42d4e3947ec
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
083a5f6f7ae231895dbddf5f9049032ecab4af6afe64f70b552d6faa0ddfedbd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca7188912ef3473bb7943356daf3909fb28acf076110495dd4eff399334fe70
0d3c4d3ebd4f0144277eed85a99295d62d802ae7f4d90fab87d333d7f6b52eb3
0f0ed4587f01973cf025b4bfc4dfdbb1dbabf8d4c0d3a01e67f65ef9c887970f
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
115ccd207fe3b7633eaa48b7a44f27c163274f2d35d20368a00a40b83d8afbf1
126c2f717e7156d14ab6202014846c69b291675708e42e8168a29b466eb8aebe
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
14fb55f3efed19c359ae87c711b7d7f0280948220e76f2209a3f8032c8476ea6
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
15770468a1704759435695a14f23c4fa7ec3059b1cbd2dd85faf4db3a2eda98b
16910f012ec529e4bef4051c3f178f72302c5ef55973277ba7aa36b5d19b91e2
175c1838f8a29dc3943d08fc552c13a38d0dfcfa1809456f9f60a146c195399c
17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
19f0dd48b789bc96d7f1aa6bfc0d82538cfc0b29bd679ff8e92763bd3d1815e2
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
1f5b6267968f60e8c5f023222caa8cfdd05574076c8ea3740894ef93fd4b8ba3
1f5cb32b860bc09952a7c7257d834997bee174de54db56534af69b13dfa52466
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
24302a009863150046e73b021927c5b2840c4ffbbfbfd3fe05f4cbf42b19fcc0
25d9ec4bd2ed72448c55c80aba80549b5bbf69b23fa96445fb7fd394c8e11098
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
2aee396045e8313003eda4d9b0acc42c7a9cbd7c29b4a32480ba2489baacbecc
2d27694d44fa22602efcc92caf61eff0b9c2bc85455e964f78a092040c1a9592
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb07bc2036b6b6338b8632cdb49566bb1a3fdaa471b628345de4459692362c8
34d421a3b0ead306cef4a445313ca5809756632f7c4ac677ec066ba05be73ec1
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
3729a2dc4375502ab7d1391dfa909b15b3ef4efdd1beef9c2950ad13b732351b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37cf385965c418d9b3ef5d85817f002418404dfdd5d3acb7dbb4ae8c3d7f117b
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
3b176aaa639598399777a9038810cc766df54fcba4e602fb826ce3335d4cf75b
3b21dfd13871087372d536f09d473baf16f741522e7bf830222de7739f06957f
3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c
3e8c7c4773e3e97ad0d9aaf4ab471c5f065f9e9e3f079e3aecb40ad4f10fa693
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4098a1bac66df8c517bb37d59d5a915ac296d00a8526b08d8272f9e2c4e2adc1
416f737d3a2459a6215f3a4ecf5e8b4dbb8227c3af23671b7408c276d2e44ba7
41c802a7decfb590e463570a4394929934d1a62a96f4926718aa67d733065338
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44dc71474fbcd388c4bc5811061cbc6f5e47bfa763bfc6c34ec21b3bb8fd32f7
44e5edcc859742a0b45e017caa75b17dda8810b08b28fea2f900299d5473e075
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a7300bc3d6addbe32fe20ccf8888f19ff2a7e11220552d68579b97c4d0eea8d
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325
4bc7feddf838dc83d0f801f327604a35f7c4d4a16413fd9de85a275459bc2f71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
522b7e3ff459e82d26f3daa82b3f8c8ea0df6d4ff12c981e4dddeaf9c8a25421
53fd83eaca8a5b5d851df8710ee239da10fa09d446e6fa2f4a014bf66a9c8140
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
588fd2ee49372883c884cc6f72b7b5b957d04edf38b2de6707317fa509932fda
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
60e1017c6585464aa240b13f4074ab5ea100dcbdb72615124ff575bcc891a542
61f3dad99daef0667788a692abd99669b5291a5a0da197372b7784765d6dd9ae
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
62c6ababbe88d3d4496203cd685f2b900a0cb382b8e24704ad25e84b8ed80833
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68c7fc28552d6512db2e2dbb761a1df856f4f6b5dbdbc2ae551f05d9ab20dadf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d975e40ad1e951d9d2a87cdc5a82e9be3fe0cf8ac40ebf75d8ebe851957b831
6ebcae6ba16085b0700c2c866566d775af24018d91ccab531df4cb474fe860a9
723efdc024e9d856d94f2ccd152d787bd807295723ac1b819a4d5b6963fbf288
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7940523b8dc250d607eb1c29860132762f634859ba03b88605b2e0a6591b34c5
79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7e0e2fbaa7a89c64df6b30953123d55b39e38cb0933d59425ecb11c9989d477b
81a319202c5a41a82b4a1e0172a87b35172b463467c66ba5feda41ec36ce2cc7
8293bdedd66b50dcaf53d569261107d3eb3c9b18caa18cbe3479b6f037d233c8
875ca1fe8a85b43fefb0206533f96bd56905305e6e0291c0b5284daf07b0c9e9
88c476fb933e732d8d23b1c13aea7186bb93ebed952d72376efcf65a0bc81201
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8c2f6bd59f146f7acd0fe197ad6d91734c9152fc9d085c12dffce65719e0aeab
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dddea515a7535c5f8382cd21e6a362464f3932f4445663f420c1ef0158b0238
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
935b2f1cdbf1af0439e86ecbd0ca09a2b3a91807ae651cf3f840f9237a45a667
968fbcdac55faf8697d9c4ceec7040836f549f345701d44194bc45cd7971ae8a
96ae6a03a75db67d90cdae793dabdb904860f79f05feeaea10a4e09428719763
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
978f80b35fd2704fa1a0cd8ae14eed06c11c3bbf10d151dc1321b3d0888142cc
97e042e763cc2cf729d788a418763a5b8e64ff4dcfb19f204f95266cca6cb596
98385317c6bdcf8c203beeda9c8e4e8dc2622e7d6405a11b2639e5a7a84c1452
9913b8b14b4fc039820519bd3d99077f7110c157c9aa7adf790e19a9665327c6
996f4ac1a650150f7e44b893de304fcfe5c9b1bb7fb146b749610fee94285c68
9b64f85d8068989c158ba9a881e4b5f4971eb769a6ec9ae697f5a0728ba294fb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2f7dfb7d4d1fc2bcb98a82944dced05692dd9b275dc99e3c5f5683a9930ff7c
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4eab981ff34f8cb5ee9a7d114ebe5f28f4e3a390d81276801de1fd4710d3105
a792749b1c0f0fbeceaaa7a55d478e6ec200342af495d6a565478a5d271c0b55
a83bf33080e6fd7aa375b48f11f4ac7b1a186d94a36af178e417cc00d6e09a7d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acd6b107cb468ecf25fbc56512f02601632653c1e77478a349870d901a363586
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60
afa7154724b0a7ce743bf2b11250f9af787a3aeb2b12a6391de669cd06bb5285
b10e0ededb19771ff59098d6ea2c5eada343987160936bf1445ec3549ea63201
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ad72027c2c2de9f78c6d95e70cd3c0a19aa31a2a2735278d86b8512ca2fde7
b3d7100f158f1d8aea27de077461869a54c87dade2792bb616cc76783d591c4f
b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b5b87f36ebb4e2f450a07992b822efd29a80d21c23d179bbbb442710f9d2faf8
b774efff8ebd5dcfed96617d230391466c61abbb0f03ae3ffec0843c790bf818
b98d73c9da43ab088e858bcfadfa96208819a10c743b730ccf229e427655cd82
ba87da3ae2bef11156e0ca6440a0212bba1e6eeb051197095ad32c8be1fa061a
baae3817652bc0a099b24dc2c5fc6991040dcd07fb10fcb64bdd18b344f7301a
bb57bb507f3b53ff7c9e095383e1a646c1bccde197e4291078e7d4bbc478b2c9
bbc6709fc570b771f4ad0a4318851017a99c7a2688a77cde314f5a9efa380cb0
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdb330c6f9f1437527c93b73cdcf04d786b8d802f4d40a4e321a681a0132580c
c043de6ee3f28405d8054af02cd419a5cde55106cd98a5b60d28c757bddc09cb
c10ad7ad72209b5d2ccd624383a0d28ae20b75ff07343c36989e4fd9c767fd1c
c1a86d7c11a5c83b82c7e6f814aff6286a9fe3483b8e0e2c16089370bad4676d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c405bff54b72cd8c34a0993333da350939ef0e4eb370abbbe96da07f7c649ddf
c555bc295bb01f8cf5343bf7e338efa35182951447d9362a01ab618b31935ed4
c7f05437fa4d06d727e447eb25e1194de15f17dc602e0464644613e73af7ffdb
c983bccbfa3aeec262e4469747aaf9d860d93fedcf3ba263c84bd7ef21430234
c9ba955bb5e749f1ffdf4d60245b2625b8c5bc2b71fbbf538335faeec3621fa9
cacd900a2587c234c53e9d0108fc51ff6c61420c4f89a1731014b673a7b9a1a8
caf6362ca050e7d51d7504ebc412a99948a580a37972447db3e711ede38120b0
cc3662d59dc02e7a992f8da286146a1b0825d81ca1a9ebaf041a0f080606b0e5
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cea9c3393f4b0a57475e38dbbff527aca7a3aa2d107b4b4742b937c2507e2063
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1288e3df38ebd0e8a3ca04b6e8ddea2c46bfa3580de1825d815ccc9350f46bd
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d86923070cdd3b26c384dfb89877b54c56cc30ebcaca4b9ef0fefeb935d5c7ef
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
db0de098a35d52631b5026fa7471bd0ab10eed17aa3d46d3466705a5a4101c36
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8bcb64a320b1a2b1e4788b6aaaf8e4ac888a7eb62a66c5e214cc43ce0bb777
dedab5002e651eacc73e03b530c6387021f2b9d0a18e94647c37235fa8d6d009
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0c0c0b607dcddedcb101ac6487d7b5c321a984e25d19bbd24337e7a9b1d6c22
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9dfbbd7c3fd43b5b4ff6fb1979e70617ad33aba9dbd112333ae934704572ed9
ebab19f74d95b1c10457dbf025009438a9479c198c5e96a829c64f4b4298cf46
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ece688f60b3b488b21f3aa30a0a0f7178e6da09b5f67ff98200b09dc69f93e42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d5caf941bfbe38302e7fff6b23973cef5e32304c2c72d85bc601b0e6acbf71
f1eec9308aa07093c74acf7f47b64d93a4890b49d6e7b042096470c45b6fdb0c
f436d7ccb58e150e6cabdc18fed5a45fe1d7835adc4a9e15399f84cdb9e41430
f56ca818087834a737c9427dcf1aca0b5620455e029e2b7c3f95aac4ad8bbf70
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52
fbff3ed0ba29af09e05a3080ffbec67eb6e20ac062535baaef3f660b9557e3f6
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd990a08c039a9d1388b8e182fa25280b71d0ebfe98f21ff93116cf0de7469d6
fe1d9d6a59ca420393fe9918c207d04a09e28bb98976edbc58e1a179b0abc405