urlscan.io logo urlscan.io
SecurityTrails logo

unimedia.info Open in urlscan Pro
151.101.130.207  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://unimedia.info/
Effective URL: https://unimedia.info/
Submission: On October 23 via api from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 14 countries across 52 domains to perform 475 HTTP transactions. The main IP is 151.101.130.207, located in United States and belongs to FASTLY, US. The main domain is unimedia.info.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on September 3rd 2021. Valid for: a year.
This is the only time unimedia.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 151.101.130.207 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
32 2a00:1450:400... 15169 (GOOGLE)
10 142.250.184.194 15169 (GOOGLE)
8 146.59.21.22 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1148:db0... 47764 (MAILRU-AS...)
105 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.101.2.207 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 128.140.224.228 5606 (GTS-BACKB...)
6 2a03:2880:f02... 32934 (FACEBOOK)
14 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 40.118.27.163 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f12... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 87.240.190.78 47541 (VKONTAKTE...)
1 2a00:1450:400... 15169 (GOOGLE)
3 11 2a02:6b8::1:119 208722 (YNDX)
1 2a00:1450:400... 15169 (GOOGLE)
3 37.187.155.55 16276 (OVH)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 87.240.129.135 47541 (VKONTAKTE...)
2 185.59.220.199 60068 (CDN77 ^_^)
6 2a00:1450:400... 15169 (GOOGLE)
5 56 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
3 217.79.188.59 24961 (MYLOC-AS ...)
6 217.79.188.54 24961 (MYLOC-AS ...)
7 2a00:1450:400... 15169 (GOOGLE)
9 16 142.250.185.162 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
3 4 185.33.220.244 29990 (ASN-APPNEX)
2 3 35.244.159.8 15169 (GOOGLE)
2 184.31.88.106 16625 (AKAMAI-AS)
2 3 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
6 6 18.159.140.98 16509 (AMAZON-02)
6 8 18.156.0.31 16509 (AMAZON-02)
2 199.187.193.185 47043 (SMARTADSE...)
3 138.201.84.252 24940 (HETZNER-AS)
3 138.201.220.30 24940 (HETZNER-AS)
1 4 138.201.63.116 24940 (HETZNER-AS)
1 4 136.243.149.243 24940 (HETZNER-AS)
1 4 138.201.63.150 24940 (HETZNER-AS)
1 4 178.63.52.121 24940 (HETZNER-AS)
1 4 138.201.63.149 24940 (HETZNER-AS)
1 4 138.201.84.244 24940 (HETZNER-AS)
3 6 142.250.186.166 15169 (GOOGLE)
8 10 104.111.239.217 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:224... 16509 (AMAZON-02)
4 6 51.178.130.209 16276 (OVH)
2 2 80.158.66.20 34086 (SCZN-AS)
4 85.114.131.234 24961 (MYLOC-AS ...)
1 2 145.239.193.130 16276 (OVH)
1 178.79.242.245 22822 (LLNW)
1 2600:9000:223... 16509 (AMAZON-02)
6 37.157.6.246 198622 (ADFORM)
1 88.198.250.30 24940 (HETZNER-AS)
1 54.76.176.197 16509 (AMAZON-02)
14 37.157.6.235 198622 (ADFORM)
2 51.68.117.182 16276 (OVH)
4 52.218.24.218 16509 (AMAZON-02)
475 74
10    151.101.130.207 (United States)

ASN54113 (FASTLY, US)
unimedia.info
4    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
32    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
8    146.59.21.22 (Norway)

ASN16276 (OVH, FR)
PTR: ip22.ip-146-59-21.eu
gemius.mgr.consensu.org
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
4    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
105    2606:4700:3037::ac43:a702 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.digita.media
1    151.101.2.207 (United States)

ASN54113 (FASTLY, US)
b.marfeelcache.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    128.140.224.228 (Romania)

ASN5606 (GTS-BACKBONE GTS Telecom, RO)
gamd.hit.gemius.pl
6    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
14    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
13    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
encrypted-tbn2.gstatic.com
2    40.118.27.163 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.privesc.eu
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
5    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:4700:20::681a:5b1 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.privesc.eu
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com
vk.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
11    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    37.187.155.55 (France)

ASN16276 (OVH, FR)
PTR: ns322005.ip-37-187-155.eu
api.unimedia.info
10    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    87.240.129.135 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv135-129-240-87.vk.com
login.vk.com
2    185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-722.bunnyinfra.net
do.privesc.eu
6    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
56    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
9    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
15    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
3    217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
6    217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
ad13.adfarm1.adition.com
7    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
4    185.33.220.244 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    184.31.88.106 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com
sync.teads.tv
3    185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
6    18.159.140.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-140-98.eu-central-1.compute.amazonaws.com
pixel.advertising.com
8    18.156.0.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
3    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal9000.redintelligence.net
3    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
ad.ad-srv.net
4    138.201.63.116 (Heppenheim an der Bergstrasse, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal90004.redintelligence.net
4    136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de
hal900030.redintelligence.net
4    138.201.63.150 (Heppenheim an der Bergstrasse, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
4    178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de
ad20.ad-srv.net
4    138.201.63.149 (Heppenheim an der Bergstrasse, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
ad9.ad-srv.net
4    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
ad26.ad-srv.net
6    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
5994599.fls.doubleclick.net
10    104.111.239.217 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    2600:9000:2240:4600:c:6264:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)
htlp.emp.de
6    51.178.130.209 (France)

ASN16276 (OVH, FR)
PTR: ns3169999.ip-51-178-130.eu
creative.mlsat02.de
tracking.mlsat02.de
2    80.158.66.20 (Germany)

ASN34086 (SCZN-AS, DE)
ebs08.telekom.de
4    85.114.131.234 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de
cdn.contentspread.net
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    178.79.242.245 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-242-245.fra.llnw.net
asset.conrad.com
1    2600:9000:223e:f800:13:99a2:1280:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.acfrg.com
6    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
14    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    51.68.117.182 (France)

ASN16276 (OVH, FR)
aaa.artefact.com
4    52.218.24.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com
rechtstexte.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
105 digita.media
cdn.digita.media
10 MB
100 googlesyndication.com
pagead2.googlesyndication.com
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
tpc.googlesyndication.com
681 KB
46 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
5994599.fls.doubleclick.net
302 KB
45 gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.gstatic.com
986 KB
20 adform.net
track.adform.net
s1.adform.net
227 KB
15 ad-srv.net
ad.ad-srv.net
ad20.ad-srv.net
ad9.ad-srv.net
ad26.ad-srv.net
20 KB
15 redintelligence.net
hal9000.redintelligence.net
hal90004.redintelligence.net
hal900030.redintelligence.net
hal90008.redintelligence.net
31 KB
15 google.com
adservice.google.com
cse.google.com
www.google.com
116 KB
13 unimedia.info
unimedia.info
api.unimedia.info
1 MB
11 googletagservices.com
www.googletagservices.com
403 KB
9 yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
8 KB
9 adition.com
imagesrv.adition.com
ad13.adfarm1.adition.com
33 KB
9 yandex.com
mc.yandex.com
3 KB
9 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
101 KB
8 awin1.com
www.awin1.com
4 KB
8 consensu.org
gemius.mgr.consensu.org
78 KB
6 mlsat02.de
creative.mlsat02.de
tracking.mlsat02.de
3 KB
6 advertising.com
pixel.advertising.com
2 KB
6 facebook.net
connect.facebook.net
304 KB
5 facebook.com
www.facebook.com
901 B
5 privesc.eu
www.privesc.eu
storage.privesc.eu
do.privesc.eu
63 KB
4 amazonaws.com
rechtstexte.s3.amazonaws.com
172 KB
4 contentspread.net
cdn.contentspread.net
160 KB
4 adnxs.com
ib.adnxs.com
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 google-analytics.com
www.google-analytics.com
74 KB
4 mail.ru
ad.mail.ru
187 KB
4 cloudflare.com
cdnjs.cloudflare.com
149 KB
3 spotxchange.com
sync.search.spotxchange.com
2 KB
3 openx.net
us-u.openx.net
829 B
3 onesignal.com
cdn.onesignal.com
onesignal.com
73 KB
2 artefact.com
aaa.artefact.com
2 KB
2 medialead.de
pv.medialead.de
3 KB
2 telekom.de
ebs08.telekom.de
1 KB
2 zenaps.com
www.zenaps.com
1 KB
2 smartadserver.com
rtb-csync.smartadserver.com
326 B
2 teads.tv
sync.teads.tv
344 B
2 yandex.ru
mc.yandex.ru
65 KB
2 vk.com
vk.com
login.vk.com
23 KB
2 google.de
adservice.google.de
www.google.de
1 KB
2 googletagmanager.com
www.googletagmanager.com
64 KB
1 ad-server.eu
ad-server.eu
22 KB
1 media01.eu
pb.media01.eu
627 B
1 acfrg.com
media.acfrg.com
12 KB
1 conrad.com
asset.conrad.com
38 KB
1 emp.de
htlp.emp.de
3 KB
1 conrad.de
www.conrad.de
710 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
20 KB
1 googleadservices.com
partner.googleadservices.com
407 B
1 gemius.pl
gamd.hit.gemius.pl
11 KB
1 jsdelivr.net
cdn.jsdelivr.net
21 KB
1 marfeelcache.com
b.marfeelcache.com
760 B
475 52
Domain Requested by
105 cdn.digita.media unimedia.info
56 tpc.googlesyndication.com 5 redirects 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
32 pagead2.googlesyndication.com unimedia.info
pagead2.googlesyndication.com
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
16 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
14 s1.adform.net tracking.mlsat02.de
s1.adform.net
unimedia.info
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
unimedia.info
12 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
11 www.googletagservices.com 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
10 www.google.com unimedia.info
cse.google.com
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 unimedia.info 1 redirects unimedia.info
9 encrypted-tbn1.gstatic.com 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
9 encrypted-tbn0.gstatic.com 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
9 encrypted-tbn2.gstatic.com 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
9 mc.yandex.com 2 redirects unimedia.info
mc.yandex.ru
9 securepubads.g.doubleclick.net unimedia.info
securepubads.g.doubleclick.net
8 www.awin1.com 6 redirects ad20.ad-srv.net
ad26.ad-srv.net
8 ups.analytics.yahoo.com 6 redirects googleads.g.doubleclick.net
8 gemius.mgr.consensu.org unimedia.info
gemius.mgr.consensu.org
7 fonts.gstatic.com fonts.googleapis.com
6 track.adform.net ad20.ad-srv.net
ad26.ad-srv.net
s1.adform.net
6 5994599.fls.doubleclick.net 3 redirects unimedia.info
6 pixel.advertising.com 6 redirects
6 ad13.adfarm1.adition.com 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
ad13.adfarm1.adition.com
6 encrypted-tbn3.gstatic.com 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
6 fonts.googleapis.com 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
gemius.mgr.consensu.org
6 connect.facebook.net unimedia.info
connect.facebook.net
www.privesc.eu
5 www.gstatic.com 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
5 www.facebook.com unimedia.info
www.privesc.eu
4 rechtstexte.s3.amazonaws.com ad20.ad-srv.net
ad26.ad-srv.net
4 cdn.contentspread.net hal900030.redintelligence.net
hal90004.redintelligence.net
hal90008.redintelligence.net
ad9.ad-srv.net
4 tracking.mlsat02.de 2 redirects ad20.ad-srv.net
ad26.ad-srv.net
4 ad26.ad-srv.net 1 redirects 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
ad26.ad-srv.net
4 ad9.ad-srv.net 1 redirects 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
ad9.ad-srv.net
4 ad20.ad-srv.net 1 redirects 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
ad20.ad-srv.net
4 hal90008.redintelligence.net 1 redirects 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
hal90008.redintelligence.net
4 hal900030.redintelligence.net 1 redirects 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
hal900030.redintelligence.net
4 hal90004.redintelligence.net 1 redirects 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
hal90004.redintelligence.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.privesc.eu
4 ad.mail.ru unimedia.info
ad.mail.ru
4 cdnjs.cloudflare.com unimedia.info
www.privesc.eu
3 ad.ad-srv.net unimedia.info
3 hal9000.redintelligence.net 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
3 imagesrv.adition.com 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
3 api.unimedia.info cdn.jsdelivr.net
3 ajax.googleapis.com www.privesc.eu
hal900030.redintelligence.net
hal90004.redintelligence.net
2 aaa.artefact.com ad20.ad-srv.net
ad26.ad-srv.net
2 pv.medialead.de 1 redirects ad9.ad-srv.net
2 ebs08.telekom.de 2 redirects
2 creative.mlsat02.de 2 redirects
2 www.zenaps.com 2 redirects
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 sync.teads.tv googleads.g.doubleclick.net
2 do.privesc.eu cdnjs.cloudflare.com
2 mc.yandex.ru 1 redirects unimedia.info
2 www.privesc.eu unimedia.info
ajax.googleapis.com
2 cdn.onesignal.com unimedia.info
cdn.onesignal.com
2 www.googletagmanager.com unimedia.info
1 ad-server.eu ad9.ad-srv.net
1 pb.media01.eu pv.medialead.de
1 media.acfrg.com ad9.ad-srv.net
1 asset.conrad.com ad9.ad-srv.net
1 htlp.emp.de ad9.ad-srv.net
1 www.conrad.de ad9.ad-srv.net
1 ads.yahoo.com googleads.g.doubleclick.net
1 login.vk.com vk.com
1 www.google.de unimedia.info
1 stats.g.doubleclick.net www.google-analytics.com
1 cse.google.com unimedia.info
1 vk.com ad.mail.ru
1 storage.privesc.eu www.privesc.eu
1 maxcdn.bootstrapcdn.com www.privesc.eu
1 partner.googleadservices.com pagead2.googlesyndication.com
1 onesignal.com cdn.onesignal.com
1 adservice.google.de securepubads.g.doubleclick.net
1 gamd.hit.gemius.pl unimedia.info
1 cdn.jsdelivr.net unimedia.info
1 b.marfeelcache.com unimedia.info
475 82
Subject Issuer Validity Valid
www.unimedia.info
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-09-03 -
2022-10-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
gemius.mgr.consensu.org
Sectigo RSA Domain Validation Secure Server CA		 2021-06-28 -
2022-07-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
live.mrf.io
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-09-03 -
2022-10-05		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.privesc.eu
GoGetSSL RSA DV CA		 2021-10-21 -
2022-11-21		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
api.unimedia.info
R3		 2021-10-12 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
do.privesc.eu
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2021-04-15 -
2022-05-17		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2021-05-21 -
2022-06-22		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
redintelligence.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
ad-srv.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.conrad.de
Cloudflare Inc ECC CA-3		 2021-05-17 -
2022-05-16		 a year crt.sh
htlp.emp.de
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
tracking.mlsat02.de
Sectigo RSA Organization Validation Secure Server CA		 2019-09-06 -
2021-12-04		 2 years crt.sh
contentspread.net
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
pv.medialead.de
R3		 2021-10-23 -
2022-01-21		 3 months crt.sh
asset.conrad.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-21 -
2022-08-20		 a year crt.sh
*.acfrg.com
Amazon		 2021-01-14 -
2022-02-12		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
ad-server.eu
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
aaa.artefact.com
R3		 2021-09-25 -
2021-12-24		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh

This page contains 50 frames:

Primary Page: https://unimedia.info/
Frame ID: F60AB10AC09D6703D5DCAD463D8B179C
Requests: 168 HTTP requests in this frame

Frame: https://gemius.mgr.consensu.org/cmp/storage.html
Frame ID: 157DBA352C3E0A1B3C11E7860DED1443
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: EFBE3EDD7731B1A827DE2EDB3CB392A7
Requests: 1 HTTP requests in this frame

Frame: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Frame ID: 09F470871B602F49FEFA4D548C6C0049
Requests: 20 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: 077BD0DA8F32754D521FF3477EB9829A
Requests: 3 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C537FB503C48FC469BCC30C459989601
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4099920091210488&output=html&adk=1812271804&adf=3025194257&lmt=1634980027&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funimedia.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634980026457&bpp=12&bdt=362&idt=551&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6073373759706&frm=20&pv=2&ga_vid=1973445823.1634980027&ga_sid=1634980027&ga_hid=1297724272&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063229%2C31062524&oid=2&pvsid=3655010383876501&pem=570&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=569
Frame ID: 25E1115B91EFE90AB68040D2B6FC622B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4EA98024199BDA765852DF46805E5468
Requests: 1 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 323D8FD670DB52953BAE99EEC97A361E
Requests: 17 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F641F046EE7379673F3027C800BD0EB
Requests: 20 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DB216DAA6F80A261DF506100EEF638E8
Requests: 18 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D79D03CDD2C2CF17F98453004D42EC3A
Requests: 14 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 86DD5B12BF78060BC39972CA1575A4CE
Requests: 23 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5CEA1FC1A57B4E0CB6CFBC54CBE0E021
Requests: 19 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 83B55ECB305D9456FFDCC5460F0F8BD4
Requests: 11 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60BDCA984CF4E3FD6C9E9632C1C88782
Requests: 15 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1185A3378A3763D5A3719C96BD2A355B
Requests: 11 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D25214C7B017832688DE3C700EB82A1
Requests: 11 HTTP requests in this frame

Frame: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7EF878CD9B0300A983726037C39E2C7B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNU63aM3r1aPwWhrDIbN4BLok13VXxSELKL52WeXj0EVvL_LilDsKImlkIx4txl3WzYrYowqUaRf576swsRy3fwh7bptyCtzR-nxhtZrXlsokVQSWmpciuvF0M_6mQ5nAO7okhkQ-WVnmIHZuEJoj3QGBSTwC7FfAU1mFMAMg8Zu5K5t0Hs
Frame ID: E99FE5C33CE092C2B7D396EC195FA343
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNW4vT6X-CKazmMHc-vU_LvnzF_x1lX8JUX566uFSai45x1hebwrmVMZztg71H38aaoe1ar1LETj8sjYLsDMKRTKUyTV-xypQqs4r0n6H8iy4FPhLfqkJWnNCxTFUppJeIQ-Z-VApJz5IIUQLKMqr2OY0HdqaYQIL5S3vnsWOPsDUkoHSXc
Frame ID: AF40A015690FA14F22455CF23A1DC9BF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNVB5nJZSeBbIbFwiKMPHiRGsiJFZn5PalWrMlWdcNXaDHmvyQOqmCrsQoueso2007PyoWQbY2b6Uzs1881ceZEY-fq4ZEUzgAfWinmUS6vUuHJ1hNZvtvRC4LrZvh2tItqm3yt31ZVeV2Pi6kKPsDanRL3mpPN9ad2JpR-Ecz1j7IRd860
Frame ID: 7443BCCBC7933DAB1E76D6585FD92FDE
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNXpyak69zJk0nVV39KDz1hq_DFNaXYt6NX1QudfKSOBmiYt_YfWIIhrpSwZkRaax4gGFMPLxLxUxj3-0AiEvdfHGCpER0e5LJYa4_MO3TOvJbCSC35RUzEKo88C7dKIvmuCMe1KHGZblTg5h1Yc7lo6wMJQ8cvGmKzAe-zJDKxFVorbmTE
Frame ID: 26F361590E7E11C8BA6F431614CE08C1
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNVpqYGkRreOv_E-A0xnupYEAwKHRmneukEfvTyZVHOeKQRTTOAvYYYPlC7r6IDUmeYom_j9pjEKRJPRTpTUB6ZfmcdxNG5BxjherNKVb745Wq6cyw3boXHNjkzou4kP3AIK3vKrnwVqsJfbuRIx-DzWUyhW6-FrKag1I8a88-hFgx-sB5c
Frame ID: 1472D2B0C3CBF9E2BA2941BE47B5291B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNWM7lXZ0mdKqGwKf2o1AI2HfaaqvCNwnv9ww03XY5ACJ07m3LsQQQiMoFM80hF2SFNVCPTrfbg_HpyZlNcM1lCZc2PrAzjMZUZDamkq95VEg_qXMHlorg4kdw3ZWulJq4Lg-sbsHzN7uq46aj3O-B7txakhNlvKz3oXMbIfmMtBjKbthCc
Frame ID: 56B812F3ED02FABD69F5E63A8745C939
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=cyrillic,cyrillic-ext,latin-ext
Frame ID: 8E18EA2357C2C29215A91DC439809AFB
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0E2D773718308F03BACFD433B7DACFE8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C92A3B4A78818381BEAB3E7C6DC8ADDA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5A0ED5D2191ECFD46BF4C98F3386A265
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 06BF703A4B142752835081DC8332C100
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C07C35AF3315DA4958B3661B5DB5ADB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 61ADED5BD054F0A46C03EA83433A6221
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624
Frame ID: 33206B5286644C447DB73F7ABE4BEC06
Requests: 2 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=52064900045090200710586011756030&a=cbae9ef7
Frame ID: A13A8ABB8034BD1EBD37696FD8BE72D7
Requests: 5 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831
Frame ID: 3138AC9349F8819EF73808FDD31283DD
Requests: 2 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=71774900049484600710618011756004&a=5251b442
Frame ID: 4ACA49F2319498E726D26B62A19D6BB9
Requests: 5 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868
Frame ID: 5961EC6F39FE710B35553742DEAACCCD
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=29298500047020000710586011756008&a=2272884f
Frame ID: 1882A4E9D0AE0873931B668FAFCFC77B
Requests: 4 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_473322_1634980029_9a84fb60-33e0-11ec-bb42-2234d33d3970&insert=AW
Frame ID: AD279BA12934FED86DE4A77E9B157C02
Requests: 1 HTTP requests in this frame

Frame: https://htlp.emp.de/
Frame ID: 9C8607D77B0F8958831E9DFCB91E63DF
Requests: 1 HTTP requests in this frame

Frame: https://ad9.ad-srv.net/request_content.php?s=67107700042231300383830011756009&a=dfa24774
Frame ID: 0CD55D4AAE296E8F5A60EB2C04B8C57B
Requests: 7 HTTP requests in this frame

Frame: https://tracking.mlsat02.de/onepixel.gif
Frame ID: 71B21CE51EE4699E6E09C45B605F4051
Requests: 1 HTTP requests in this frame

Frame: https://ad20.ad-srv.net/request_content.php?s=30456700051313300383830011756020&a=5cdd9d69
Frame ID: 7A09751DFCA24179345D3C3B9C5AAA73
Requests: 9 HTTP requests in this frame

Frame: https://tracking.mlsat02.de/onepixel.gif
Frame ID: 519E4BCA794581ACDE69F92B08E273DC
Requests: 1 HTTP requests in this frame

Frame: https://ad26.ad-srv.net/request_content.php?s=87197800043783900383830011756026&a=2fe72ffb
Frame ID: 5025757C5FD76D1802E86789351FAE88
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=67107700042231300383830011756009&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: DBE3D4EB0AB7856794DD5028D9D84D33
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2068258/9645720/9645720.js?ADFassetID=9645720&bv=514
Frame ID: CEEEC722897147DDE0E4534538678C3E
Requests: 8 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2068258/10268334/10268334.js?ADFassetID=10268334&bv=514
Frame ID: 86F9F6564AD0E686FCEE39A13DEB7B61
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5F8FAA8ABBA39553434606C3F4AC625E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B9A11AD5A33FEE438FB4C87A5DC6F70
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UNIMEDIA - Portalul de știri nr. 1 din Moldova

Page URL History Show full URLs

  1. http://unimedia.info/ HTTP 301
    https://unimedia.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

475
Requests

99 %
HTTPS

44 %
IPv6

52
Domains

82
Subdomains

74
IPs

14
Countries

15982 kB
Transfer

22411 kB
Size

57
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://unimedia.info/ HTTP 301
    https://unimedia.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 171
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9435.06pnzvN_1OZf-US5LwUjapx8pPPrSiCwSi1aT68tE-vL2V3eAnvrg6u21N4ThPLZ.cVgAjUQy8MW4JUR-CCaoGsobm4A%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9435.cZzVVQNIcI31pWuaRXm-STRfTN037ydlXLlB34LpE2xWP_ybdoO8OBzen9Iu42en8K7vEgMBxBNCTqVot5NxpA%2C%2C.QvRAz-nnE1l9bFG-Q3Mi1dPbJbE%2C
Request Chain 214
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw HTTP 301
  • https://tpc.googlesyndication.com/simgad/14978601946328591918
Request Chain 223
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw HTTP 301
  • https://tpc.googlesyndication.com/simgad/14978601946328591918
Request Chain 224
  • https://mc.yandex.com/watch/50509831?wmode=7&page-url=https%3A%2F%2Funimedia.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A308%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1173148516332%3Ahid%3A669207884%3Az%3A0%3Ai%3A202101023090707%3Aet%3A1634980028%3Ac%3A1%3Arn%3A31364168%3Arqn%3A1%3Au%3A1634980028802397076%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634980026009%3Ads%3A0%2C35%2C25%2C11%2C21%2C0%2C%2C1162%2C2%2C%2C%2C%2C1247%3Adsn%3A0%2C36%2C24%2C12%2C21%2C0%2C%2C1154%2C1%2C%2C%2C%2C1247%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634980028%3At%3AUNIMEDIA%20-%20Portalul%20de%20%C8%99tiri%20nr.%201%20din%20Moldova&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/50509831/1?wmode=7&page-url=https%3A%2F%2Funimedia.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A308%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1173148516332%3Ahid%3A669207884%3Az%3A0%3Ai%3A202101023090707%3Aet%3A1634980028%3Ac%3A1%3Arn%3A31364168%3Arqn%3A1%3Au%3A1634980028802397076%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634980026009%3Ads%3A0%2C35%2C25%2C11%2C21%2C0%2C%2C1162%2C2%2C%2C%2C%2C1247%3Adsn%3A0%2C36%2C24%2C12%2C21%2C0%2C%2C1154%2C1%2C%2C%2C%2C1247%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634980028%3At%3AUNIMEDIA%20-%20Portalul%20de%20%C8%99tiri%20nr.%201%20din%20Moldova&t=gdpr%2814%29ti%282%29
Request Chain 281
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi HTTP 301
  • https://tpc.googlesyndication.com/simgad/9074747796639100022
Request Chain 292
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi HTTP 301
  • https://tpc.googlesyndication.com/simgad/9074747796639100022
Request Chain 299
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw HTTP 301
  • https://tpc.googlesyndication.com/simgad/14978601946328591918
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfYAYasgxZ1VVoDUr--FoM&google_cver=1
Request Chain 335
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPQvM2S.731FgYPEViskgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfYAYasgxZ1VVoDUr--FoM&google_cver=1&google_hm=2
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKSIXkphZr7DbBARQb1cM_w&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKSIXkphZr7DbBARQb1cM_w%26google_cver%3D1
Request Chain 337
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0MjMxNTMzMjgyNDQxODA3Mw%3D%3D
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECD1TdgjJtlHVFh7n1ExxoM&google_cver=1
Request Chain 345
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODM4NmNlMDQtOWZiYS0yOGNjLWZlZDAtOWU3MDliNTU4NDQ2
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEto-DNUQMzMZN9pQ5hP9AY&google_cver=1
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBU7lhv6biynT3vueMP-GnQ&google_cver=1
Request Chain 349
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=99dbbe81-33e0-11ec-a2be-125b01370506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTlkYmJlNDEtMzNlMC0xMWVjLWEyYmUtMTI1YjAxMzcwNTA2
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
Request Chain 352
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5OWQxYjFlZS0zM2UwLTExZWMtYjI2MS0wMmJhZjc1ZTAwZjQ%3D
Request Chain 353
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS11OXNoQVpkRTJ1R1g3ZGx1MU9STTAuT1RuQkh2LkFFbX5B
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
Request Chain 359
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5OWQxYjFlZS0zM2UwLTExZWMtYjI2MS0wMmJhZjc1ZTAwZjQ%3D
Request Chain 360
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS11OXNoQVpkRTJ1R1g3ZGx1MU9STTAuT1RuQkh2LkFFbX5B
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJSs3-clz2EQJB41XGGeBlU&google_cver=1
Request Chain 387
  • https://hal90004.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=066588df6d&subid=&uid=b02af2ae0a705f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVzCqu9BzYZLUAf-yx_AP37-a2A-1zfmDV9zcuavlDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgSRAk_Q9ExBnr_DVTqWn0SZMO_dD_iOWnkjmFPpIsoh1YHOkQ5VUyu0gMVXJyWFF2hB2VXXhWSPKYuQ8buISNODAqDX0Xdyazs-jGZkCKBArf37CyR6SFhSK8ULdDjZffTBguK_3j3cSfM77YzYW5gA_50285y57NXGdnae4Db-un5JGU-PAETdef05WwAYtm1weJMgXvNpYNbzTvZCQ0BecMbDBpuc4jNhpXMDXxUnEJVmi--tDCD5lO7f-Bt2nU_Sl8MazwWFQA7XkP-cDYQoxYOEk6pufj8sm_XchA0lwy0uRbifW2QGzxi49J0sPY4buFUIox-AgCJ3VeRYg9szS7b0foMqB0QTyZNrnFTTb4SLUcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGAgTdaf2x9FbimiBPhd9qFmL_g%26sig%3DAOD64_0i3JgxmK93XyVezZFUPFjNjP0Sdg%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-DJ7V-NiUm-mhElTwOEKWntcse1-44lD2Wjq8OdbaxINHFzBOvpYDLpvtqqnO40NsTCsEREEXb8LnMQjHBtpK1PoIfpnahLbO_CGZcGHYqSaTUrOxgfjrtGsWhIn_Lvz0N9xVbVgodhVTx9u9TWyDIPWLVZLQ%26cry%3D1%26dbm_d%3DAKAmf-BJV9t0WbKkTmnDBOiLNaBOLFPUx14iiwK_bhOS3RNu41Ev9_ejQZQWjUkiv0_qW1oByFj6csf3BKcxLBsE6ZrmthW_weQZ4tYkygRG5-d8jyz1Hu7YnaJjE6bhISqKYEYfVz2lxy7hVd59_3Hoj0n64UEsCarYSE5L-BpqfEhFfJUQbN9Rtw1ljPxo4PYA8AYBNjM7KWx0yPHS2qJlFWw6vwrW7Y6Xx1nICZkFTrX8lMBFj3xCthqqeoaWHjtfM7958j7iyHUW_lW669BSDgsn0cBmyNchc2sOl6dS5FcKUL8ObY2gUjiqWR0_v_jVugTFlB5i5-mUonFT7iw1tkRi36JH52aPjhbJMEvS9eC_7MnDhN4DePG5eJyMg7bB1WTnk3vRTz923pFSd3pxXlgUitnLWGBwbMvWMTVgppQgtAGiVcamYzJvE6G_mmj5JcMUCsjJ%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=276268514023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90004.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=066588df6d&subid=&uid=b02af2ae0a705f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVzCqu9BzYZLUAf-yx_AP37-a2A-1zfmDV9zcuavlDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgSRAk_Q9ExBnr_DVTqWn0SZMO_dD_iOWnkjmFPpIsoh1YHOkQ5VUyu0gMVXJyWFF2hB2VXXhWSPKYuQ8buISNODAqDX0Xdyazs-jGZkCKBArf37CyR6SFhSK8ULdDjZffTBguK_3j3cSfM77YzYW5gA_50285y57NXGdnae4Db-un5JGU-PAETdef05WwAYtm1weJMgXvNpYNbzTvZCQ0BecMbDBpuc4jNhpXMDXxUnEJVmi--tDCD5lO7f-Bt2nU_Sl8MazwWFQA7XkP-cDYQoxYOEk6pufj8sm_XchA0lwy0uRbifW2QGzxi49J0sPY4buFUIox-AgCJ3VeRYg9szS7b0foMqB0QTyZNrnFTTb4SLUcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGAgTdaf2x9FbimiBPhd9qFmL_g%26sig%3DAOD64_0i3JgxmK93XyVezZFUPFjNjP0Sdg%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-DJ7V-NiUm-mhElTwOEKWntcse1-44lD2Wjq8OdbaxINHFzBOvpYDLpvtqqnO40NsTCsEREEXb8LnMQjHBtpK1PoIfpnahLbO_CGZcGHYqSaTUrOxgfjrtGsWhIn_Lvz0N9xVbVgodhVTx9u9TWyDIPWLVZLQ%26cry%3D1%26dbm_d%3DAKAmf-BJV9t0WbKkTmnDBOiLNaBOLFPUx14iiwK_bhOS3RNu41Ev9_ejQZQWjUkiv0_qW1oByFj6csf3BKcxLBsE6ZrmthW_weQZ4tYkygRG5-d8jyz1Hu7YnaJjE6bhISqKYEYfVz2lxy7hVd59_3Hoj0n64UEsCarYSE5L-BpqfEhFfJUQbN9Rtw1ljPxo4PYA8AYBNjM7KWx0yPHS2qJlFWw6vwrW7Y6Xx1nICZkFTrX8lMBFj3xCthqqeoaWHjtfM7958j7iyHUW_lW669BSDgsn0cBmyNchc2sOl6dS5FcKUL8ObY2gUjiqWR0_v_jVugTFlB5i5-mUonFT7iw1tkRi36JH52aPjhbJMEvS9eC_7MnDhN4DePG5eJyMg7bB1WTnk3vRTz923pFSd3pxXlgUitnLWGBwbMvWMTVgppQgtAGiVcamYzJvE6G_mmj5JcMUCsjJ%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=276268514023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 389
  • https://hal900030.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=c0abe3fb0f&subid=&uid=074284f2ba4e9c79&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHFqmu9BzYZbUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QjhzmxoJlWygA_kC97XxKQexT4Nw00vUIlWWGhjO8UYNfJMzHJD6snmi9uT67MYS6YQmXvxuRJQmVKQOotEgxlgIWFLzOdYQk5IXopMLOXOkfH5CGyIr4no7Os11FolhrlSKAVGj0y3cO_OjrOu-H-YuVY_xk0M8IIzTNVP97gwKm0AxXYPuXk2yLkVgl3DO5-hPBhd0Kj_60irQuCNbGuwZ1WQQqPUxMZAaWy8faepcwDA2_Y1y5wbV2ww44Ywttmgxvi6BwzRrx5qOqy6Bq8EeV0ZSqm0NUdJv6A_oCW_6gQ3P7JOOJZQf04Gp-QAR-QsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaQvfxYpWD9PSbRhLMyPRA5FkYg%26sig%3DAOD64_3KHE7mRTY_yBpSJSwtg8fyO0tORw%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AE1cBJK2PGdKP-_eYgh3az_kNqx-ImjUM6CNmtNwHOkfhfj-DvDlKxF2EjvH8f5APk5lxkoMkHLKEs7ZGuVALfpGPysrOwxJyGm-AawmYOlxQtxO95uoSUsrvVI9vrm6rjSaUgvraz2QrB5XaTe6M86VuDZw%26cry%3D1%26dbm_d%3DAKAmf-AG-H26x37iWOIl8toL8mRrkZtinXCn4t4Xc1czTdKbtdDPrrf8s6XxwrNniG0OUzKP5dOotyBqRBnQKSJjq8nD1mXXJgAPnNlWFPM0NxhcnAxYzidPrylPiAe5kTMIMt2tG-xnl5ugMPOat3WE3JpswlGtJ-K22eoGQu0LBymf4kHVAyrVQ5WGtouwNGYDN-8nF2xyvHHgwdU_SgKwYk7WG77hJiTykewe3Ahn6b0wLFDotcjJFNuMvDgLBW0N2E-pbDFdH7wDsUdczVf2RqKxIJcTBm0cZ2Ar9LQ9ZHNhUt6Ptf3okqfcX2ViIzuwIxZm0W46ARRKmnQzaEsrvtr1E7MKeiew4Dxz8d7h6ZepLI8V15Qib7IDw4_RR3CzgjM651uajlMt_sVAevTGR9mr6wfIe0O9fyzu7Edv-PykJO01fdXigf5E15pR-UxrlPOjkS8i%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2145718163421&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900030.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=c0abe3fb0f&subid=&uid=074284f2ba4e9c79&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHFqmu9BzYZbUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QjhzmxoJlWygA_kC97XxKQexT4Nw00vUIlWWGhjO8UYNfJMzHJD6snmi9uT67MYS6YQmXvxuRJQmVKQOotEgxlgIWFLzOdYQk5IXopMLOXOkfH5CGyIr4no7Os11FolhrlSKAVGj0y3cO_OjrOu-H-YuVY_xk0M8IIzTNVP97gwKm0AxXYPuXk2yLkVgl3DO5-hPBhd0Kj_60irQuCNbGuwZ1WQQqPUxMZAaWy8faepcwDA2_Y1y5wbV2ww44Ywttmgxvi6BwzRrx5qOqy6Bq8EeV0ZSqm0NUdJv6A_oCW_6gQ3P7JOOJZQf04Gp-QAR-QsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaQvfxYpWD9PSbRhLMyPRA5FkYg%26sig%3DAOD64_3KHE7mRTY_yBpSJSwtg8fyO0tORw%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AE1cBJK2PGdKP-_eYgh3az_kNqx-ImjUM6CNmtNwHOkfhfj-DvDlKxF2EjvH8f5APk5lxkoMkHLKEs7ZGuVALfpGPysrOwxJyGm-AawmYOlxQtxO95uoSUsrvVI9vrm6rjSaUgvraz2QrB5XaTe6M86VuDZw%26cry%3D1%26dbm_d%3DAKAmf-AG-H26x37iWOIl8toL8mRrkZtinXCn4t4Xc1czTdKbtdDPrrf8s6XxwrNniG0OUzKP5dOotyBqRBnQKSJjq8nD1mXXJgAPnNlWFPM0NxhcnAxYzidPrylPiAe5kTMIMt2tG-xnl5ugMPOat3WE3JpswlGtJ-K22eoGQu0LBymf4kHVAyrVQ5WGtouwNGYDN-8nF2xyvHHgwdU_SgKwYk7WG77hJiTykewe3Ahn6b0wLFDotcjJFNuMvDgLBW0N2E-pbDFdH7wDsUdczVf2RqKxIJcTBm0cZ2Ar9LQ9ZHNhUt6Ptf3okqfcX2ViIzuwIxZm0W46ARRKmnQzaEsrvtr1E7MKeiew4Dxz8d7h6ZepLI8V15Qib7IDw4_RR3CzgjM651uajlMt_sVAevTGR9mr6wfIe0O9fyzu7Edv-PykJO01fdXigf5E15pR-UxrlPOjkS8i%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2145718163421&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 390
  • https://hal90008.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=1790267bd8&subid=&uid=c507d8e166e53dac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbTA4u9BzYZfUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QOI7e8KZSE5hXPvImgO_ZQC90u69PQuQddgMGTCZtKdS_UAx8PaS3OVISUB0Q-f0BZeAQY0F6MUkImcSJgnwdiys4guEFcNf-2LQ7oxh5mmJRTlTotgVQqQjM2MjKH1ELA1YmuXo5vSxhyOE3FfnBTaL_7NjCWJp27i2n8XUtBk0qZtG-kFmPyzGliEek05-FMfCXRp6smyqtvB1lG_yaWJekKFhYTrhN5nIcMOeA8WZJdZbwx0OVuNvKYi0Nnu5UIUbz9--7ESn8QxeFwzeX8L874SyboRPRVHNssSuCkDj1lt1GKbn_81Ya-j3nqLD2n8AEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoT8O19kwXo97v8XS1GK7wHqBqQA%26sig%3DAOD64_1u4bG4wggBW-Q0Drwa1beuXC7jbQ%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AShxRssTMGD8J_OTbP8i_-bUbhaZenMaWHJavi0-wTCiXjA_j0LQFTsBMCC9IgluyjqjkbZT_MmB8dvpbqTxrD0Ua19IoCS9WQqhFVkNNMeO7ne_SAAdZ4NgY8RU1vYcEn5_f0bLS_wDwY_luQLRutFlPX5g%26cry%3D1%26dbm_d%3DAKAmf-BmUGdx1mjr1ugHOVNSpK00l3tX5zy2PrHtgwWYSONSoi2XDmaOZM_4hLj_HlkHewyEsvAppir1ZZlDM53iy4AlOWqAwIIWGN_NOKRE7yPSbj-xk-g1ER1hFaqW6P5ZozkoOzcyJQGYi-M0wbrWX-IHbTt0NF93VaQkMwUm9RYq4LD-veqgnpr0eZnWsMG2YaZ0M5_s7zoy83OhuosEN0Ud_uprM2CHjzhfiT0A8ngADamt0YXRSF-9Pc-YnJnAcM1LYMexhdcWDzZdaca4iT_s3khbC84FWVO7nbSc6L0FWjWV5yfH0lVKfvY5ymZuYrJpZ5DamPkTjqLFHcaEvB_QUSe5vh5hzH80wjD2RZRkYq6IEVreRfLYbFiB7VOGGhhcJ91XcM5bIAlGlwce23fgJE1uQaLPRV87WM3LImmOErGkN2kYCepy7tsap1KLvJpcQmfg%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=3150166527217&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90008.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=1790267bd8&subid=&uid=c507d8e166e53dac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbTA4u9BzYZfUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QOI7e8KZSE5hXPvImgO_ZQC90u69PQuQddgMGTCZtKdS_UAx8PaS3OVISUB0Q-f0BZeAQY0F6MUkImcSJgnwdiys4guEFcNf-2LQ7oxh5mmJRTlTotgVQqQjM2MjKH1ELA1YmuXo5vSxhyOE3FfnBTaL_7NjCWJp27i2n8XUtBk0qZtG-kFmPyzGliEek05-FMfCXRp6smyqtvB1lG_yaWJekKFhYTrhN5nIcMOeA8WZJdZbwx0OVuNvKYi0Nnu5UIUbz9--7ESn8QxeFwzeX8L874SyboRPRVHNssSuCkDj1lt1GKbn_81Ya-j3nqLD2n8AEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoT8O19kwXo97v8XS1GK7wHqBqQA%26sig%3DAOD64_1u4bG4wggBW-Q0Drwa1beuXC7jbQ%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AShxRssTMGD8J_OTbP8i_-bUbhaZenMaWHJavi0-wTCiXjA_j0LQFTsBMCC9IgluyjqjkbZT_MmB8dvpbqTxrD0Ua19IoCS9WQqhFVkNNMeO7ne_SAAdZ4NgY8RU1vYcEn5_f0bLS_wDwY_luQLRutFlPX5g%26cry%3D1%26dbm_d%3DAKAmf-BmUGdx1mjr1ugHOVNSpK00l3tX5zy2PrHtgwWYSONSoi2XDmaOZM_4hLj_HlkHewyEsvAppir1ZZlDM53iy4AlOWqAwIIWGN_NOKRE7yPSbj-xk-g1ER1hFaqW6P5ZozkoOzcyJQGYi-M0wbrWX-IHbTt0NF93VaQkMwUm9RYq4LD-veqgnpr0eZnWsMG2YaZ0M5_s7zoy83OhuosEN0Ud_uprM2CHjzhfiT0A8ngADamt0YXRSF-9Pc-YnJnAcM1LYMexhdcWDzZdaca4iT_s3khbC84FWVO7nbSc6L0FWjWV5yfH0lVKfvY5ymZuYrJpZ5DamPkTjqLFHcaEvB_QUSe5vh5hzH80wjD2RZRkYq6IEVreRfLYbFiB7VOGGhhcJ91XcM5bIAlGlwce23fgJE1uQaLPRV87WM3LImmOErGkN2kYCepy7tsap1KLvJpcQmfg%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=3150166527217&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 391
  • https://ad20.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=118929cba0&subid=&uid=2e7caf7dde4525d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=7711467202980&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://ad20.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=118929cba0&subid=&uid=2e7caf7dde4525d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=7711467202980&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 392
  • https://ad9.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=afd152f535&subid=&uid=19749eb90eed3f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2120648489351&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://ad9.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=afd152f535&subid=&uid=19749eb90eed3f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2120648489351&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 393
  • https://ad26.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=8d204b26dd&subid=&uid=04435d73c2cb42c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=6976127533840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://ad26.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=8d204b26dd&subid=&uid=04435d73c2cb42c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=6976127533840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 400
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624
Request Chain 403
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831
Request Chain 406
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868
Request Chain 410
  • https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&viewref=67107700042231300383830011756009 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=9a84fb60-33e0-11ec-bb42-2234d33d3970&v=11354&r=473322&q=371931&s=2470208&viewref=67107700042231300383830011756009&pv=1 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_473322_1634980029_9a84fb60-33e0-11ec-bb42-2234d33d3970&insert=AW
Request Chain 411
  • https://www.awin1.com/cshow.php?s=2481850&v=14172&q=372911&r=473322&pv=1&pref1=67107700042231300383830011756009 HTTP 302
  • https://htlp.emp.de/
Request Chain 414
  • https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=30456700051313300383830011756020&gdpr=&gdpr_consent= HTTP 302
  • https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1634980030_&cachebuster=1634980030&awv=11430_473322_1634980030_9a8b15e0-33e0-11ec-bab3-2265a16f2a26&gdpr=&gdpr_consent= HTTP 301
  • https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NDkzNzQ0MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzQ5ODAwMzBfOWE4YjE1ZTAtMzNlMC0xMWVjLWJhYjMtMjI2NWExNmYyYTI2Ow..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif HTTP 302
  • https://tracking.mlsat02.de/onepixel.gif
Request Chain 417
  • https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=87197800043783900383830011756026&gdpr=&gdpr_consent= HTTP 302
  • https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1634980030_&cachebuster=1634980030&awv=11430_473322_1634980030_9a8d5fd0-33e0-11ec-bb42-2234d33d3970&gdpr=&gdpr_consent= HTTP 301
  • https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NDkzNzQ0MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzQ5ODAwMzBfOWE4ZDVmZDAtMzNlMC0xMWVjLWJiNDItMjIzNGQzM2QzOTcwOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif HTTP 302
  • https://tracking.mlsat02.de/onepixel.gif
Request Chain 433
  • https://pv.medialead.de/trck/epv/69250fcfc588cf5d7fc2147a4a4327c3&subid=67107700042231300383830011756009&ctrack=https%3A%2F%2Fad9.ad-srv.net%2Fc%2Fc2a54j76pi2k4og%3Ftprde%3D HTTP 301
  • https://pv.medialead.de/trck/epv/69250fcfc588cf5d7fc2147a4a4327c3?subid=67107700042231300383830011756009&ctrack=https%3A%2F%2Fad9.ad-srv.net%2Fc%2Fc2a54j76pi2k4og%3Ftprde%3D
Request Chain 434
  • https://www.awin1.com/cshow.php?s=2470206&v=11354&q=371931&r=473322&pref1=67107700042231300383830011756009 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=9ad58c60-33e0-11ec-bab3-2265a16f2a26&v=11354&r=473322&q=371931&s=2470206&viewref=67107700042231300383830011756009 HTTP 302
  • https://asset.conrad.com/media10/isa/160267/c1/-/de/Haussicherheit_140x180?format=gif
Request Chain 435
  • https://www.awin1.com/cshow.php?s=2481855&v=14172&q=372905&r=473322&pref1=67107700042231300383830011756009 HTTP 302
  • https://media.acfrg.com/banner/Affilinet/Logo/EMP/140x180.png
Request Chain 437
  • https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556888&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fcbfv62j13jvyg0z%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1 HTTP 301
  • https://track.adform.net/adfscript/?bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fcbfv62j13jvyg0z%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
Request Chain 440
  • https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556888&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad26.ad-srv.net%2Fc%2Fcy9zgeyqa9fvy1d%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1 HTTP 301
  • https://track.adform.net/adfscript/?bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad26.ad-srv.net%2Fc%2Fcy9zgeyqa9fvy1d%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

475 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
unimedia.info/
Redirect Chain
  • http://unimedia.info/
  • https://unimedia.info/
327 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.6.1 / PHP/5.5.16-1~dotdeb.1
Resource Hash
ebfd6cbce5b4d76d823edf54ce16bc751bd747934345bf3f97970f9e633e0ddd

Request headers

:method
GET
:authority
unimedia.info
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.6.1
x-powered-by
PHP/5.5.16-1~dotdeb.1
pragma
no-cache
access-control-allow-origin
https://unimedia.info/
access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-encoding
gzip
x-b3-traceid-primal
e4f1ad36f2e34cfe851b9f1c206ea933
mrf-tech
CDN
accept-ranges
bytes
date
Sat, 23 Oct 2021 09:07:06 GMT
x-served-by
cache-lcy19234-LCY, cache-cdg20738-CDG
x-cache
HIT, HIT
x-cache-hits
2, 1
x-timer
S1634980026.134937,VS0,VE1
cache-control
public, max-age=60, stale-if-error=2592000
vary
User-Agent
x-b3-traceid
4b3b50f9ccfe479e88f59ae10b9c7ac4
mrf-cache-status
HS
content-type
text/html; charset=UTF-8
content-length
57476

Redirect headers

Server
Varnish
Retry-After
0
Location
https://unimedia.info/
Content-Length
0
Accept-Ranges
bytes
Date
Sat, 23 Oct 2021 09:07:06 GMT
Connection
close
X-Served-By
cache-hhn4077-HHN
X-Cache
HIT
X-Cache-Hits
0
X-Timer
S1634980026.087065,VS0,VE0
Vary
User-Agent
Mrf-Cache-Status
H
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/select2.min.css
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2235791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1640
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-3bab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Vvj%2BAbB%2BvR6GhaKeTumVtU%2B0TKjxUGd0dcno03dNX%2BLdbp7ZkoZ5iPvqvhL82ZH7cPvt15nVdv2r7dHz%2FP8DpklxIioeS5mcMqro3N0Uml9Uku9BtqBBE7CzPpxJn60zGa3FKcpOk5Y0Mb1NW9tfBqs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a29d02bfa073746-MXP
expires
Thu, 13 Oct 2022 09:07:06 GMT
app.min.css
unimedia.info/css/ 		375 KB
376 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unimedia.info/css/app.min.css?6049
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.6.1 /
Resource Hash
8ee50b212149e7babe7612a075658800e8b3ddc71a12080f9cd6859d21f75e61

Request headers

:path
/css/app.min.css?6049
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
unimedia.info
referer
https://unimedia.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
x-b3-traceid
76a53c2b161945bebc8ee4f2743654c6
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
459759af246b46f38ebf2cb93feeb7de
content-length
384398
x-served-by
cache-lcy19253-LCY, cache-cdg20738-CDG
mrf-tech
CDN
server
nginx/1.6.1
x-timer
S1634980026.187672,VS0,VE3
etag
"5d370a8e-5dd8e"
vary
User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
9, 1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90325bda04a8eb2b47aff2f6a0f8146625885d4ea6a3454963a6f081426add38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51074
x-xss-protection
0
server
cafe
etag
9084925224272143600
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 09:07:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
b3220b947e9875ed59a319e13c6c49f6bf2a025f394b81a0596a8d84c67ab58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1022 / 932 of 1000 / last-modified: 1634854038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27197
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Oct 2021 09:07:06 GMT
cmp.js
gemius.mgr.consensu.org/cmp/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gemius.mgr.consensu.org/cmp/cmp.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.21.22 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-146-59-21.eu
Software
GHC /
Resource Hash
ca31c56a9819db75a456259d5bfae5989675461c8e2b055b9311a49a9d36dfd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 21:35:24 GMT
server
GHC
etag
"604D301C0000AA1E52666B44"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
12755
expires
Sun, 24 Oct 2021 09:07:06 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-58543088-1
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8282386344065cc7ea94619270b955f6833335d6015e720db348cc085d1610bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35755
x-xss-protection
0
expires
Sat, 23 Oct 2021 09:07:06 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1540
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a29d02c8a283756-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 26 Oct 2021 09:07:06 GMT
ads-async.js
ad.mail.ru/static/ 		185 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:06 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
189564
Expires
Sat, 23 Oct 2021 09:17:06 GMT
stub.js
gemius.mgr.consensu.org/cmp/ 		1 KB
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gemius.mgr.consensu.org/cmp/stub.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.21.22 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-146-59-21.eu
Software
GHC /
Resource Hash
db9bc0a6b956749302c088d189e29cf4997521862784042fed8eabc9935fadd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 21:35:24 GMT
server
GHC
etag
"604D301C00000410DDD73FB2"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
538
expires
Sun, 24 Oct 2021 09:07:06 GMT
uni-logo.svg
unimedia.info/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unimedia.info/img/uni-logo.svg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.6.1 /
Resource Hash
1cf2118833e90b880a9f88b179a46f63a47e36013048a1602d166f7ec14ac9d4

Request headers

:path
/img/uni-logo.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
unimedia.info
referer
https://unimedia.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
x-b3-traceid
9295f18c4f2d4f1c888db61b2b861eb9
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
49e87fd049834fdc9b17b71490bdd82b
content-length
3886
x-served-by
cache-lcy19273-LCY, cache-cdg20738-CDG
mrf-tech
CDN
server
nginx/1.6.1
x-timer
S1634980026.278951,VS0,VE1
etag
"5a443f61-f2e"
vary
User-Agent
content-type
image/svg+xml
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
uni-square-yellow.svg
unimedia.info/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unimedia.info/img/uni-square-yellow.svg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.6.1 /
Resource Hash
ff4033d575dd4a6637c97c97069e99ad72821eb6fb3b04f5a9d36715da914ad8

Request headers

:path
/img/uni-square-yellow.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
unimedia.info
referer
https://unimedia.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
x-b3-traceid
51a28d0e56724e138ed07ed95e4c1e17
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
caac268221944360a836d83072a46572
content-length
2213
x-served-by
cache-lcy19265-LCY, cache-cdg20738-CDG
mrf-tech
CDN
server
nginx/1.6.1
x-timer
S1634980026.279037,VS0,VE1
etag
"5b4edec2-8a5"
vary
User-Agent
content-type
image/svg+xml
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
criza-leul.jpg
cdn.digita.media/unimedia/media/2021-10-23/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-23/criza-leul.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eed0383e85e3cbbdce0dbb0ee972a727efe279aa104d5419a33a0a0792c357d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"118dfc0ba2c63bda1f5f17da160f2841"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4101
x-cache-status
MISS
cf-ray
6a29d02c5f27696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41320
x-xss-protection
"1; mode=block"
last-modified
Sat, 23 Oct 2021 08:09:46 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFRMBJx%2BHdLHOXIpbUsFWsbxL9OUW9Ty2wF8HsNduiYpPZx288iHT1zHQfTFYMzae61nXFz0XA%2FFX%2Fbhl%2BO0GasMf446ctb2ULd2b9rvCPoVYbBbP02ums1p9EJYk0B%2B%2BvOu7fqLP8PfJWktPiVf"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B09AA619A7AECD
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-horoscop.jpg
cdn.digita.media/unimedia/media/2021-10-23/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-23/criza-horoscop.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af2cea48117493215942acee595ed4099e26e27f9bc0506c1cb431dcd527c4fb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"ac7d3e37633dec4b0ab4912c586e2713"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8708
x-cache-status
MISS
cf-ray
6a29d02c5f2b696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35795
x-xss-protection
"1; mode=block"
last-modified
Sat, 23 Oct 2021 06:53:42 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xM81OBLYw0drsVJLER%2B8qZQDTkq2ohB84yv1mdCsR6mmEaPVsArxUYc3fjPpFSFp6Os8tc4jFvWFzkzWgbLfq%2FEufppRjbLeWLMg2lkFm9je5VkdigZ%2F1iV5cHZ0GAGQlKXBg%2BaDQ2koPzVIj0Uu"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B096755B37BC2D
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-timp.jpg
cdn.digita.media/unimedia/media/2021-10-23/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-23/criza-timp.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
818b9a59fd065989c1aaff8465663fcbb495200dd441d154f76e7a61ca16d223
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"bcf1d86821f3d2c1f21db12d9a3447f5"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9468
x-cache-status
MISS
cf-ray
6a29d02c5f2e696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
94643
x-xss-protection
"1; mode=block"
last-modified
Sat, 23 Oct 2021 06:32:58 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciTzXmH%2B3HWEdOsS8ivtMYDyUNQK3WkeRU1LjHfAQJvIP%2B8Sh5MDoTegZO2qlPpW%2F2wpX9IlwRa%2F2Xxs8alM2vz%2FrrPDtmeFl2zs9f8KyBf43gKn32pnxlW%2FdzC%2FCpT0MtyuO8cii0Q%2BAUyZEcv5"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B095C46B26E387
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-capturagv.png
cdn.digita.media/unimedia/media/2021-10-22/ 		374 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-capturagv.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c1f9906209f38e1938d62cd09d7107aa1247676c15e96493217032462efb9d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"fe6e0fea7adf088064a2b42515579a4a"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50097
x-cache-status
MISS
cf-ray
6a29d02c7f75696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
382988
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 19:24:53 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5KhKpQ0tQ9yextK3IZKBqXGso%2B%2BWiCwmswJe%2FVmPCCMz%2B2dXtHbf5w0ss9AYslOnnZvTzcshwvKFyguGXxVWPAl8ML4Rix1%2F7tqkvWnT3oKco0k7eQ9iO6Zhfm23rUbHnQyFacyLmK1jqsFyl3E"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B070D07D1EB81C
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-covvv.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-covvv.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dd48eb7d99a62cfe8618a7e18859d2c4e9d0e32d5806bfa19d442f8d86aaced
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"d5e2994c5a0e1b0ae3ae91ac40b78830"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51292
x-cache-status
MISS
cf-ray
6a29d02c7f78696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44960
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 19:04:59 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDNdaHzFs5Z7AyjmlL5xp%2FYpgeoX676vUrTqkv1r4NypEQ6wadjEyistp9Ty8ziQNQEHFdAIfjLNITR9XFTWX3iIK1GWPILRzWQs3KLcElPaYxSfccinL84BpEci006w4knQ%2Bmh4D0mMb4oudr5C"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B06FBA4DCD855E
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
main.d.js
b.marfeelcache.com/unimedia.info/ 		13 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.marfeelcache.com/unimedia.info/main.d.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
via
1.1 90b7b9dc3aa8817f0cef3cfd45fb8917.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
82f990e9172f485f961255c703a6c18e
x-amz-cf-pop
YUL62-C2
x-mrs-cache
REFRESHING
mrf-cache-status
R-SH
x-mrf-rendered
1632838470331
x-cache
Miss from cloudfront, HIT, HIT
x-b3-traceid-primal
b5011211825a4295819e827c673265b7
content-length
13
x-mshield-cache-status
REFRESHING
server
nginx
x-served-by
mshield-b-01, mshield-f-01, cache-chi21138-CHI, cache-hhn4020-HHN
x-mrf-type
UNKNOWN
x-mrs-age
0
x-timer
S1634980026.350325,VS0,VE1
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
0
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
BBfnmIONrYiMS1milIdPyskyM0B9qck-lJEkrkkpnttmJrYfPPJdtw==
x-cache-hits
1, 1
criza-voiddd.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-voiddd.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
928a2c6b7d75e3ab9c96b0cd78a17ca7a98635932a282a0ebca9c937582286aa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"72830306c030e7e8ae773d02ef6db087"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52446
x-cache-status
MISS
cf-ray
6a29d02c7f7a696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29013
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 18:45:41 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VMO9S%2BX4J1ZAUcAWtOsIgCBiFyzZB21B3Yv9v25oX34vMUs%2BI9L7z1eE8tCdIGivh8sSR5bp7VRWsWWQWsRlZDQjEMjWYWVbFlwulHukMNLzUWcjjhXfDq%2F%2F%2Fq4AhJHjw7Hu%2Bm7miH3XGinB303"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B06EAD9B21923C
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-gavvv.png
cdn.digita.media/unimedia/media/2021-10-22/ 		336 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-gavvv.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98225277db4486565a276456d64e3e613bf7ca3613b88f0371d6d1abb5bc6cfd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"d44af7220db6bcdcfec7762e1c0c8eeb"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54265
x-cache-status
MISS
cf-ray
6a29d02c7f7c696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
344135
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 18:14:37 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yr1K0%2FAeG%2Fu6m93DOeQmJ2Gsr5P%2Bv%2B7d%2BoWidFnI6744CrC%2FYoVNgB4D8u8okAPzRynwJ%2FT4cVlw%2BM0vQN2XiD%2FWyZXAD2Kne%2FhO8oYxqiaaU%2FrJyM33n4KiXZtJ8psfzBYZF658oM7BBqMYdzYz"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B06D0613436745
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-pjimage%20-%202021-10-21t162445.176.jpg
cdn.digita.media/unimedia/media/2021-10-21/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-pjimage%20-%202021-10-21t162445.176.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ca438c83a6227b317a943b4f5e656fa45b5acaf4d02b4d06a3590daa82ce26
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"4d89f1be94e01bb67900d451c172904a"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156736
x-cache-status
MISS
cf-ray
6a29d02c7f7d696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38279
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 13:37:57 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07O3yi5hqxHwmDYIa7IeBGpuFvq%2BAVLgdfLcStufVKWQgL2Gwt1bP5w0bahcT8HWTRg9frXtymveQEKP2ZH%2FFngFc2i0FNheJvj%2B78RStB6QrKe0UKVugSesaqZ4llgVVlrHCGDgsP1KAYxhmYC2"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B00FD2E99CE047
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-dudu.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-dudu.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d701eec2f13cc6cc769e8af437373660d4ffc203d5e08b9ebafe56af72bcadda
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"63d91b819e0e8260f59568479ac7270c"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55363
x-cache-status
MISS
cf-ray
6a29d02c7f7f696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49649
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 17:56:53 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ze7u5IkjEjP3%2FS6pRqzmR20ZhAmvGl71542Zq6jOmHdfRsCUQNuFhhv0oV8yvztIzfj5HVJIbLmSi3AjNDYkPoWxozFs6PO%2Bte179h08LeHW8R69so3xNhEzVZrS38BzXhWmZkdeGFl4GrS7oiWh"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B06C06686BCD98
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-unimedia.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-unimedia.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fffa34a270f4a6053b94def871100aaf7b0e1f3fd505dba3bf40b504f441c697
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"dc889dc4282a0df9ad17fb71c372e992"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65045
x-cache-status
MISS
cf-ray
6a29d02c7f82696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29919
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 15:15:47 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dw8D1375ehnFl%2BE03dQuUMgXiRmsOm7qDM3k9lv6O9Sbz06eqo3Hv8nq4OljA%2BOGSYWATUoa1zFJfjcqLVT9d2DcnnyiqngYbd5Ic3OMUri%2FD9O2dAacz3%2BvWDVplEhohAJV24KdTBw2GDKURBmy"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B06338019F8075
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-photo%202021-10-22%2011-06-59.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-photo%202021-10-22%2011-06-59.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8713f2e451f6cc224c8d470f475cc9f1c6a5c03dc9d1e7f7ec57bb55b974abd0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"8ba28376a1c0a452fe703dddf20a2374"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86732
x-cache-status
MISS
cf-ray
6a29d02c7f84696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
88286
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 09:12:08 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aTGo7sYdEfmfgUupjSUmEdi4ZGsu5DpT%2FVcVsMPQtHRb2ytTeFgenulOTkaztQu9tmbWpPR4dWuE379qH%2FueG7NPWKt5Ga%2BFXW0JN36eV%2F%2FdRfQIxV0%2Bnb9q0OSqZKsCXFIYdR5kjdbki6ZDblj"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B04F7E7DC5D67F
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-criza-bodnarenco.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-criza-bodnarenco.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
365aaf3330db6ad6f1251e2cad6eb186ee94660162c17d7c4d9974bdf4a26f05
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"e9a9b1dc8b2982767632fa1f417864c0"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69234
x-cache-status
MISS
cf-ray
6a29d02c7f85696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52112
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 14:05:51 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu7UqB7sNJoR8s6tml1tCdCInVyXPtz24IEVBCAoVhXQdkQAnn2Pn7i2Z1L0wzGBfwDR5ISvewZy4I42d3wwfn25ZqZV9JMpDhYa5rMFvHarCtjP5R6xY9sc04DHP5SSCihsD3Ri%2FnUV3psBVPl2"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B05F689B80F015
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-51502138991%203afd891a1a%20o.jpg
cdn.digita.media/unimedia/media/2021-10-21/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-51502138991%203afd891a1a%20o.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9846d073b571c1c29dbecba64decc88fdac0ad2b65ec77a4fbd38842052e493
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"86cf331cdf77505ff3b7c03eb10ac214"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168560
x-cache-status
MISS
cf-ray
6a29d02c8f90696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30242
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 10:29:19 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4850qgPzztDb%2Fmjhsm1nIytxCsaQDdT6DBOeX7xf9ui0oqbnOd0K5KB%2BNo938iV%2Bvsa7S%2Fke3zyAeYltDrK%2Fq3Ee1gNwCTEGVxNwLJCmwKBS9n%2BMkCPGswqe4RDGs7HtGkQU2Abto4sN6QBkj9Ja"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B00511E2A50F9B
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-criza-nata.png
cdn.digita.media/unimedia/media/2021-10-21/ 		318 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-criza-nata.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eaf1e0ef1a5ee6e1820d6ec43b66c7dfcbe340ad5e8204b3b773d6a57443420
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"b33ed352494d04d687f119dbf2c4edec"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
136078
x-cache-status
MISS
cf-ray
6a29d02c8f92696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
325387
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 19:22:40 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKHZBeRqYRTYbmUz8%2B1B3JwbDoz22nq0GhYVppX5VJu45rK%2B7FilzTQCMOI%2B9DUe23caosMLUmQUaYPuDzPMKJgREheE8LBNon6CptI7RAwkwOaGBiWPwyi6ad64vuFRplcowf1Lt6Gw5uyL1Oh3"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B0229CE99E9BFD
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-37d06225-bc2d-480d-b982-d4de3d6e6cb3%20%281%29.jpg
cdn.digita.media/unimedia/media/2021-10-21/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-37d06225-bc2d-480d-b982-d4de3d6e6cb3%20%281%29.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a71f2ad3ad8e19589bfb17c9df1bec36ec55b6931498b7af4a1ef31351640cc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"492c4549958de9771e51b179a4a1d94e"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
163879
x-cache-status
MISS
cf-ray
6a29d02c8f95696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42144
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 11:26:41 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmeNukkD%2Fkpl5e6Vu06NEuJ3vYlKmZWp6RgE8hqlkZQG5aGyoqmmEKoie5yCmY5n2I7E4VdXHg9%2BcJlTuMyZoDwq2o2BLVtMFYDS4tOEVeQRNQ4xIQ9VZIa5L%2FhADy4LSTEmzG58fI0wwlAqxBrp"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B00953EE467B95
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-pjimage%20-%202021-10-21t153528.221.jpg
cdn.digita.media/unimedia/media/2021-10-21/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-pjimage%20-%202021-10-21t153528.221.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56e2bf827ddc3141ef6d516d992913fc1a3cc8ebefeda47fc06e4b783527de0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"ddc7a9ff7b9698b03966c873d6686aff"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157965
x-cache-status
MISS
cf-ray
6a29d02c8f96696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34357
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 12:48:43 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep51xGmv5ZyMtAUBG8xfZ5aYfbS6Fs6Jwf8hv3MmLH1NOe6E5Doo7NwUVd2UDkxar2YJXtT%2F8U3NH2sehaMuka%2FtJy%2BymtYEAr5l1Gif3NtSmFjnWaeRAJT2u77PLjevwDdVsDW01YOn6Xqt2dri"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B00EB4E3C25F0B
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-1280x720-romaib.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-1280x720-romaib.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c84dc8c8d56cde5f0ae593073b35c218cffae88ca7029d42a7e23d2219c3d36
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"26527599819e01da910526f7c162e76a"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70747
x-cache-status
MISS
cf-ray
6a29d02c8f97696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59795
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 13:40:36 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwsc5UR0zTcj%2FqRf5%2BxHYmbl5LLAgLEL2lmehUd7Uab8%2FfHv%2BL%2B%2FjbNTU9ofOdPbg0h3NI4f4xJmM6Yp7gFkAnezFpjqN6lgukJMgl7gXmxA7ZFpvwqLkZ88if0NiOvz50qs69EtZzfGqh5mpnnB"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B05E087FC24AF4
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-1280x720%20ro.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-1280x720%20ro.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d80378d08a022a789c2b928dd537f131c27d29a123fbda38b96a72db3d066cfc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"4d0440fc12d289b31e41a90d51605d72"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71096
x-cache-status
MISS
cf-ray
6a29d02c8f98696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32503
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 13:34:07 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiHfrk8hjIFyhqOVNO1i3O5n9E8J8f373oUE22QNjljCXuJLqRAOQDn01KM%2Bqt8p%2Fm3dH7c4jSaQ8G7L2Ic5SHdpcoWOhX0gYMVzhZK1lgSAAJ76okoLpdZeuaTo8T8NSN%2BxWARd4ZQGCFe8REyD"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B05DB73E36CBFC
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-0173.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-0173.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8254eea33b32dfd7c9dc5d76a26d0d8f6d81f371802d08ae1843c6331f822d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"ccda16fa5c541926af35c4d1ed35a898"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71626
x-cache-status
MISS
cf-ray
6a29d02c8f9a696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
70757
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 13:22:17 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liVntLbtL5og0sj4tgm5MNfltrw8zHZS6yCYCk26AFPM1VZhXABYzEXvz4bGrAzrgM61G4AtMNGyNLNajWGxEb6pUjKUubygug8BHhu1Co%2FXGRFh%2BGgLBTUc01P6QaluKvrEjXUwbdAsY7Whqs13"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B05D3BCE239E7E
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-tatiana%20croitoru%20%28la%20eveniment%29.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-tatiana%20croitoru%20%28la%20eveniment%29.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef3004d07768a71ac1bb621f50a60dd2210ea44bae35aadf776cc5f407146c36
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"3008014abc4bce1d3e1fcd160b47f2ed"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94638
x-cache-status
MISS
cf-ray
6a29d02c8f9b696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38628
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 07:02:13 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEreNCIgUgy7f9Jieyg0GRpB4NGRvS%2FMaH6vXMa%2BFQZoRlfI%2FbdA266rkvYCQiONBSkioS%2BSNyCxf5PRUnUMGS1sJ4uYP6PeGLsDOyse8MJEP%2Bh4fOcActcw6ksyGQ3QkkE51XSSwknaaPYzEc9Y"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B0484DA35FEF2C
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-miggg.jpg
cdn.digita.media/unimedia/media/2021-10-21/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-miggg.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b082bb883d565625cc5d0c2b895e0391a51a111546b471cceb7ac533ebc6733d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"3b6d2bd90789a15853ac08e3a4a2708f"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
176563
x-cache-status
MISS
cf-ray
6a29d02c8f9c696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48264
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 08:15:32 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0SxtbeysJjsK8v4wdf2NR4LgglbmhUm9J%2F87Vjo%2FplGcAC9zyQK1cs1K9kziK3%2Fu9OA7ICeoagwRDpbDHcBKMPVy1vNfKb4ONJrQsym6bOyn9vlSiEQPVbQVKOYwpN4%2B4QQfsxxNMO4AT5MzXMW"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AFFDCA7EF35FAC
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-b1.jpg
cdn.digita.media/unimedia/media/2021-10-21/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-b1.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2711a8cb3d7c5cbdfa50225aa1bb418794dc76a8a0254c6a8997c7cb5deb240
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"abf204dcfc9363021313e351056b315f"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
183703
x-cache-status
MISS
cf-ray
6a29d02c8f9e696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51756
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 06:17:23 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shvaLT0Pn9stnR77%2Fp%2FB2Z2E%2BKImcnNu5vsZxZiFxbQT6jmjDOTGjJuplXAyNsi6wqw3rO3sBED5OzhhAq%2Fiy%2FbrCu%2BxnmleAZH%2F2QZA58uhIb2QuBzf3LMqHfAb82JWvzJgPSs8PRpO%2BdfXOqN%2B"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AFF74C36CA9544
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-bc-unimedia-1200x650%202021.jpg
cdn.digita.media/unimedia/media/2021-10-20/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-20/criza-bc-unimedia-1200x650%202021.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55786f200b526ed22322742d71a77126b24f1e35ba8c19468e3807e98c41baa2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"e8d8031e221c0c9e04998a1367654699"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247774
x-cache-status
MISS
cf-ray
6a29d02c8f9f696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
60002
x-xss-protection
"1; mode=block"
last-modified
Wed, 20 Oct 2021 12:29:48 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06wJhNP3NKohbs4xdG7%2BjivkhwFRkRO4tMl5wbZhM8xr0p%2FzY8G8at9culTKtnPlg6yIPQLoBdSRrvlEMakD1voVg9ITYnGJ9vd08fo6FhhEsqPxvxMsTI1uw%2FGQ1tGuhuxhqOHzB7kDOwLCgF89"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AFBD060E35A60D
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-imag%20%281%29.jpg
cdn.digita.media/unimedia/media/2021-10-20/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-20/criza-imag%20%281%29.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af5501267e17cb95f650940c5f20656bc896e2db850db0ae05236b3d811c097b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"9ca0b0ba441d02c596401e5ac13a3c5e"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
251132
x-cache-status
MISS
cf-ray
6a29d02c8fa0696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
60245
x-xss-protection
"1; mode=block"
last-modified
Wed, 20 Oct 2021 11:32:27 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVAuqMyITo7sL93e64rbBlYO0fcOwmPK6cVrBiXjHdCndE9LFvwHW0I83arLirplxz%2BToKfnWBPGi4vgGr9uAoz2kKJTSAk89erz8CPYQzxXNDsPDVNzDz3uZsgHBELz%2F%2F9eDdqdm6t7jT99OlgI"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AFB9F831FA24D5
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-1280x720%20ro%20%281%29.jpg
cdn.digita.media/unimedia/media/2021-10-19/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-19/criza-1280x720%20ro%20%281%29.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25810d62bde26ba3691477644329012a3fb52496dfc4822d02d81e0213839ee0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"33acba251565d7cbf2b0521f4cc076d8"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
343594
x-cache-status
MISS
cf-ray
6a29d02c8fa1696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26809
x-xss-protection
"1; mode=block"
last-modified
Tue, 19 Oct 2021 09:51:00 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsVntp%2Boc%2Bk2vmEzHh5bw3EyB5hY67hBiTkOS7ysJc%2FeG5yggvHA9yYKDIfnfIfpztqounntMrztOjQo6Z%2Fpn5KyEpRIsGZjaG5EcnIzxRQAHEu12BLl3DpVy0NZ48kr0ewX4lRUYkmllC9H7tay"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AF65DFC1887945
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
ion_ceban_65x65.png
cdn.digita.media/unimedia/bloggers/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/ion_ceban_65x65.png?4491
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a12cf1055f367cf679687b42b23a119237b4b9050a84c7b1b9ce88b2fd99480
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"a055328b7c19bdb295a7c2d4c69feec0"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2315
x-cache-status
MISS
cf-ray
6a29d02c8fa2696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5197
x-xss-protection
"1; mode=block"
last-modified
Wed, 16 Jun 2021 10:31:35 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wNQFiEUg26UM1U%2F%2B2o22CJshivoX05M%2FIYo1utJflcDBaqhsL2d9iunVm8RYbU19tGH9ewbLnsp2Nhvvaj%2B48%2BSjR9TMrzMpTHdUmwlRfYlUtf8a9B80FZ8ZE%2FRHd1F84uFYpX%2FF5rmxYFezsb4"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B09C45CBB43682
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
bogdan_tirdea.png
cdn.digita.media/unimedia/bloggers/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/bogdan_tirdea.png?5717
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0013e70ae9cd0e87229ac4f9a7a369c302d13be103a8191ee1a430208aac62
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"fa98b041fefa3b6a0dc54354d540ceab"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2315
x-cache-status
MISS
cf-ray
6a29d02c8fa3696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23942
x-xss-protection
"1; mode=block"
last-modified
Sat, 11 Aug 2018 09:39:12 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uskuUL3JjBie%2FdqFmlC296R2Rz0B8tooieVgoDx9oNaSqrbzxEW%2Bi8lKfMA3OXSdakkTnLFlrCn6fzyTmTC8%2B8W5Go5z1Ea3mZI1fsD55uXx4gOVVwh5e7OWtJJZdltbUuQOgc2bbMmHbo5um%2Fef"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B09C45CB201884
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
irina_vlah.png
cdn.digita.media/unimedia/bloggers/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/irina_vlah.png?3638
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a653534bf2bcfcab8790e9751fe0c88aa6956f3cd788669e4aa78ac8cca34019
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"ecccd6547cae1c294ef2c49f7e71bb99"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2315
x-cache-status
MISS
cf-ray
6a29d02c8fa4696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8490
x-xss-protection
"1; mode=block"
last-modified
Fri, 29 Jan 2021 12:30:41 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FUgzgLVeN9cCl9SCUYvQNFZ9GLZTIXPh6LuOPQkWSZy7P2Sca%2BSs8r5hkPHdA3P3xDnQUmiefP%2FyLr8q4NvTgK%2F4UFQwykjKGJkeHq9z8QztpTH9nY5sBTCJlHN8SEiggkqD6lN4OaP1C%2BnEtEM"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B09C45CB16FCF5
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
corneliu_furculita.png
cdn.digita.media/unimedia/bloggers/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/corneliu_furculita.png?8195
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aded105c66131e04d268e88c347a9f8db4f895effd6f3fc6b46c574f12bbf75f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"9693a255b907e2723c6f0e3919e810b7"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
424420
x-cache-status
MISS
cf-ray
6a29d02c8fa6696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20888
x-xss-protection
"1; mode=block"
last-modified
Wed, 01 Jul 2020 15:48:39 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6YdoO3f8fTdmtXba0iaMFNTaQvDAE46Hi%2FbWtbVIx924Dtw%2BjPLUs58x6jRfHibmz8PJXRk%2F%2B84h3sSb%2B4elry%2FHdbCY3mQ6Zw6UY8060Ap71aq3dM8MRLnhJUWIrt0rPetO0r%2FmU1ld0u1ZqRc"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16A5F5A042A45B5F
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
valeriu_munteanu.png
cdn.digita.media/unimedia/bloggers/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/valeriu_munteanu.png?8030
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863080594533d2214e72ce5fd5bcf20a5793a022f052fc4ec0d2c9291070f283
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"863e91d50126e2a91f81d563f264f936"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
270847
x-cache-status
MISS
cf-ray
6a29d02c8fa7696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22715
x-xss-protection
"1; mode=block"
last-modified
Sat, 11 Aug 2018 09:39:19 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjDVN8JSTr3%2Bi10G5MxiDZpWWSqvVqFaBZG3%2FI%2FV1nGBCBCZ86dnxHL8D%2BxiT6oeppWPXP99nsbK7eKB8gx4bDKTeho%2FAbmYLjHADbKm4iu066%2Bi9PLcbdNPZ4yBftvovbBU4R5UbeHaWBRer3qV"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AFA809E2B004A7
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
vitalia_pavlicenco.png
cdn.digita.media/unimedia/bloggers/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/vitalia_pavlicenco.png?2264
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9dab26d1b24b9619e9ef617bf85606076097f110b2a71636d3928ee0878626d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"454c235097dacf2bf717658515f730b9"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2315
x-cache-status
MISS
cf-ray
6a29d02c8fa8696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23386
x-xss-protection
"1; mode=block"
last-modified
Sat, 11 Aug 2018 09:39:21 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGQ7xIkTPRl1ISBjcIdanzSr5Vl8dNZVfiEhvcUFfqruRDuXYpM2HAkNf0pMV56YQXC2l6Pob%2B9TBzAtZQ87Mf2XYLJhgXOpn5JKhjNCoj52QY11ZFpi1FZ8M3RwdUz5SCOJgaR0LstLqwhMMbBb"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B09C45CB6048AB
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
alexandru_tanase.png
cdn.digita.media/unimedia/bloggers/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/alexandru_tanase.png?1961
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a500598b9d6a4221545ec8c3187ce7ded76bfebe57febbbbca94203ab8df88
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"a281d5c25af448c5011e70ced180a110"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1039981
x-cache-status
MISS
cf-ray
6a29d02c8fac696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24694
x-xss-protection
"1; mode=block"
last-modified
Sat, 11 Aug 2018 09:39:12 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9uG28Vd%2FxuaIC6ilZPkk3lbkJTAIJqwPfTqRKpdiZ%2FfxzHqe%2BvkyJRcvdp%2BGHuBLLAxhldnOlxHahX3J%2Fw9sFiPhNoXUkVM6LVcBR2U8Z4d1jzoVg42ZRA0lBIySD78qfSvWbQfPCQrx4dZa7it"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16ACEC7F748A77D1
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
criza-rizea.png
cdn.digita.media/unimedia/media/2021-10-22/ 		347 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-rizea.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ece419428fe25508fd524e2f7380afd37254c50c014cf70aed585ec37070d5d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"6da4f8271701e1d53e71b9abdad10094"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62417
x-cache-status
MISS
cf-ray
6a29d02c8fad696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
354918
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 15:58:22 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEuELdmM1XfEyyXuvfLBlLxUv%2F2lRI4DjY%2BK%2F%2Bs1gGwsjiVOrrQUE%2FgbeJXCvIQnm0ZFHt38m5cM5MM9Nc6rEp4tZ3SB4FJ67josj0Yemzor%2B8mUxmkhsZUKf28ex%2B5Kkvn4qt3QzP5KsQLoKJKa"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B0659C012F0CBC
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-obiectivbr.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-obiectivbr.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5739624bd3388c383bab35c5a12fe4f57d12222b5bffc63c57ede33c63c8e7cf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"7590c04c55a6b9dcd8481f1bf03f91ca"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56630
x-cache-status
MISS
cf-ray
6a29d02c8faf696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31578
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 17:35:50 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o14C6jrkhKcQrxxZ3cALoUdOipMv8SnvK1Mxn642eGpTc6icIC4779zledp%2FlgLSBlxIqYYncs87jY9daxS5PqiaBULGfEa5NMaQW3hIqEuNFaHBvLLqTlwpBd990Wk6lFdTF%2BYf3b5wpB7WVcyE"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B06ADF75D104C2
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-dsc%205450.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-dsc%205450.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adef5011910058f22cddead36db1a69d47eba464a46151247a34c0f4205a0a40
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"5e97da0bd1beb68a39968d502b5a2733"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69519
x-cache-status
MISS
cf-ray
6a29d02c8fb0696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38110
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 13:50:16 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uw8gM3ujvw3%2Bm0nmPoFmNW6PXe1qaaMStl9pd5iBVZXJdP10gnMI%2BLmOzL5j8%2BOHsVuiTdybicUURsaT9ElnUms%2Bg%2B2qeFYQjqE2%2F46iRSc7SGQplFMecJ5zpRx2GcewVnHHslU85NFJcHjq9RzP"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B05F265687BFC9
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
anre_logo.svg
cdn.digita.media/unimedia/ 		51 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/anre_logo.svg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f2f082645022819ed1c5fedd4a414461c5f5470e03a87b4824d9372d55ce23e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1057841
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
16A443EC3BD92F54
x-xss-protection
"1; mode=block"
last-modified
Tue, 04 Feb 2020 08:52:34 GMT
server
cloudflare
etag
W/"9ec2844953bedb25845a48b9c5fe2a50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9BUo8L5DPijPSQaYj2R9V98TVKamf2Zqnl5kW8%2FBbYiRXps507N5MwGflCl4YzWwWI40nRCmbdWmahZ8wDUk89Wyt2MEWRZDxOqiUpT4TOCN8kaRSrkFOU1W1QOTXiyhhchp6hBdnldPlsVG7gW"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
content-security-policy
block-all-mixed-content
cf-ray
6a29d02c8fb1696f-FRA
mol-gaz.png
cdn.digita.media/unimedia/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/mol-gaz.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13dce2f23a3a3c8deb72f23132de35091e1df9a38ef62a1ea8f5e4f87d35bd81
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"7226d9bf23c2f4343b02fd0974316f6d"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1308028
x-cache-status
MISS
cf-ray
6a29d02c8fb2696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6217
x-xss-protection
"1; mode=block"
last-modified
Fri, 29 Jan 2021 20:30:55 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjuDtFcQR6cs4nJ%2FAKpON9dUhwMpTWViLxL9qxxyzBfgKUHjluQRwppYN1wX6%2FB1p1JiNvWk4ahF4iyto5VdeGDcck1cHq9%2B9sAwMm6y0cFV6mH5Nju3uWMOUD4bsfG%2F7lKstu0Vnci8hKPldDCS"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
167865F2F7829B59
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
criza-247578459%20582464133198422%201870326818908753600%20n.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-247578459%20582464133198422%201870326818908753600%20n.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d5a0e5d8c7bf5cc24c0d3aaec83d6f666373bb1a7916c021443446c18bb4b8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"817fc4258bdd6f52c96c6e155f7d5a64"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76777
x-cache-status
MISS
cf-ray
6a29d02c8fb4696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46954
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 12:00:24 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZirt2zNJrXwgVtRIWcOUDsy3WruHVEB5QyUTM%2BIuWNFwx3Djq4NPYLUDsZIoa66PMSkrvPTQwKATqw5%2BduQ%2BKMDIfEjbsfT3igUcRw9tTzLXsq9g%2B4C%2FMnWi1vXp%2BT18BS9jbh3P1fYZEeXgcqq"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B0588C757DFC29
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-3-.jpg
cdn.digita.media/unimedia/media/2021-10-21/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-3-.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98fa72cd26344975358ea322dcfbce5eae09a8b5bd0af6fc474fd87c1a22a463
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"fdadac52a5edac36a489d007d1dbfef2"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165623
x-cache-status
MISS
cf-ray
6a29d02c8fb5696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74786
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 11:18:50 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsu7BWKIRugkZlJnWeWqv94p3a6hrykHShmrQUkyyDyfbB1w2gO12Ebqb%2FWq1nfgnH7EQ87tmQtMOXXjvusnuK8Z%2BZMOAE6ck2XsQ12R%2FkhP4vPFs2isCymoxX5jt9C1uHcvCoGKYXkX0GNmrlJl"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B007BDE9BE0432
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-iluminare-cucuruzeni%202021-10-11%2022-12-44.jpg
cdn.digita.media/unimedia/media/2021-10-19/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-19/criza-iluminare-cucuruzeni%202021-10-11%2022-12-44.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a279b7e70995476593416afd7ffdeab844eda52fbc1b1e53cf037ebc715a4a2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"113a2d590c9dc949f4f5bb787b7b59db"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340250
x-cache-status
MISS
cf-ray
6a29d02c8fb6696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34891
x-xss-protection
"1; mode=block"
last-modified
Tue, 19 Oct 2021 10:46:15 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USh2x34NNCOV3%2Fw86Gdv0wOM4rxZu1cUBMcuOtJjwitUywuS8S2aoZaYDyMQ9FIz9BwLpLkwIK9NbHDdUwmScyV91K8kdYrwrlkTK6R30fm%2FWN5RZwbHqXJWnr6Wdiuqkl7Ryi4tBHPc9yop5SgO"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AF68EA36123AB3
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-proiect-drum-jora-de-mijloc-%202021-10-15%2011-31-07.jpg
cdn.digita.media/unimedia/media/2021-10-15/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-15/criza-proiect-drum-jora-de-mijloc-%202021-10-15%2011-31-07.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7f590079dee506b09faf3c757c2b958cc5593cc5735a100eae86149f22850d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"7ac23928e33d8899d74f00197140bc1f"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
685811
x-cache-status
MISS
cf-ray
6a29d02c8fb7696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73532
x-xss-protection
"1; mode=block"
last-modified
Fri, 15 Oct 2021 10:44:14 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DO7PjCQJWJ0Be%2B3JRPZ02Gy%2FfN47ds1xRZgMURbRze4%2FdfK%2Bbkbr2vypD5cwvoGTs%2FPI7BCrpBVGcl8A2b%2F192VhTw27fZmcgHp8k4vEN1DSrfDUEKwPDAWpin0us5SNV4k21d40DEfcxbDiU0KN"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AE2E9F18A4464A
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-strada-razesilor%202021-09-24%2019-10-34.jpg
cdn.digita.media/unimedia/media/2021-10-12/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-12/criza-strada-razesilor%202021-09-24%2019-10-34.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece5a61b12b7d03834cf02ed9a76d0c2c4e9db164c3b91dc272e9fc2c969665d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"d6faa6be8eabb4b0d83ca39d85a3e76c"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
954458
x-cache-status
MISS
cf-ray
6a29d02c8fb9696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
75345
x-xss-protection
"1; mode=block"
last-modified
Tue, 12 Oct 2021 08:09:25 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa8FJbK9%2BhvhOrG6xFpeJQoWDkgPZ8uAZlQR2MNCAhstKcV8vahGcHJjaT5%2B2Mw5HDZ1ZKuQWzjGGC32XR%2BzH4EeZ6Dwff78ldoTVVkwICLpCv%2BYj8WnpOUOnxNY1Aq0TpxG7yHb4lab9Jme2bpj"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AD3A482D8044F0
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-775x517%20singlenews%201634023714%203oqvsydpnlbganm7nasa5cdlykjwxsmgjomkzupc.jpeg.png
cdn.digita.media/unimedia/media/2021-10-12/ 		442 KB
443 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-12/criza-775x517%20singlenews%201634023714%203oqvsydpnlbganm7nasa5cdlykjwxsmgjomkzupc.jpeg.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3c916c0c93a8633b1bb9c8c033f4dc8fe814a7d780574fbe1087dbea46edcf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"be8cf01d0d18c479d5e86d4f95eaa5c4"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
955505
x-cache-status
MISS
cf-ray
6a29d02c8fbb696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
452897
x-xss-protection
"1; mode=block"
last-modified
Tue, 12 Oct 2021 07:54:28 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNmLS41wwCN7YYPmD0UNGuugB0cD%2BMQnT6f0pllMtHXZXFpMx0TKePK9p9hvBLYVRuIQbbeM1y0WdEmeXtjO5N%2FyENIb0cCBgR2LEtoiqpiI9mkhS2v5Gxf99SgzBdRCnflIfmqCF5uyun5mvmRG"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AD3954879FADD7
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-244713316%20685288819541078%2085292471223960755%20n.jpg
cdn.digita.media/unimedia/media/2021-10-08/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-08/criza-244713316%20685288819541078%2085292471223960755%20n.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cddb4a4636e16f0207a542a15ef889781c2ab5c027cd95f819e6e5e90574dc5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"e326bd3e6605f5c386e67e0f29710cc4"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1291176
x-cache-status
MISS
cf-ray
6a29d02c8fbd696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
69338
x-xss-protection
"1; mode=block"
last-modified
Fri, 08 Oct 2021 10:36:23 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAqr8nT5IPxfxYaBb5UGUhWMGHOcuAqKlMeUCKpZX0f6WDliAkVgivvSKjjn3hJWZLQGyTgVDLA4C5EZt60VsKNVbpJu7daC5miONXbpKEKehHVj660AYhAWdIMmB%2FAw5JnwoSSxQZYBMydEMF1w"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AC080807BCCCE3
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-srbu2739.jpg
cdn.digita.media/unimedia/media/2021-10-08/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-08/criza-srbu2739.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ede6ef6b8391593386c05f6a8bdfcbe1ea6184d0d0d3f1a8bed91a98e73efb8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"cebe5a53c86a7264d085585e7ecc4b74"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1299206
x-cache-status
MISS
cf-ray
6a29d02c8fc0696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50758
x-xss-protection
"1; mode=block"
last-modified
Fri, 08 Oct 2021 08:23:00 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2R7bn24kmbZz6pASc4ssw%2Ba2ZEAsWQcvkumLelGs7hOS2jcDSWsJ5%2BoKfFnBE%2BjszgT6Jcl4AM4sXyOvMGHenOxMwp58nYK28ffq%2B3qcPwS%2F4D1%2FzLVkHJFCiLNOZ1VVuXL%2BlNyRRm%2BuCR%2BrzxLV"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AC00BA7CA31FA5
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-semnare1.jpg
cdn.digita.media/unimedia/media/2021-10-07/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-07/criza-semnare1.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf85ba009558e5268aa0d4d7a4fb003d163ab98473be7c7fa9bde8a9c47ca04
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"90e08b63c97e3036205602b531f795e3"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1371347
x-cache-status
MISS
cf-ray
6a29d02c8fc1696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59892
x-xss-protection
"1; mode=block"
last-modified
Thu, 07 Oct 2021 12:21:31 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVPPhJAwqPNX1%2BHvNIdYSqKeRBD1tHmjIyA8PMYXG1tRk34j1GhcH3W2Cpq9jFL9wyr3PIxjpV06Rh7ZDYz16GuEg%2F%2F%2B6xYgg1kLUM3yM6WxCJ4dzF79O3t2o8q0%2Bx6%2FNjfaUTE0xUM3FxDZL6dZ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16ABBF1D609B014A
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-photo%202021-10-07%2013-27-57%20%281%29.jpg
cdn.digita.media/unimedia/media/2021-10-07/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-07/criza-photo%202021-10-07%2013-27-57%20%281%29.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea372f83972324ae71535f918ab009a1099d1277deb7ba731010ec29fd0d7dd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"c61e72e8319099e9f502c0eb9cd01c29"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1059580
x-cache-status
MISS
cf-ray
6a29d02c8fc3696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
57413
x-xss-protection
"1; mode=block"
last-modified
Thu, 07 Oct 2021 11:46:57 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FH5btXWBxqmsHfqcNdSeDVkLgfH7cIKuW0Nc1Jd9TjwHA3rS6uSF38rVbKAoLbvEbOYvTGwt9LTQx6k2GSLR%2BQLCroOTNYOyz55hdDbRViv8lbNieaYCrOWU2jfV%2FAtgGIE0tnMhccf69ymPmHxg"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16ACDAAC10D10DD1
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
gheorghe_erizanu.png
cdn.digita.media/unimedia/bloggers/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/gheorghe_erizanu.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5284dc14b9091e9973359dd951669723afee02cf3413c77c6f96994f79bdee19
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"75891058844630367e133b9c4b085db7"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1307793
x-cache-status
MISS
cf-ray
6a29d02c8fc6696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23318
x-xss-protection
"1; mode=block"
last-modified
Sat, 11 Aug 2018 09:39:14 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57FX2JRYdMt8WI6EkIR3P8oWRUGAkauwQwWAod0TcOi1itxyIDOEr%2B3fh%2FhyA2tEQDRLR0t0zw5W6JXghkh%2B3gnOjMaTCvZHMbvd21V4uOUGaMgZx%2BGh8nYhiMxmh0MdA1DlpGvADXY8cX7DR%2FE5"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
167866EFDB1B3262
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
tudor_cojocariu.png
cdn.digita.media/unimedia/bloggers/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/tudor_cojocariu.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7f4cbce5e43e84cd795f8496ed9868c7ae1942d77f06c5360df44addac14ba
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"52a4fe987011599b58569bd799fa21c1"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1521850
x-cache-status
MISS
cf-ray
6a29d02c8fc8696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23109
x-xss-protection
"1; mode=block"
last-modified
Sat, 11 Aug 2018 09:39:18 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJC9lIldsunYP7vCMvltNGJMB19%2FRqMZLOVay8NcTDl8Xy3ZN3YexZO72EGkVst7%2BuWTcx90dPxwaQWXFdvLyJ%2FFtgTf5s6v05b%2BXaUCv0Pe59i6Hg1Ca9Ex%2B5xbRxGXRlzvjrYbXqC0xwI3dFBI"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
1677A42BFDC5B470
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
ion_bargan.png
cdn.digita.media/unimedia/bloggers/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/ion_bargan.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f54b58683aee10f3323c2ea04efb0958692e636b197c9f7ced8bf036f82d54
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"1200eabbb2fdd30e4ab9dfe86f42a438"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1521850
x-cache-status
MISS
cf-ray
6a29d02c8fcb696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23709
x-xss-protection
"1; mode=block"
last-modified
Sat, 11 Aug 2018 09:39:15 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJWhK1ml5idqJjcPbOzTRoVVDn%2F4EZpzmmOmQAfenCz2BQ4K6NshphKWGqZsJ4iD8ai%2FKDKn%2F1p9H0S03mtGPYgkHEg0xojZkqB%2BkfHYAw66iuxqNfSazOFFTPbPlRtZSXlHZjTwxKCO%2FOH5K1s5"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
1677A42BFEC476C0
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
mihai_malasevschi.png
cdn.digita.media/unimedia/bloggers/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/bloggers/mihai_malasevschi.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7884d32a0699f7b116ab78fa064fa00f3cd3e3b7387281178635929f07f51c58
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"616ea3787c4b35f8c87c8dc28bf9445a"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
701107
x-cache-status
MISS
cf-ray
6a29d02c8fcd696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22967
x-xss-protection
"1; mode=block"
last-modified
Sat, 11 Aug 2018 09:39:16 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mtsez221BEFli4K0mfyUoHe0HpVNN6b%2FJJIq0WjR8OhlOTNAMlNNJ48FcaB6qffEQdxswBgA8biSljfdvLGZBsaXr3UeGBZGw30E7EacdY63vwuMZl8xgGkmCvYN70ZnWtBTsmC%2BazrAPHzyV3Lq"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
169457C237CEEDB9
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
criza-moldova%20gaz.png
cdn.digita.media/unimedia/media/2021-10-22/ 		310 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-moldova%20gaz.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec7b8e8ac8a04b2e75d30b436e1a809719db2c8727c4769cf72fcd260fd644a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"72c96a8f119dd6cbb31d0df4b63d94ee"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66314
x-cache-status
MISS
cf-ray
6a29d02c8fd1696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
317133
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 14:54:29 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikyQmq%2F6AkxGTsmFSddl%2FPp5saNd%2BWcbKhEGs3FxNJH7IaydfY3s6mTsRrH0nAvmUw%2FooIk7LI6XuOHSL1ZhM%2BEAByXM58OyZ0ugZrMVu6j1g9j64U5Hwr1cFD8JVohm5qIFyV7kj78II%2Fg3SvO2"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B06210851D97E7
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-51505191552%205d93e4128a%20o.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-51505191552%205d93e4128a%20o.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4128d845ffb59d9a8d7e6b859e08317ff9a32b07c818936fef997c71678a1c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"d7aaff8167faa3b40eb0c9ce18a1ed77"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80019
x-cache-status
MISS
cf-ray
6a29d02c8fd2696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73255
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 11:05:46 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chEuahRxbKXJ4WofGsdxWiT7GA75sjb2M5EN9GNLcbLON%2B76N8aRXjg8J6gCj9HT%2FTnHVAtsNSY3as9HFKTjednQpBwtevPLIOpFYc3Tfg50MN8QjA5%2FSoUTFLYdEHavrVfKB%2Bui5vYkuOzUZGK%2F"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B0559977C5518D
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-51200251459%208463b28519%20b%20%281%29.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-51200251459%208463b28519%20b%20%281%29.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ce56571fabe73132aae37451b08997d3e2f40ab2b21367325a0dba95acda0e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"a9467170bbcf414712c75314bd312e24"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85387
x-cache-status
MISS
cf-ray
6a29d02c8fd5696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
37228
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 09:27:26 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M53nBBLLijuNTlFhVJq8NqVTUdRSV3I8y4rzlIhuKguGMc9Yh6%2F5OP1PnvwDJ26tvsNUkRD%2BsVqFy%2B8ZeyJZFbcx01vnhmLlRDQaKRtKfx4ALU%2BJHRSuCi4AtCh99npgYkFwSbyake3%2BwCQPGoT%2F"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B050B7A7631A56
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-exchange.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-exchange.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
221bc7b9e2118cc9a49d10e0e405ac7c371516f9ef07fdc5eca11597c90516a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"a739a361ce4a063d0798c0d4a39570a0"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
102208
x-cache-status
MISS
cf-ray
6a29d02c8fd6696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
36479
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 04:51:51 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEFFvdOTOLmTd47yghlq1FoqM13T8mxSp30P3s%2Fcr8p56Ex5e%2FmPVbmaLqguKLia9GplSEeI38m602fKVbPGI%2BN2qOnfIqzTn2D%2FBZ2bUv%2Bs4djjQe6AG5m2m2yB2%2Fp3TH5Xvk3T1cPRNK0w8Rc%2F"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B0416B14926C4B
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-374%28810%2C455%29.jpg
cdn.digita.media/unimedia/media/2021-10-21/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-374%28810%2C455%29.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8303bbaa6c2efcd0795ce07fa81f26e86d212f23c453161971f544552b1301a3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"b269dc82ad55af2119cd4f88c3bb5a78"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155200
x-cache-status
MISS
cf-ray
6a29d02c8fd8696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32814
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 13:50:48 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Rf3a5Q8m7Jpr3tkaxjD5yePsIphCnGGBqLzzxmogHLX6hhxXIE9jPjEx048TXUErTForpobrh802%2BbXkKHPpuK9%2BKVlrh3Mt6%2Fg62a0JnWKtXdprP8YLYAwRjArZTCz49TyDfLBZT9Kgzu4Z2aj"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B01138BFCD3027
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-criza-nata.jpg
cdn.digita.media/unimedia/media/2021-10-21/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-21/criza-criza-nata.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f8328f516ed29272759cb3a2d18a6240c43083db8876ef7037f415e684cdfff
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"4f02e4078e08c2d1a7f391d212d9523f"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
176661
x-cache-status
MISS
cf-ray
6a29d02c8fd9696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19109
x-xss-protection
"1; mode=block"
last-modified
Thu, 21 Oct 2021 07:58:20 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MTB6jDLFpLBaBOCVUp1CVi2%2F1NgMXWlMIFIBVia%2BaLJYuBhsFJIN4UD68lt7%2FmM6RGYAOpXghvbiJtdouxOzMdFRetsgbhTKDBK%2FNt4FlyxJ0kygJpCjknNiVeKCx9Wk7pBP3cOCeklZdB6BqAY"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AFFDB3C1D5CA14
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-ad00ndaxnwjkzgvkogq2odq2mzgwnme3m2i1ndvmmtyxma%3D%3D.thumb.jpg
cdn.digita.media/unimedia/media/2021-10-20/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-20/criza-ad00ndaxnwjkzgvkogq2odq2mzgwnme3m2i1ndvmmtyxma%3D%3D.thumb.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
900c76d8526b80de598eaa0f717ec9e63f0e9b8a95fd854f8ea9200124113e14
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"864223ce0ecd72737c056ec6c196d49e"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
266242
x-cache-status
MISS
cf-ray
6a29d02c8fda696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31577
x-xss-protection
"1; mode=block"
last-modified
Wed, 20 Oct 2021 07:22:21 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iy1S6LqiO%2Fz5DAxYC6s1orXBf9s%2FrRoXh%2BfdumWq6jcwVva9i9QUKGRgjsM6x7%2F%2BMiIedeIoh1yfzl%2FCx0l%2BLGh2l7JXFjgGt47nwgWMNKEWrZyKqMGhsgh%2BxEBuwv4l7J1IoYS%2BIIWzY0Ez2Mq"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AFAC3A1F5D7758
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-teleradio.png
cdn.digita.media/unimedia/media/2021-10-19/ 		393 KB
393 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-19/criza-teleradio.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ea6b540d2af79f9a065d4153169bf4260e87cb7e17fcabdbdaaca57851235d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"2f95aeb8acd47223094d08673d2d2cc2"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
332650
x-cache-status
MISS
cf-ray
6a29d02c8fdc696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
402071
x-xss-protection
"1; mode=block"
last-modified
Tue, 19 Oct 2021 12:53:36 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gn2B0lxMYSzfZt88qvm0DuqN4O90DVz6dttrbdfz579s6MxOh7n6KNhQIxoMnu7lqqhGiYiOS0oieN7gmEBzDLLeArcHtK3Fqwx5EEN3FfalgdP5Rr1C1kGjO7I6yBHoZUSrbX%2FQSviCTinhEv9L"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AF6FD3EB336543
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-vaccinaree.jpg
cdn.digita.media/unimedia/media/2021-10-23/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-23/criza-vaccinaree.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2df9effb91681a4b87c3b47b3cf33290c5c926eb376a81fe885ee822ee5f816
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"1ded14c801244ea49871192f789bb331"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7934
x-cache-status
MISS
cf-ray
6a29d02c8fde696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33771
x-xss-protection
"1; mode=block"
last-modified
Sat, 23 Oct 2021 07:07:20 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UagQWvFGTWEcFPGp6HVGNL0En2oVqznT2pLUBCAWCvJek38u1k0%2Bytox%2FtO6EFuXxaMSJz9yKOfjO%2BdIMLEhU06JUwzHvWuaHooI7aNdz%2BMVVDuNw3hHNep46hX%2BVU%2BoS9MnO3ML%2Bj1G6LXesw40"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B0972981E7CDF0
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-hhhh.png
cdn.digita.media/unimedia/media/2021-10-22/ 		324 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-hhhh.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2324bf2d71d44a6b50355dda5dcd3dc72bf4eb43e1db40987e5c669d7bf1cc30
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"6130d45428ac313f087dadea980fbb28"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60353
x-cache-status
MISS
cf-ray
6a29d02c8fdf696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
332027
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 16:34:00 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHs8SAym1xbzbDnMXzPwkhDLXb5usJgmYi2X3xwDAmB1ItAhHEL0vwL3Gixt1JJ7yWuLfc8bheHmk6VMk%2FA3CNccTJqm1E%2BjZnQzLKmS8YsvhtiLEF6qkybDAee%2ByJAJQE1KJ1lylicYGKcByn18"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B0677C945E26EE
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-agfzad0yywu0ntzhzmzmodqymjbkzdbmzdg3mda5yzy0ogmzyg%3D%3D.thumb.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-agfzad0yywu0ntzhzmzmodqymjbkzdbmzdg3mda5yzy0ogmzyg%3D%3D.thumb.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d6e393c17ed9eb81231061fc106f45ca01abb4895ca98badbfde2bcbf6a5fc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"177f76d49c6321e996ef69c92fdde24d"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71755
x-cache-status
MISS
cf-ray
6a29d02c8fe0696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33655
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 13:23:01 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU2nj3dm4cob9TNqYYA%2BDtkDmM5PRFw3jYvLV4TX5YKP4KnliVwmU9i%2FDab0JfjRMC%2BvRqqc8sNse0CZrVXzhE5Ji8UAbuHdqDMtJpPnUg41EBPHzODOhCoUMOsxEW9P%2FCe4lggERj0PW5IiXJf3"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B05D1DA183A954
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-screenshot%20613.png
cdn.digita.media/unimedia/media/2021-10-22/ 		432 KB
433 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-screenshot%20613.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8d9e2471937736a8d3e6c7b814558d8a136c7c127c1495812a327d1b91b2cd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"0750ad381c11d8e02cd2e46e860b71cb"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96288
x-cache-status
MISS
cf-ray
6a29d02c8fe4696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
442735
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 06:35:13 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00liSq1USwUf2Gfpfx%2BVUfViXQZJ23ul64ZOJKbUc%2F%2B9gwy7BurDhGlRvYOTZKVblu%2BqQp6w11y%2Fb1yx8gcap%2B6BeX81A9kcC14JFM4W3tM03y90JR2ngsmrklw9evI6Ww91wYQSb50Oa36afj4D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B046CD9EBDD1B0
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-capturaa.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-capturaa.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4164bf2a8709a3e2b2d3725de8d702c54ea5a284ce0c4a2c672fd06486e107
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"5e3674164f2ba446ffcacf6d781c63a8"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
102855
x-cache-status
MISS
cf-ray
6a29d02c8fe9696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20054
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 04:44:00 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjhcXlfSYWEC8iyLm%2FzcCf6lWK44AZ9VaK1czL5Bp0zzz7sAZP2SrZcXc3Ae9i7254yuJyUY8F1OirqdxDigkN9F4IEyewAaAyRbW29mx8ftdm6i18Z95iSrx2JgDXUkI%2FFbN53OboSP6AUhOp2E"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B040D46F51F2B3
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-ghil%20nehu%C8%99tan.jpg
cdn.digita.media/unimedia/media/2021-10-14/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-14/criza-ghil%20nehu%C8%99tan.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0b196c85a9afd258c9fef511c8917155f0c6bd269fe7d5a1882e296f35600a6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"13794256e441a5a97f38563a56f669c1"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
749548
x-cache-status
MISS
cf-ray
6a29d02c8feb696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40539
x-xss-protection
"1; mode=block"
last-modified
Thu, 14 Oct 2021 17:06:00 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCZRQ20XLGX8R2%2BG%2FwaznbanIdKwI%2BNsFPIW89OgRJnmag%2FazAfoGMbiLFHHk91Iaqms0boWQAptYd7FH39m8k2wX8v%2FgzCBIhtcVhGAGAaQsvQ%2B9uIC42G2yLOsLI8yvlHuX1NMBiuOcsAcUR9z"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16ADF4A6E491A4E8
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-police.jpg
cdn.digita.media/unimedia/media/2021-10-11/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-11/criza-police.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53fe6532577bd151cae046adbae3765bc84835bb4ea3a74dd8414fed8d305afe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"50bbe79d46f8da90411193e53eac146c"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1042329
x-cache-status
MISS
cf-ray
6a29d02c8fed696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
71668
x-xss-protection
"1; mode=block"
last-modified
Mon, 11 Oct 2021 07:44:12 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNXR3XnW69UTS4Z%2Buv36oxE87Wd0soax5g2fflwp01j6i8RoVM4n%2F3YAQKGPp%2FbCHj0aZ%2FOtCCxjMUeBH%2BzMWd33bmGfrAvEv5h9VDgSGaIVB9AcBALqR2d2wjLUW5%2Fa3%2FSIZIaqf4HheQxW5hsl"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16ACEA5CB4E93BFE
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-criza-sfs.png
cdn.digita.media/unimedia/media/2021-10-07/ 		383 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-07/criza-criza-sfs.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c2529fe3d033f9401769ef022638cd5b1196d0074f3b2ff167fcb5fb979e71
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"a553ece05a7c62e9325239f040069fb7"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1371984
x-cache-status
MISS
cf-ray
6a29d02c8fef696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
392696
x-xss-protection
"1; mode=block"
last-modified
Thu, 07 Oct 2021 12:06:34 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWe08p2gC4zcm%2Fsm1z%2BYQsoJn1VO3gXiyOLUpOFIc3W%2BBgvqiwGMoT%2By5FyOca3XXMXCvnNH4DFLQuHeocYDKAJ%2B%2FoQop3RlLwEl6TUyAwk%2FkzFz2BqLxzhTRkUN6FRtjTozaaFfTgvvW4QZSh5R"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16ABBE891893401A
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-diaspora.jpg
cdn.digita.media/unimedia/media/2021-10-04/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-04/criza-diaspora.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09a0d1a37800890df987ab23c07b26bf54198753a228f936e403b3b565fd4643
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"322e7ff9166494fb7cd2472f89a410bd"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1616832
x-cache-status
MISS
cf-ray
6a29d02c8ff0696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
61947
x-xss-protection
"1; mode=block"
last-modified
Mon, 04 Oct 2021 16:12:01 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuVDgAaY%2BsDGcKDTKLrhDTLEmg54SVuYakPNaKrJg1z4TCAzFoDCWN0%2FhOm1CRe34Cj9L6Uo1W7%2FaJq2i36XYWTWu%2FDD8BXyf%2FmjqozhTcGKaNxEBMDVDzBDSjQ0c1Bpar5g7OljPARTAM75BU8d"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AADFD79B992E29
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-whatsapp%20image%202021-10-03%20at%2011.03.48.jpeg
cdn.digita.media/unimedia/media/2021-10-03/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-03/criza-whatsapp%20image%202021-10-03%20at%2011.03.48.jpeg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b0eed28ef65b2e42fb1c0c4f1722917d68077596e5fc537d19857bccc84cf4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"89a2369e807c954a59a07b63007a2dc7"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1721506
x-cache-status
MISS
cf-ray
6a29d02c8ff2696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59585
x-xss-protection
"1; mode=block"
last-modified
Sun, 03 Oct 2021 11:05:59 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3C2tgfn6Fa%2FLSpvnuOb4Lrfsj5ZuICGETIfj7MUzYGkujQLBWntMU7cUSfcRxDQrZHYYG8UopP0psRHV6EraHQ5bXzpdB73YJLOR6HVf%2Fco45n2IB38vPLp91xH1IcrekvJHKSXoWIkh%2BBtzPqDz"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AA80A3A4CD6C51
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
3d3b8019-623a-4245-af54-4678765c1464.jpg
cdn.digita.media/unimedia/superdesk/20200925140952/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/superdesk/20200925140952/3d3b8019-623a-4245-af54-4678765c1464.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a7f4cb9e8856b1b4f9b786dfd40b2b96f3f45deba71497d6b4985f8f2e06ee
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"3929ec69730e30f1624dfd0377f745e3"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1308028
x-cache-status
MISS
cf-ray
6a29d02c8ff7696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39163
x-xss-protection
"1; mode=block"
last-modified
Fri, 25 Sep 2020 11:54:36 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRHrsa3G5nuRK%2FKLmHxjJXq%2BwcX85SGDl54A8PdNw3XpAUFexpyQDMTKnvgrlaJO2nBsT5FsmbnxyVlFrUBixfYWcJtfIQixRbr17dlRI3Og4S0f1krZO16jpn4DJCOG3QYilM7ZWDEfZKcuXwct"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
167865EA37B43289
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
0ece1836-5887-4333-a5de-70ef57642351.jpg
cdn.digita.media/unimedia/superdesk/2020092417098/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/superdesk/2020092417098/0ece1836-5887-4333-a5de-70ef57642351.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492765265f9c7b0072536c2d6e2eeef8263e22a68bbeff128365a7811114756a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"03f9d61558f12111a456bd157a328f0a"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1308028
x-cache-status
MISS
cf-ray
6a29d02c8ff8696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10129
x-xss-protection
"1; mode=block"
last-modified
Thu, 24 Sep 2020 14:09:48 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohX7KGPELdHufaEqfX4voxpmex2qZfwmSTZTltUztPItG85bcnyH%2FQcAZqf2XOeteUF6q0IamdCMS9G86EnpzIMJC5LTscCqt140wOF2UW5k3Hc6uB4IFMby66nmP%2BzC8E3oAMOapmNJxvnvIRSt"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
167865EA37F56A5A
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
01486ed6-f7c6-417e-a638-5542a3129453.jpg
cdn.digita.media/unimedia/superdesk/20200922210928/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/superdesk/20200922210928/01486ed6-f7c6-417e-a638-5542a3129453.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549fe1213a41a6f0371bcc4039405f6aeb48195a2dff612fab29ab7f5b5f5a3b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"aee5bccd68ae2208e551361550922015"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
367878
x-cache-status
MISS
cf-ray
6a29d02c8ffc696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14541
x-xss-protection
"1; mode=block"
last-modified
Tue, 22 Sep 2020 18:30:28 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1P15TpSvUA4anC%2Fdo%2FAQoSiHV32i2KfYuFYxqR4jKjSOADJbuNtXeXnZVpUd4y2AM%2FuabBXD3gEz3OX61qv5LKcDxKOf26cfEU2Kq82hc97jGpNd0KhERs5Zh23MMLbys45OV2LAYIpR60cdfxC"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
169E1D7F57DA1856
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
criza-image.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-image.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e46e580c2926505edd4176d139a99baa8480a5bbb64b1734c56f6a1da23c1ad
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"1342c69cc77891f4f4192b1ca781c6c0"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83932
x-cache-status
MISS
cf-ray
6a29d02c8ffe696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35273
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 10:00:54 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdILU75mYviZNR%2BOVnSAi3dl%2FSdprJXZsuFoXZqSxjRKcU7fbkW7lmcejaaHIs1IpQdr9b0vVIJL1t5HgmJboRyGLhyjU4XTYkIr8XJrDdIDjGpZgnFg7Agua1rThtVB4mEq7MtDfogOEr1soFSG"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B0520A8EA23095
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-wine%20accelerator.png
cdn.digita.media/unimedia/media/2021-10-11/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-11/criza-wine%20accelerator.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
816c9a39c1113149fe64c94769c8756b2f4e16eb4d962ee179f1354ced3e3fd0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"fb71956f08347be38a4287519d033810"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1020942
x-cache-status
MISS
cf-ray
6a29d02c8fff696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
197154
x-xss-protection
"1; mode=block"
last-modified
Mon, 11 Oct 2021 13:42:56 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQr98%2BZcdgOSob4TgB9140IEJTbsf5fEvsFN2cQU3%2B7VGeXPu8QG3Yf1C3rhdc33kDd1b%2BoaP7byprXq0lt2LeMw%2BHzQ%2Bnq0Rnhpr63MmXlSMw9KXbchx0cx%2B9hNGwz4sOixhx%2BHm1rZ8t%2Fz0vvY"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16ACFDD04E09022B
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-244303076%20380451876894064%205584010963988304613%20n.jpg
cdn.digita.media/unimedia/media/2021-10-07/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-07/criza-244303076%20380451876894064%205584010963988304613%20n.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4021bee45d3321807039f5374aeee6401c2f3ba5840c6d0dcba3743e523004a0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"786097eab52f5d01e8cad08fa4413fa6"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1377525
x-cache-status
MISS
cf-ray
6a29d02c8801696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29975
x-xss-protection
"1; mode=block"
last-modified
Thu, 07 Oct 2021 10:39:08 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4pyV3FfMj7j323RWDuRQ8R3LA2%2BilTkkKSIr1JtgjNKss8n%2BIw09OZnZmQD7L3Nfu7%2BV6%2BDUZKTNhaFO5DynHTi2p4v7VEJnUJt3EcppERsDzAoySq53%2FT2jrBtut1zpD7tX%2BNiZfHbgjYULP4k"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16ABB97ED0BFEDC9
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-onvv.jpg
cdn.digita.media/unimedia/media/2021-10-01/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-01/criza-onvv.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad31142d429592917a0beacf573a98974aec6acdd251b9a882708ea5eb76ab86
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"3717d2d9501409f8754571556880a877"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1894193
x-cache-status
MISS
cf-ray
6a29d02c8802696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25603
x-xss-protection
"1; mode=block"
last-modified
Fri, 01 Oct 2021 11:09:05 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2DeFlEb95%2FSYaH5vjN3vloz8UcnsYA952yZeHjB%2B0tven6J4JxPx66OV5y%2FBh53ZFldgO5XgivU2ZQy6MpnGLv%2BPmqreqOMXVtInYi5MgG5wD4vq6ncwwxbyqj0SgAD2Tfy3hqVYIU49TF%2FEeky"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16A9E393E03FB6D7
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-ziua-vinului.jpg
cdn.digita.media/unimedia/media/2021-10-01/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-01/criza-ziua-vinului.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
052da9c9a8554b47e7d2a8dc64d3fb94c850ba86ce3bc29d9c9a0be67302e709
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"ec679fb863696e9268e6f54349501fcb"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1903781
x-cache-status
MISS
cf-ray
6a29d02c8803696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74206
x-xss-protection
"1; mode=block"
last-modified
Fri, 01 Oct 2021 08:26:48 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W39d%2BijBMggKNzLlzQjwMQjKTEf3DQnNSJpNOt4EBvIV0w1cFkZiac1%2FzbPV70AE2RPlzhP7zPRkeBxGTFrNJP4L5lfjM%2BEXRh6f5%2BLdW9omYHTHfU5LJoMbPm6aVuzQtsIKZLIg93x79BcYVsG1"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16A9DADB6B18D7E7
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-oscar%20si%20tanti%20roz%20%284%29.jpg
cdn.digita.media/unimedia/media/2021-10-20/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-20/criza-oscar%20si%20tanti%20roz%20%284%29.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a489b1804f74d7cf081da2c1a063f19f0566c5cd3a73a49744647b427bc0a22
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"dd74d240acfcc19e78abb4d392d839eb"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
238027
x-cache-status
MISS
cf-ray
6a29d02c8805696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34369
x-xss-protection
"1; mode=block"
last-modified
Wed, 20 Oct 2021 15:04:36 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdI4zMizNzcP5vtMQ6k8TK6xEpyDNpd8mbHUwjdr0bZIcpacyQ%2FGy8zGbr000uuZiSe%2Brm8TW0tGvd9Nf33BOmQbiy39EqwBT2IlcGveUboxsJZg%2FRq%2BwIzyVWdSeOqwC5do1T7XlaO1onHhx19u"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AFC5E36E0BF185
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-dab.jpg
cdn.digita.media/unimedia/media/2021-10-18/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-18/criza-dab.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaec0d2124e354ff97cb87f92cc0f6919e9a038897c2c91e2c503be87111bfad
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"403e2e5b79a8b916f8f320502637a0dc"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
418546
x-cache-status
MISS
cf-ray
6a29d02c8806696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68781
x-xss-protection
"1; mode=block"
last-modified
Mon, 18 Oct 2021 12:55:26 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BCbYKKHNo1pfm6RCeydQqclLB1bqiZh7a%2BSvN94vHDLriG7ccM8cX%2BUKJwz2SkCqZ0C3j4vr8moMJRcTW5NK94QYCmY9nGcU3mrXUrlUjqXJcN4iYddN2tPyhDYSxGjHOIHL127eRwkkDGm4bs9"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AF21B42FAF1EC7
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-screenshot%20545.png
cdn.digita.media/unimedia/media/2021-10-16/ 		412 KB
413 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-16/criza-screenshot%20545.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834ec7dc1104fa5267ca4c88bc4958c7520cd01c00f3258dbf44053827ba2d08
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"13dbed921dcd5ce1a473c963ab955c8e"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
610826
x-cache-status
MISS
cf-ray
6a29d02c8807696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
422312
x-xss-protection
"1; mode=block"
last-modified
Sat, 16 Oct 2021 07:15:40 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLi6jLWjMN4%2FiaTAO7HFFWToBGdjfZ38P3S4AZhkd3Ac1YtenyvY6NkEb6zfFtxhvCKTap5ElRvtAso46T7IqNhYbDOJVgpoYcajPareOAlypPhfQPhvO6TWbA9uVxSrJYyxJBpYgY%2F2Tt3ta1Ar"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AE72D25ADAEF03
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-pjimage%20-%202021-10-15t181622.241.jpg
cdn.digita.media/unimedia/media/2021-10-15/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-15/criza-pjimage%20-%202021-10-15t181622.241.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c98fc17942027b5989e1c80ef8983d6450764e4214333d3ec6931edaa0957b6a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"bdcfd7f01fc97dc7d3e0d9db803b9d9a"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
668969
x-cache-status
MISS
cf-ray
6a29d02c8808696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54305
x-xss-protection
"1; mode=block"
last-modified
Fri, 15 Oct 2021 15:29:18 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skdBJdJosfAcPbU2WGiEgxN5xzUSzabzVC7K4CVrgnjuJAEhYXgiLPxErvEWD309TPimt2epaD%2F1sVEMQCpSgKXfIeML9HEAtzWup7EdDX%2B2J4BmX%2FWgkbgir09C2JEWKtFFapFHxvBX0WZi6kVs"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AE3DF08C0410B6
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-20210509%20115456.jpg
cdn.digita.media/unimedia/media/2021-10-15/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-15/criza-20210509%20115456.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cc09c67f50e94a4f90f27752e23166003bfa974fdecc5832314bbca170d4813
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"9bd8870d8e48189f1eb0c4c8f212438e"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
689059
x-cache-status
MISS
cf-ray
6a29d02c8809696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
108665
x-xss-protection
"1; mode=block"
last-modified
Fri, 15 Oct 2021 09:51:35 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGHhvw31SeOGrO8WW4ebLx40AZFaQf9H6Au7cYxwiix7ZE%2Fz3WjlijVltpoWOORN9bq8yoclfd3gk5Dq47LxYno0g5UldH42IB468z0empCkxgmnHSqIlWSgOJbyl3kf%2Ff8TACEYNtmR5xiw3IeH"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AE2BAABF7A99F3
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-pjimage%20-%202021-10-19t234526.758.jpg
cdn.digita.media/unimedia/media/2021-10-19/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-19/criza-pjimage%20-%202021-10-19t234526.758.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ce2cff7cadf7ed6722812f63ac65e50ff734c975218f675dd4c62d3c6a86f4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"b0dd274a1094c18e2c756236d5bc2ed2"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
302742
x-cache-status
MISS
cf-ray
6a29d02c880c696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48395
x-xss-protection
"1; mode=block"
last-modified
Tue, 19 Oct 2021 20:58:32 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfuUTo%2BktXqQ6nOMAkjr5VpvhF8yhMy1zOKa2oQLWYJqvpgSGlJAvLzndV28521YkKvZNovBsExjrJe1pp3RRsYRn3xVTp8iGmx0t1BAKiggJOcakKVAz3qZQwRJgpglwGPbHjsAj6cbNaazxiJE"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AF8B0790B8755E
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-tok.png
cdn.digita.media/unimedia/media/2021-10-19/ 		337 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-19/criza-tok.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6053e6ccdb9e1eec28c606665bff4052277acdc8d44c33913ad5dd157b321103
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"7095db1f5b577fe8495b4fe5ed9ce1ab"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
348692
x-cache-status
MISS
cf-ray
6a29d02c880f696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
344783
x-xss-protection
"1; mode=block"
last-modified
Tue, 19 Oct 2021 08:27:54 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFFjsuEz%2FV4La2L4fGv44RlgbFGmzDKRn7C%2BejtFOLmUKd%2BPcEOVnNBeiMVJ6RqToX3f8iZDnVViAGGInT1HyH%2BDuqsORJkhwBOH0AOV3H9KjSstYQaFzyFEIikfkZam%2B9vb82L0ZvIJTr5j2uJS"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AF613CBC518C8F
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-pjimage%20-%202021-10-19t100014.870.jpg
cdn.digita.media/unimedia/media/2021-10-19/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-19/criza-pjimage%20-%202021-10-19t100014.870.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a7bbd86b9b825943b9013ec352315e0d70e47de05d4721f9a3d859cc617622
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"6919338ab4a7bc2b7d013ad599100862"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
352889
x-cache-status
MISS
cf-ray
6a29d02c8811696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
64843
x-xss-protection
"1; mode=block"
last-modified
Tue, 19 Oct 2021 07:13:22 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hw48tozxy48MDsZGpyyBA1k3kmsk7z7svaNcp7VXjN7uUAJnUV9u0n2MQEATyCqyqMkkBTDINTIWBG0ZVejoxruN7W7RGrcjADsqITTREaEOjPFftZ4nHc%2BCqyfwGu1lxeefQkF588BhityURnEo"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AF5D6B85F1D13E
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-criza-mesi.jpg
cdn.digita.media/unimedia/media/2021-10-17/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-17/criza-criza-mesi.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86c79ea484d60305cc766396aff57f0ec0e4f4052ccb91dec4518184b88298b8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"8e6820a7f5c0db41bd4bd95a3b7f9f85"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
500550
x-cache-status
MISS
cf-ray
6a29d02c8812696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31099
x-xss-protection
"1; mode=block"
last-modified
Sun, 17 Oct 2021 14:16:55 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnnCZSA6HJJuBfdyMU6HN%2BF1iQspw0cbhFtBeS0vN0kO0Ls7b4B9XctcRDM3gbq5lxVlHyHwTdGHIuUTsZxyyfobSe37uNphrDoHkYwxWQLGpllDOZjycb6p1IrxgWImupkpbvOWTXLKrTPmmQhu"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AED71EB5F866DB
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-screenshot%20560.png
cdn.digita.media/unimedia/media/2021-10-16/ 		393 KB
394 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-16/criza-screenshot%20560.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff5d58f871051d01cc1168df489bba296a3f3b8d68e0c06e7f83a715ad8c8728
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"07dbe47562181704b2477ed06514768f"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
575123
x-cache-status
MISS
cf-ray
6a29d02c8813696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
402829
x-xss-protection
"1; mode=block"
last-modified
Sat, 16 Oct 2021 17:31:06 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5gnVM%2BIP4UOO3pWWLLrHMVVSPPKynAqBiB8lF7kTery3FVb%2F3cViM1gRZ6%2FfcNJKbHSLolRsLu%2Fo3gCGaGP8wFpCqMhiyTHF20TndcaC2mhPNybIACswxRqGSXWkev3qrP3f0wftTub1f%2F1G4iQ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AE934B5EAE9A3C
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-sef.png
cdn.digita.media/unimedia/media/2021-10-19/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-19/criza-sef.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bbcb1b76a28ccfe4228d8b5ed74a416e35d6fe07e1b4d02a18270923f114a6d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"76e5978f72546abaed3f818fd04b0681"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
343274
x-cache-status
MISS
cf-ray
6a29d02c8814696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
175573
x-xss-protection
"1; mode=block"
last-modified
Tue, 19 Oct 2021 09:57:30 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8wAFmJMwG5KtupSW4eGuSX92QmUCn1%2FGYa2wl1bNndmspT56x5aZ8ulSDFZVcSw%2FkbCAfnM9MiuW3C4545Qa8BQaq0wGXlicsstcBCzuzfS12bcRRJpgZpuHS4ahKhjLIp3VIHm%2BsarF7NH0zbR"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AF662A27828F26
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-tesla.jpg
cdn.digita.media/unimedia/media/2021-10-18/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-18/criza-tesla.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
117324cc283b17f0dc78516c498ffb9941decae7f79b78c77e6c232e74b3eff8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"b9b7705a4cbc445d14da48ffd77fffb9"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
422431
x-cache-status
MISS
cf-ray
6a29d02c8817696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
55437
x-xss-protection
"1; mode=block"
last-modified
Mon, 18 Oct 2021 11:58:37 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uFF47MNZ07zK1orqIgqMxtyqDHkJpldNl2FkOQMmnCQuZKJIxX7KOwnU8hpMvpyYnbU9VnpBypsXhrpZSmN65%2F%2BXelUphD6bkeazj%2F7dku2Umhdep4HXL8DmJu%2B7ulDMNlJ2Vpud0nBI3VawItL"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AF1E2B9B39E46B
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-baltiii.png
cdn.digita.media/unimedia/media/2021-10-15/ 		293 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-15/criza-baltiii.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535f3f130f0e258dad5f3fd8e2c1659da0fb9603ff4deaaef3ee10c4a8e4ec4b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"7a37cca2c2be7ac646653fb9394ccd1c"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
673936
x-cache-status
MISS
cf-ray
6a29d02c8818696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
300297
x-xss-protection
"1; mode=block"
last-modified
Fri, 15 Oct 2021 14:07:26 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNyBvdXIABi1VZW%2FJPRkEMqHFtabmIDBG3H2ySv9nz32cg%2F15yuaZZpkcm1nrkj4MSqkvHMZO4%2FreAZvM40Xh0sVvxe94pikgbD3Psyz%2FG3Hn5tSl8vjbSYL4fY%2Bd8nbY%2Bkc43DEkfezEhvJ2q3z"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AE396BF62F20D0
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-zdg.jpg
cdn.digita.media/unimedia/media/2021-10-12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-12/criza-zdg.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
135819102cc1e4e89a9f2d6f23b04e9bb08121edcaf96d750815738c0afeb4a9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"cad3e9f16afddb7a4fe52419ada0dfac"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
918545
x-cache-status
MISS
cf-ray
6a29d02c881b696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
72560
x-xss-protection
"1; mode=block"
last-modified
Tue, 12 Oct 2021 18:10:23 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf2154UlsvX%2FYpGZ%2BjdotR1wgfo34pvI0W0rpuBU67RbsCGc22R%2FQXdvLUNjseqJtOeokwNDY59Guh1cGkjcTCuFk82sRsHIsIWYWffbl5dFj3XceOkZfttLc5RDlAJLivX8EjeexIA2zfNwoQ0c"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16AD5AF21E5270D6
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
85846b00-b3a4-4bd6-9765-c99a99523910.jpg
cdn.digita.media/unimedia/superdesk/20200708140712/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/superdesk/20200708140712/85846b00-b3a4-4bd6-9765-c99a99523910.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62bc8c679490b864992963563169f563770bdc0540f7834c872bbc27f4507a96
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"58c359e5c68bb86b299cced38b227d7c"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1057815
x-cache-status
MISS
cf-ray
6a29d02c881d696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19286
x-xss-protection
"1; mode=block"
last-modified
Wed, 08 Jul 2020 11:14:35 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nS7KQdRp0ZB83BkgtHAuocOfZHTjD3VO2geAMo%2Bi83PjdbHMMQrOBJITlWEIx7I5lyq0fwUxuqMvddpTBoAe8DNdY0Ah8%2FK%2BuwJsBEIcrxYjN83buahPwdo6DBP3JtkqNAXiz8WtdXDG1GScDM0E"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16A443EC3C3211C1
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
2dba9b2b-339f-4516-98a0-3f6af379936e.png
cdn.digita.media/unimedia/superdesk/2020070811070/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/superdesk/2020070811070/2dba9b2b-339f-4516-98a0-3f6af379936e.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c05453933e9aef66ad2a3fe220a77852062eab0be8574cf70e9ffc05b16a4c4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"eda1287a39ea746b382d0c86412ff7c1"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1308027
x-cache-status
MISS
cf-ray
6a29d02c881e696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
113016
x-xss-protection
"1; mode=block"
last-modified
Wed, 08 Jul 2020 08:01:12 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNh3Svt8HI2ZG763uRp5NtFncOvRvRvPQkrGo8FI3G4KKYrJz48MA48uvrP6elR%2FezD8SxPgngJ9XMCiXHeVFTmvoZNKJKGcAF4bnNbU6x2sQgf0B6oXBoQ49G%2B1g%2FiAN3IQxqQhCfq0Ia7Y5EO3"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
167865EA3B1BAB2A
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
43ac01fc-df45-4bf9-b6e6-aaeef3d94992.jpg
cdn.digita.media/unimedia/superdesk/2020070716070/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/superdesk/2020070716070/43ac01fc-df45-4bf9-b6e6-aaeef3d94992.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5871748207e1582fdf418cd563884744426e80f8338543032cce47245590d57
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"a8b897aea596ad3551252105dd38115e"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1308027
x-cache-status
MISS
cf-ray
6a29d02c881f696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20603
x-xss-protection
"1; mode=block"
last-modified
Tue, 07 Jul 2020 13:03:44 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGMY2jLiJxarMkTdPOclTi0oI%2BjrzKnaVL9loM31G5TIFT3WU2OjwUnk5%2BOtaItgsuz%2FUDSby%2BptNV4GJtLJeqL2HzuZq9nhP9BnPu%2FG4%2FpoSMj4H9PbSuJKaT9Qci7H4bR0G76v4gmbqUG7R%2Bv9"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
167865EA618B9452
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
a97f85ae-71dc-47f8-91da-9190583d5dab.jpg
cdn.digita.media/unimedia/superdesk/20200706200744/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/superdesk/20200706200744/a97f85ae-71dc-47f8-91da-9190583d5dab.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466e66305bb8a4ed93c2fe283049ca159058e58438d9320b60580e62604fc9b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"602c015f83d914ee935ff407d9791111"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1308027
x-cache-status
MISS
cf-ray
6a29d02c8820696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15807
x-xss-protection
"1; mode=block"
last-modified
Mon, 06 Jul 2020 17:47:14 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pkKemM68s8PlJW2aWUKTIVUnAHlYn1aSqwcf3r6k4XqFeOkA5ZPKg7rvF3zkeXBQD8MZUZlFOy5mjr%2BnqVGDW%2FTPASC6B2nM8k%2Bs7K%2FoMvOsyKHikwW12mtvmfczYQWZRdQFd2FQU8jtFa3z%2FFL"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
167865EA61B91AD4
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
502cfb5a-b689-44e1-8ef2-e444120b5d2b.jpg
cdn.digita.media/unimedia/superdesk/20200706120728/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/superdesk/20200706120728/502cfb5a-b689-44e1-8ef2-e444120b5d2b.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654759a47eb269bc88ac9baf5cc398815588a1f6e76584d390ce3e946a11e716
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"4d67ebecab6956e2f7d6970bb987af06"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1308027
x-cache-status
MISS
cf-ray
6a29d02c8822696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26237
x-xss-protection
"1; mode=block"
last-modified
Mon, 06 Jul 2020 09:31:28 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eyq%2B9QWSHCppGOwegOpU2%2Fve3GVRxf%2BZZ0WBVd5XOE2D8NdimJeGXKzfC2iH5PaJCs%2Fo10TSOeQwuSok9%2F3JpQGxYUeg%2F%2FJcKpfEkkjgl0EjQdyAvu85Q6scrz7Jiuj2w2qKxSD%2FKEEizdsVgSb6"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
167865EA62182EFC
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
criza-voronin.png
cdn.digita.media/unimedia/media/2021-09-24/ 		354 KB
355 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-09-24/criza-voronin.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26933812336db12f2db1b8d3c7d2dd5dec8ff419365b33183ccbc0cb7dda8553
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"e0e9e130412d266b791abbcf6640a716"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73842
x-cache-status
MISS
cf-ray
6a29d02c8824696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
362552
x-xss-protection
"1; mode=block"
last-modified
Fri, 24 Sep 2021 12:26:21 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kRzZ0%2FXyL6RapfeSo98XbJ7ZX%2BtUyfuLfkgjxxlVjRUay8xWnCLQ5KeU9F%2Bc%2BKoJM0gg36bM9L2zIpRbPF23EymNcHcN0LswE0ILQ9iA8QaSmIrBms4QJ81bVjwHbO1w7OOl3tkZo%2FYjRw4GIx%2F"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16A7C2E803380CED
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-bolea%20grosu.jpg
cdn.digita.media/unimedia/media/2021-09-23/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-09-23/criza-bolea%20grosu.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa6d86059c0717e660ea16a429335b5c6c2523b530cc6809780c3c96efba29b4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"b62c0422bcb6c52ef3d7ca33490873f3"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165230
x-cache-status
MISS
cf-ray
6a29d02c8825696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40589
x-xss-protection
"1; mode=block"
last-modified
Thu, 23 Sep 2021 11:16:42 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOJxWFT8x476ORVWcGytPsDCDqGSlYoe8jCujfeT5cMjAaD4MU5UyF3OnnSL5KCvoD1LERbIgDBO5Ddk9Pz%2BRvDdj6wI42DplvoGp7zC84nuS4Hd%2B9%2BiYSl5wmzlIud%2BcLDJaOhniMxPw88ynf7Y"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16A76FC65664ECF4
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-nemerenco.png
cdn.digita.media/unimedia/media/2021-09-22/ 		301 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-09-22/criza-nemerenco.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1833c5c9fd22e606bea834a35f58324f323c282d4aa341a4e8eae69f02e8943
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"1e33f86f597c55a0f750a879c6c26c24"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
237699
x-cache-status
MISS
cf-ray
6a29d02c8827696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
308359
x-xss-protection
"1; mode=block"
last-modified
Wed, 22 Sep 2021 15:14:52 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiQwsWwEzCQ8HBe6RNLHfNW9UE%2Fa5YOR9rzvgaHCV%2BjIQlNIfWwteJR6TaqvnwoykzwYAsZJT7YMdxTI4tVZZT2JbOIOF93fv4ScPHUB%2BVmr2rZ501UavXtQABapJA%2F3FFNQUP3lFunP4Uikbx9B"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16A72DDC3374DCDE
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-politica.png
cdn.digita.media/unimedia/media/2021-09-09/ 		321 KB
322 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-09-09/criza-politica.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b90ad92dda62436c36f9815f78a948c8f956cadb61c37f9df633f95e31a8d14
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"083fb056984e4540a864fbca1aa8145f"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1390330
x-cache-status
MISS
cf-ray
6a29d02c8828696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
328767
x-xss-protection
"1; mode=block"
last-modified
Thu, 09 Sep 2021 07:04:56 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yt5lETYBKZ5Q6j6IWpBpK8yDrgd4nNbltdqj2asIv3QWLsC6NRp6geuSLHA4P5CMswOTT%2BlGQ30WmZpIaes79JUz70ulHeV5OA2mIOk4WKUKJwettWuJdW543TfLmE1VJih4JhDCRyvsQyKgIiFy"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16A31588B9A66366
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-7b053797-ab88-43c7-8e05-85afb1fe4948.jpg
cdn.digita.media/unimedia/media/2021-09-06/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-09-06/criza-7b053797-ab88-43c7-8e05-85afb1fe4948.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7d63341923056461dc7106dc496f34ec1520d33cd6d077a268a53f6d11b29b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"93c8d4c01201195c59d5e10fdf469f9a"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1640259
x-cache-status
MISS
cf-ray
6a29d02c8829696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32582
x-xss-protection
"1; mode=block"
last-modified
Mon, 06 Sep 2021 09:40:10 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRVOCRD2KZwYGJgedpERxp0tLF3rR0%2FjIO1l0PkbosS2ZWGbecvToXrRIk9Km%2Fojzrpn4v6p8dBG6%2FWMWEbPtYDrtheTaW1u9CHLKhNAkDYl%2BaC6vEvxc22yYrpjbTJAnptScCxQwlv6zjxMWO3F"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16A2323A0DE93B03
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
st.svg
cdn.digita.media/unimedia/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/st.svg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d33325b73d8e04a4436eea64af5bd43137c6cfda9d274482eec71f4e77bf8a6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1522088
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
1677A3F5704ED5D6
x-xss-protection
"1; mode=block"
last-modified
Wed, 19 Sep 2018 08:51:37 GMT
server
cloudflare
etag
W/"402667a6de6c9012490506846cdf17c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwDZub2LYq1M9dxJLlVojvSrp7j%2FCg9pu8yUaL28F0SCvo%2BimM%2FdI7xvIUDcwTjVMMUvy19JxFVVr5B16ItdY7Nw2MS%2Fp42Yf25k2JL7w4oVyIqei2uMrU%2FykdaniIwkVLCCsGnyE6bnF4PB4ka%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
content-security-policy
block-all-mixed-content
cf-ray
6a29d02c882c696f-FRA
socket.io.js
cdn.jsdelivr.net/npm/socket.io-client@2.3.0/dist/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/socket.io-client@2.3.0/dist/socket.io.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3777749
x-jsd-version
2.3.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19156-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"10c4e-plYMiu1vxzUOLKlvzZghG8GPwjU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a29d02c3e3743b8-FRA
app.min.js
unimedia.info/js/ 		564 KB
564 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unimedia.info/js/app.min.js?59064283
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.6.1 /
Resource Hash
defd9732525ca015e49d59c241aa34e28d732982bcda5d8a053a31d54e134ae9

Request headers

:path
/js/app.min.js?59064283
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
unimedia.info
referer
https://unimedia.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
x-b3-traceid
1a550f5c72694773911cec49d8b3260d
x-cache
HIT, MISS
mrf-cache-status
HM
x-b3-traceid-primal
710d918e7375415b9e983836962e0342
content-length
577143
x-served-by
cache-lcy19250-LCY, cache-cdg20738-CDG
mrf-tech
CDN
server
nginx/1.6.1
x-timer
S1634980026.267010,VS0,VE14
etag
"5e33ec57-8ce77"
vary
User-Agent
content-type
application/x-javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 0
jsrender.min.js
unimedia.info/js/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unimedia.info/js/jsrender.min.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.6.1 /
Resource Hash
6ed2d08fa4659315cae1c83a5c79e083739580f7620f742591a60c65a7029a90

Request headers

:path
/js/jsrender.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
unimedia.info
referer
https://unimedia.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
x-b3-traceid
32fc71ad4289466081725f47ca920972
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
9830252c4f804f0c91dad21ab11581f1
content-length
22171
x-served-by
cache-lcy19221-LCY, cache-cdg20738-CDG
mrf-tech
CDN
server
nginx/1.6.1
x-timer
S1634980026.271489,VS0,VE1
etag
"5a1e0739-569b"
vary
User-Agent
content-type
application/x-javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
dragula.min.js
unimedia.info/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unimedia.info/js/dragula.min.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.6.1 /
Resource Hash
ba0e1b1dfa871408f6079304491c5b2dddd1df0755310cee83628766a1449852

Request headers

:path
/js/dragula.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
unimedia.info
referer
https://unimedia.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
x-b3-traceid
8232875de2644761ad572e4350c2149b
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
e8f1e4c05cda4090813db4fa54010241
content-length
11396
x-served-by
cache-lcy19225-LCY, cache-cdg20738-CDG
mrf-tech
CDN
server
nginx/1.6.1
x-timer
S1634980026.271591,VS0,VE1
etag
"57d6a0f8-2c84"
vary
User-Agent
content-type
application/x-javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/ 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/select2.min.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd91b9dd3e258ce4421181a85cde15a2b860fa0adc0580c7c4534a37cde69ba
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2225035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15961
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-108a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp1B3rVZtHmgqM1a6YFzxLBL5h88H8ZG0xpeQq4BhBak%2B8Bj2%2BtdtCCGff2KCyOlqd1BCwrlvvLC%2BpcuaLy4HjwbX1tLUIH0WXv9rYyLoHdBiMQmU6sJa%2BuSIVS1%2BcQryHu2s%2B6cwb3rPLTxctt0IaWD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a29d02c3a463746-MXP
expires
Thu, 13 Oct 2022 09:07:06 GMT
xgemius.js
gamd.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gamd.hit.gemius.pl/xgemius.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.228 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
f62da9fa67a86fc30d576a01706e20a58fbe41ff7b9ac45671746fb2ac766d39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 18:01:32 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Sat, 23 Oct 2021 21:07:06 GMT
gtm.js
www.googletagmanager.com/ 		72 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MN5V7NG
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2963eb258e4369b50dabb2479c1a5f35f880d57845a91d7551ff3c07ffa4cdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29324
x-xss-protection
0
expires
Sat, 23 Oct 2021 09:07:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
3EoqBNvvsS7juOmYERw2y0f5mUnY3/bxA0tPANWK+3XEYbTG897LsqatqkCxGTs86m0mlspOWrJzfJM+4xTXFA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 23 Oct 2021 09:07:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/ro_RO/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ro_RO/sdk.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce78bfc576d042fb0a93c81a33249aa2807dd57772f37b2ec92900e22c9b6bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
mfEnMQHRbRnXKqzZ2r0j/Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
lIpwKF1A5uZer/WH8I2ubfWFx3S8aK7wXICtfLdv6VEd4UTuv9Ps10GJ4umhFieyg0Og3ms1LwjodIdLemDFCw==
x-fb-trip-id
917726464
x-fb-content-md5
78f90a8e09978c47fe94df77fceb33d4
x-frame-options
DENY
date
Sat, 23 Oct 2021 09:07:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"8c5253ef67cba42e765cc6ebdcd57671"
timing-allow-origin
*
expires
Sat, 23 Oct 2021 09:24:02 GMT
weathericons-regular-webfont.woff2
unimedia.info/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unimedia.info/fonts/weathericons-regular-webfont.woff2
Requested by
Host: unimedia.info
URL: https://unimedia.info/css/app.min.css?6049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.6.1 /
Resource Hash
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5

Request headers

:path
/fonts/weathericons-regular-webfont.woff2
pragma
no-cache
origin
https://unimedia.info
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
unimedia.info
referer
https://unimedia.info/css/app.min.css?6049
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://unimedia.info/css/app.min.css?6049
Origin
https://unimedia.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
x-b3-traceid
eca3940d309f4f7488a27316c8af162c
x-cache
HIT, HIT
mrf-cache-status
HS
x-b3-traceid-primal
2c616ef7fb6d461994aa5a22d8d8f80d
content-length
44720
x-served-by
cache-lcy19242-LCY, cache-cdg20738-CDG
mrf-tech
CDN
server
nginx/1.6.1
x-timer
S1634980026.350488,VS0,VE1
etag
"5b7023b1-aeb0"
vary
User-Agent
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=60, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
fontawesome-webfont.woff2
unimedia.info/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unimedia.info/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: unimedia.info
URL: https://unimedia.info/css/app.min.css?6049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.6.1 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://unimedia.info
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
unimedia.info
referer
https://unimedia.info/css/app.min.css?6049
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://unimedia.info/css/app.min.css?6049
Origin
https://unimedia.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
x-b3-traceid
5b27d0f34b2647649dacbc2e6a790599
x-cache
HIT, HIT
mrf-cache-status
HS
x-b3-traceid-primal
233f481ec93a420cb2bf35cba8d74170
content-length
77160
x-served-by
cache-lcy19262-LCY, cache-cdg20738-CDG
mrf-tech
CDN
server
nginx/1.6.1
x-timer
S1634980026.350844,VS0,VE1
etag
"580e7e21-12d68"
vary
User-Agent
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=60, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
storage.html
gemius.mgr.consensu.org/cmp/ Frame 157D 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gemius.mgr.consensu.org/cmp/storage.html
Requested by
Host: gemius.mgr.consensu.org
URL: https://gemius.mgr.consensu.org/cmp/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.21.22 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-146-59-21.eu
Software
GHC /
Resource Hash
9892fc6c4c587a6b8b6eecf9f33e1bb009b6351e567800594ed16fcc2738b294

Request headers

:method
GET
:authority
gemius.mgr.consensu.org
:scheme
https
:path
/cmp/storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
expires
Sun, 24 Oct 2021 09:07:06 GMT
server
GHC
accept-ranges
none
cache-control
public, max-age=86400
last-modified
Sat, 13 Mar 2021 21:35:24 GMT
etag
"604D301C00005195ADA3323A"
vary
Accept-Encoding,Origin
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
6692
content-encoding
gzip
pubads_impl_2021102001.js
securepubads.g.doubleclick.net/gpt/ 		357 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122914
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Oct 2021 09:07:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		177 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=unimedia.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
6e5d46854df65271515f62477fae7b7327fffd4367fd1b167b5a6dada5be7d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
114
x-xss-protection
0
expires
Sat, 23 Oct 2021 09:07:06 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1440
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a29d02d9b9c3756-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 26 Oct 2021 09:07:06 GMT
1099988987158113
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1099988987158113?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4de4c266fc72a15597e7c0e283c0c2122b7acfc966ef89ae9605b0ac1d3998dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89179
x-xss-protection
0
pragma
public
x-fb-debug
HTU66m/3+tax/fGI/McAYg0C0OmmpNQGzNxUziIqJbsbKcfpjkPnRD31bmtwMrhuOvBlIjEqroJZ8jSHG16ZyQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 23 Oct 2021 09:07:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/ro_RO/ 		266 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ro_RO/sdk.js?hash=89b3e4d3041ea51c1e8e673a4f338885
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
69c6598b916d1cf5f32eca4c4d977823bfc198749a54f3f735c3c1f39ac9a6a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://unimedia.info/
Origin
https://unimedia.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
g3yH0wMy8xbawNo/DX1fEg==
cross-origin-resource-policy
cross-origin
expires
Sun, 23 Oct 2022 09:04:03 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76561
x-fb-rlafr
0
x-fb-debug
G8vkwFnO04wYJ8D/dtMkNSqhKNnmA+0Zo8i0KUXfZeEV3Lo7uYxAfmAzMtOpq+ly1l+Xx7V2/FKqHEMcpoVtrw==
x-fb-trip-id
2050670934
x-fb-content-md5
afcfe7822ed0258503c0a94fcaa7950e
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 23 Oct 2021 09:07:06 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8e83b159b1da8980b5821c2f59029fbd"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/ 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4099920091210488&plah=unimedia.info&bust=31063229
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
faded22a4d79b933c41a64e0e15d3322f80c33f098a8171fd8e25d3201a8349c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99086
x-xss-protection
0
server
cafe
etag
10531528936388146151
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 09:07:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame EFBE 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211020/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 04:50:41 GMT
expires
Sat, 06 Nov 2021 04:50:41 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
15385
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-58543088-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
3960
date
Sat, 23 Oct 2021 08:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sat, 23 Oct 2021 10:01:06 GMT
Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
www.privesc.eu/Widget/embeded/%C3%8Enregistrare/ Frame 09F4 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.27.163 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4f38cefdd4e24bb48ee5cfbcf7b91eca99bec4c4ef56645a3c65ecef6cc7ad5b

Request headers

:method
GET
:authority
www.privesc.eu
:scheme
https
:path
/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

cache-control
public, max-age=10
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
Sat, 23 Oct 2021 09:07:17 GMT
last-modified
Sat, 23 Oct 2021 09:06:47 GMT
vary
*
server
Microsoft-IIS/10.0
p3p
CP="CAO PSA OUR"
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
request-context
appId=cid-v1:6d0f1962-7baa-4f5f-a196-98c68c5c6272
access-control-expose-headers
Request-Context
x-powered-by
ASP.NET
date
Sat, 23 Oct 2021 09:07:06 GMT
content-length
3856
vkAuth.html
ad.mail.ru/dist/ Frame 077B 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Host
ad.mail.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://unimedia.info/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

Server
nginx
Date
Sat, 23 Oct 2021 09:07:06 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
523
Connection
keep-alive
Expires
Sat, 23 Oct 2021 09:17:06 GMT
Cache-Control
max-age=600
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ 		162 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1634980026786&q=696195&vk=0&puid1=1342&_=130178123
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
3b663b1b247417a97674d7430ac96eb74edca5908e23f5f6b936179af6df472d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:06 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
/
ad.mail.ru/web/adcontext/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/web/adcontext/
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Connection
keep-alive
Date
Sat, 23 Oct 2021 09:07:06 GMT
Server
nginx
integrator.js
adservice.google.de/adsid/ 		107 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=unimedia.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=unimedia.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 09:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		702 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3655010383876501&correlator=1882172540440921&output=ldjh&impl=fifs&eid=31063082%2C31063262%2C31062524&vrg=2021102001&ptt=17&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=21674795551%2Cuni_dek_rich%2CUNI_Desk_Home_1200x250%2CUNI_Desk_Home_300x250%2CUNI_Desk_Home_HalfPage_1%2CUNI_Desk_Home_Netboard_1%2CUNI_Desk_Home_HalfPage_2%2CUNI_Desk_Home_NetBoard_2%2CUNI_Desk_HalfPage_Aux%2CUNI_Desk_160x600_Aux%2CUNI_Desk_Home_HalfPage_3%2CUNI_Desk_Home_HalfPage_4%2CUNI_Desk_Home_HalfPage_5%2CUNI_Desk_Home_160x600_1%2CUNI_Desk_Home_160x600_2%2CUNI_Desk_Home_160x600_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15&prev_iu_szs=300x250%7C400x250%7C250x400%7C336x280%2C970x250%7C1200x250%2C300x250%2C120x600%7C300x600%7C160x600%2C580x400%7C336x280%2C120x600%7C300x600%7C160x600%2C580x400%7C336x280%2C120x600%7C300x600%7C160x600%2C120x600%7C160x600%2C120x600%7C300x600%7C160x600%2C120x600%7C300x600%7C160x600%2C300x600%7C160x600%7C120x600%2C160x600%7C120x600%2C120x600%7C160x600%2C120x600%7C160x600&cookie_enabled=1&bc=31&abxe=1&lmt=1634980026&dt=1634980026869&dlt=1634980026094&idt=729&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C1108%2C192%2C425%2C1108%2C425%2C1108%2C230%2C-9%2C-9%2C-9%2C245%2C-9%2C-9&adys=-9%2C-9%2C277%2C945%2C2955%2C4279%2C4227%2C3255%2C4264%2C-9%2C-9%2C-9%2C5646%2C-9%2C-9&adks=2349857103%2C2833194876%2C884896561%2C1599033053%2C475265507%2C1323740345%2C1165308382%2C2776311690%2C599032225%2C721728854%2C3543554027%2C1042200973%2C3278031034%2C1141779779%2C1513937484&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Funimedia.info%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C300x250%7C300x0%7C652x0%7C262x0%7C652x0%7C262x0%7C165x0%7C0x-1%7C0x-1%7C0x-1%7C165x0%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C300x-1%7C300x0%7C652x0%7C262x0%7C652x0%7C262x0%7C165x0%7C0x-1%7C0x-1%7C0x-1%7C165x0%7C0x-1%7C0x-1&ga_vid=1973445823.1634980027&ga_sid=1634980027&ga_hid=1297724272&ga_fc=false&fws=2%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C2%2C2%2C2%2C0%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C-1%7C-1%7C-1%7C6%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
bd65e9a9a6ebad9aac196b030da5f569efb0112393d064dcb781e1b077b6cfb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
67809
x-xss-protection
0
google-lineitem-id
-2,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://unimedia.info
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C537 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
web
onesignal.com/api/v1/sync/cdca5ea1-efe3-4edd-b99d-bb0f0412dd0c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/cdca5ea1-efe3-4edd-b99d-bb0f0412dd0c/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf98b15403d5325587bbd804a259eb4d0fc037cf8b587d02b4dac22209286603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1511
cf-polished
origSize=3384
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
bc46ef18-38f8-4707-966c-5ce4e0838c24
x-runtime
0.024976
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"464036a080b8947f4923089ed068ae20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6a29d031294a3756-MXP
access-control-allow-headers
SDK-Version
expires
Sat, 23 Oct 2021 10:07:07 GMT
cookie.js
partner.googleadservices.com/gampad/ 		203 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=unimedia.info&callback=_gfp_s_&client=ca-pub-4099920091210488
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4099920091210488&plah=unimedia.info&bust=31063229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
107b86ba4b1f737a39413c841f4b9303251a3ee03e27472ae57d40a1ab31024e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
192
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Funimedia.info%2F&tn=NAV&id=main-menu&cls=navbar%20navbar-default%20navbar-fixed-top%20bg-unimedia-blue%20condensed&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 25E1 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4099920091210488&output=html&adk=1812271804&adf=3025194257&lmt=1634980027&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funimedia.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634980026457&bpp=12&bdt=362&idt=551&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6073373759706&frm=20&pv=2&ga_vid=1973445823.1634980027&ga_sid=1634980027&ga_hid=1297724272&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063229%2C31062524&oid=2&pvsid=3655010383876501&pem=570&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=569
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4099920091210488&plah=unimedia.info&bust=31063229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4099920091210488&output=html&adk=1812271804&adf=3025194257&lmt=1634980027&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funimedia.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634980026457&bpp=12&bdt=362&idt=551&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6073373759706&frm=20&pv=2&ga_vid=1973445823.1634980027&ga_sid=1634980027&ga_hid=1297724272&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063229%2C31062524&oid=2&pvsid=3655010383876501&pem=570&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=569
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Oct 2021 09:07:07 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 09:22:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sat, 23 Oct 2021 09:07:07 GMT
cache-control
private
/
www.facebook.com/tr/ 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1099988987158113&ev=PageView&dl=https%3A%2F%2Funimedia.info%2F&rl=&if=false&ts=1634980027047&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634980027045.1749882494&it=1634980026436&coo=false&rqm=GET
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 23 Oct 2021 09:07:07 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1297724272&t=pageview&_s=1&dl=https%3A%2F%2Funimedia.info%2F&ul=en-us&de=UTF-8&dt=UNIMEDIA%20-%20Portalul%20de%20%C8%99tiri%20nr.%201%20din%20Moldova&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=380116191&gjid=1770497286&cid=1973445823.1634980027&tid=UA-58543088-1&_gid=1894446631.1634980027&_r=1&gtm=2ouak0&z=1696079574
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://unimedia.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1007909539339078&ev=fb_page_view&dl=https%3A%2F%2Funimedia.info%2F&rl=&if=false&ts=1634980027146&sw=1600&sh=1200&at=
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 23 Oct 2021 09:07:07 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ Frame 09F4 		115 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
18533453
cdn-cachedat
2021-03-11 11:59:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3635dc8c77fba3315be6707289c4e04d
cf-ray
6a29d0326dd1d70d-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 09F4 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video-js.min.css
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1348503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9062
timing-allow-origin
*
last-modified
Tue, 26 Jan 2021 19:48:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6010721a-9c87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46TBkcmkyc03a5XVXu3qexaQxd26QnVT2LjbGjPxYqBDxolluA1EBxBiFUQK0savurY3kp5XXInUGSeqp6C%2B93vlhPUIma5htr55MxdxWErP2wbrPtW9jtsqtU72kINv9h7Nxix1EHcXrQNjoUWgtEjr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a29d0325ac53746-MXP
expires
Thu, 13 Oct 2022 09:07:07 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 09F4 		524 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2068902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
123688
timing-allow-origin
*
last-modified
Tue, 26 Jan 2021 19:48:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6010721a-8304e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgS%2BJGwqfbpLsh2p8KHXqjloX6%2Fsyhb2NlErB9XjRW%2Fhq9pp5NDrKp0WcZWMn9K3wZr54bnGjhzQwasz4YvZOX5EfssxUA9xjoN0YCTOTtiOJOWglkJMzRWkmbLHRkNVfUBrfgZ5ww32mpl0OZNSbrjW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a29d0325ac73746-MXP
expires
Thu, 13 Oct 2022 09:07:07 GMT
96811.jpg
storage.privesc.eu/thumnails/ Frame 09F4 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.privesc.eu/thumnails/96811.jpg
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ac306f07a2be73b52b646f165798edc0111ffae728b5c7bca29cb8be57cb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 23 Oct 2021 09:07:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
ci5ll5SsDbACIqu/a+0snA==
age
527
content-length
56601
x-ms-lease-status
unlocked
last-modified
Sat, 23 Oct 2021 07:52:25 GMT
server
cloudflare
etag
0x8D995FA0DAEF279
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b268nm2blvLcZ0Jjzl0y%2FgyXC5HAFnJKANQy16O7gUwTYa1aRoqyQNRmF8jqvmTMtGPDnV1L%2B8oMHOZInGQeW7GIvBF21u3g%2FIJsyLjak40nLuQ6CBQjaRjv%2BC0UB15yzGFDVLnLj8yQwvWvJf%2BuPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-ms-request-id
df2ef13f-e01e-0045-21e2-c71a52000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a29d0350f50599b-MXP
cf-bgj
h2pri
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 09F4 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 07:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 21 Oct 2022 07:11:15 GMT
openapi.js
vk.com/js/api/ Frame 077B 		102 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
br
x-frontend
front225204
last-modified
Thu, 07 Oct 2021 11:12:43 GMT
server
kittenx
etag
"615ed62b-5a1f"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23071
expires
Wed, 27 Oct 2021 09:07:07 GMT
cse.js
cse.google.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=006064586262504302450:fj_i908yy3e
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
f3d5853c604dadb42362f3bce4018cc70aa19f48c623f0cea6795d63ae807077
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3547
x-xss-protection
0
expires
Sat, 23 Oct 2021 09:07:07 GMT
tag.js
mc.yandex.ru/metrika/ 		189 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
br
last-modified
Fri, 22 Oct 2021 12:25:47 GMT
etag
"6172839b-10089"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65673
expires
Sat, 23 Oct 2021 10:07:07 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-58543088-1&cid=1973445823.1634980027&jid=380116191&gjid=1770497286&_gid=1894446631.1634980027&_u=YAhAAUAAAAAAAC~&z=1690722871
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 23 Oct 2021 09:07:07 GMT
content-type
text/plain
access-control-allow-origin
https://unimedia.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.unimedia.info/socket.io/ 		101 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.unimedia.info/socket.io/?EIO=3&transport=polling&t=NoiPrkq
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/socket.io-client@2.3.0/dist/socket.io.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.187.155.55 , France, ASN16276 (OVH, FR),
Reverse DNS
ns322005.ip-37-187-155.eu
Software
nginx/1.6.1 /
Resource Hash
7b8836c09b9c059191c85fd81ab3e285896b990d4e709107343a3add63c7d8f3

Request headers

Accept
*/*
Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://unimedia.info
Date
Sat, 23 Oct 2021 09:11:30 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.6.1
Connection
keep-alive
Content-Length
101
Content-Type
application/octet-stream
ga-audiences
www.google.com/ads/ 		42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-58543088-1&cid=1973445823.1634980027&jid=380116191&_u=YAhAAUAAAAAAAC~&z=275868474
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-58543088-1&cid=1973445823.1634980027&jid=380116191&_u=YAhAAUAAAAAAAC~&z=275868474
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 09F4 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
3961
date
Sat, 23 Oct 2021 08:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sat, 23 Oct 2021 10:01:06 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 09F4 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
3EoqBNvvsS7juOmYERw2y0f5mUnY3/bxA0tPANWK+3XEYbTG897LsqatqkCxGTs86m0mlspOWrJzfJM+4xTXFA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 23 Oct 2021 09:07:07 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
login.vk.com/ Frame 077B 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv135-129-240-87.vk.com
Software
kittenx / KPHP/7.4.109025
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
gzip
server
kittenx
x-powered-by
KPHP/7.4.109025
strict-transport-security
max-age=15768000
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=windows-1251
content-length
41
truncated
/ Frame 09F4 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.privesc.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
2cd045b4-8a8a-432c-adc2-70e19f826507
https://www.privesc.eu/ Frame 09F4 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.privesc.eu/2cd045b4-8a8a-432c-adc2-70e19f826507
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
/
api.unimedia.info/socket.io/ 		5 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.unimedia.info/socket.io/?EIO=3&transport=polling&t=NoiPrqV&sid=GIhZUX-PiUsJMoUUABfg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/socket.io-client@2.3.0/dist/socket.io.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.187.155.55 , France, ASN16276 (OVH, FR),
Reverse DNS
ns322005.ip-37-187-155.eu
Software
nginx/1.6.1 /
Resource Hash
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

Accept
*/*
Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://unimedia.info
Date
Sat, 23 Oct 2021 09:11:30 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.6.1
Connection
keep-alive
Content-Length
5
Content-Type
application/octet-stream
/
www.facebook.com/tr/ Frame 4EA9 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
4950
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://unimedia.info
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
cookie
fr=09kws5sUrKuTLAfdD..Bhc9C7...1.0.Bhc9C7.
Upgrade-Insecure-Requests
1
Origin
https://unimedia.info
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

content-type
text/plain
access-control-allow-origin
https://unimedia.info
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date
Sat, 23 Oct 2021 09:07:07 GMT
cse_element__ro.js
www.google.com/cse/static/element/cc267ab8871224bd/ 		290 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__ro.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006064586262504302450:fj_i908yy3e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c18a0b7773464b84eb4619c8808c44d2cbaea2c0a571187b978776026748ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 04:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
97693
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:05:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 21 Oct 2022 04:22:40 GMT
default+ro.css
www.google.com/cse/static/element/cc267ab8871224bd/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/cc267ab8871224bd/default+ro.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006064586262504302450:fj_i908yy3e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9032
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:05:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 22 Oct 2022 04:07:48 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006064586262504302450:fj_i908yy3e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:26:04 GMT
x-content-type-options
nosniff
age
2463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4495
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 23 Oct 2021 09:16:04 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9435.06pnzvN_1OZf-US5LwUjapx8pPPrSiCwSi1aT68tE-vL2V3eAnvrg6u21N4ThPLZ.cVgAjUQy8MW4JUR-CCaoGsobm4A%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9435.cZzVVQNIcI31pWuaRXm-STRfTN037ydlXLlB34LpE2xWP_ybdoO8OBzen9Iu42en8K7vEgMBxBNCTqVot5NxpA%2C%2C.QvRAz-nnE1l9bFG-Q3Mi1dPbJbE%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9435.cZzVVQNIcI31pWuaRXm-STRfTN037ydlXLlB34LpE2xWP_ybdoO8OBzen9Iu42en8K7vEgMBxBNCTqVot5NxpA%2C%2C.QvRAz-nnE1l9bFG-Q3Mi1dPbJbE%2C
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9435.cZzVVQNIcI31pWuaRXm-STRfTN037ydlXLlB34LpE2xWP_ybdoO8OBzen9Iu42en8K7vEgMBxBNCTqVot5NxpA%2C%2C.QvRAz-nnE1l9bFG-Q3Mi1dPbJbE%2C
date
Sat, 23 Oct 2021 09:07:07 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
96811
www.privesc.eu/api/live/ Frame 09F4 		875 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.privesc.eu/api/live/96811
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.27.163 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f83795bc6437b7fc74fa8fe0a4a1f71a68df7d32409366f23cb8fd74635f12b

Request headers

Accept
*/*
Referer
https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:07 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="CAO PSA OUR"
access-control-expose-headers
Request-Context
cache-control
no-cache
request-context
appId=cid-v1:6d0f1962-7baa-4f5f-a196-98c68c5c6272
content-type
application/json; charset=utf-8
content-length
875
expires
-1
vendorlist.json
gemius.mgr.consensu.org/cmp/ Frame 157D 		98 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gemius.mgr.consensu.org/cmp/vendorlist.json
Requested by
Host: gemius.mgr.consensu.org
URL: https://gemius.mgr.consensu.org/cmp/storage.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.21.22 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-146-59-21.eu
Software
GHC /
Resource Hash
b3ed9c9bc861fa868a53b26af8333f99a2e88080796109b11da39496c43d58bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gemius.mgr.consensu.org/cmp/storage.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 21:35:24 GMT
server
GHC
etag
"604D301C0001892FD9B7A63A"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/json
content-length
17850
expires
Sun, 24 Oct 2021 09:07:07 GMT
/
api.unimedia.info/socket.io/ 		4 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.unimedia.info/socket.io/?EIO=3&transport=polling&t=NoiPrr-&sid=GIhZUX-PiUsJMoUUABfg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/socket.io-client@2.3.0/dist/socket.io.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.187.155.55 , France, ASN16276 (OVH, FR),
Reverse DNS
ns322005.ip-37-187-155.eu
Software
nginx/1.6.1 /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

Accept
*/*
Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://unimedia.info
Date
Sat, 23 Oct 2021 09:11:30 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.6.1
Connection
keep-alive
Content-Length
4
Content-Type
application/octet-stream
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
last-modified
Wed, 20 Oct 2021 16:44:53 GMT
etag
"61701d55-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 23 Oct 2021 10:07:07 GMT
js
www.google-analytics.com/gtm/ Frame 09F4 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W49TZHX&cid=311932870.1634980028
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e072fb8ff1d96ae0296a5df02b0f450916fc9575453856447204a8fe0b7048ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
34608
x-xss-protection
0
expires
Sat, 23 Oct 2021 09:07:07 GMT
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 323D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F64 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
playlist.m3u8
do.privesc.eu/tvmd/m1.stream/ Frame 09F4 		127 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://do.privesc.eu/tvmd/m1.stream/playlist.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-722.bunnyinfra.net
Software
BunnyCDN-DE1-722 /
Resource Hash
f2a3fa8d0e8a02a691cce709d9af848ed7a2cdb08d03cf0877d01274279d779e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
cdn-edgestorageid
601
access-control-allow-origin
*
x-cache-status
HIT
cdn-cachedat
10/23/2021 11:07:08
cdn-pullzone
158053
access-control-expose-headers
Date, Server, Content-Type, Content-Length
content-length
138
server
BunnyCDN-DE1-722
access-control-allow-headers
Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
cdn-proxyver
1.0
cdn-requestpullcode
206
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, HEAD
content-type
application/vnd.apple.mpegurl
cdn-cache
MISS
cdn-uid
db684d02-716c-4e08-90c6-125c4e53f615
cache-control
no-cache
access-control-allow-credentials
true
cdn-requestid
fc72459f47cd6bc05628c95c25b908ba
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
867719186706401
connect.facebook.net/signals/config/ Frame 09F4 		305 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/867719186706401?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e0c525542a8a2abcc8e3f17bc8a10b3c279b50f5d18786a497bc601d562b02e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89005
x-xss-protection
0
pragma
public
x-fb-debug
IyAFMBodw0nj3OcpX/+oef0T7tp6RElQJPQCICTgj4C2+6tVvmr8o+gLbrlXraKK73GIR7ZaE5m4+Se5JmoQaQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 23 Oct 2021 09:07:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
7b9c6f49-8e67-4000-82f1-d5634321edd4
https://www.privesc.eu/ Frame 09F4 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.privesc.eu/7b9c6f49-8e67-4000-82f1-d5634321edd4
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
60957c52-fa68-4b1f-b1a9-433bef336480
https://www.privesc.eu/ Frame 09F4 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.privesc.eu/60957c52-fa68-4b1f-b1a9-433bef336480
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
cd4577f6-0d0c-4c24-9941-a39ccab7a0f6
https://www.privesc.eu/ Frame 09F4 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.privesc.eu/cd4577f6-0d0c-4c24-9941-a39ccab7a0f6
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB21 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D79D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86DD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5CEA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 83B5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60BD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
chunklist.m3u8
do.privesc.eu/tvmd/m1.stream/ Frame 09F4 		189 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://do.privesc.eu/tvmd/m1.stream/chunklist.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-722.bunnyinfra.net
Software
BunnyCDN-DE1-722 /
Resource Hash
e96f7492f58ba3db871312de45a3ddbc055cf065faecf47caf06407465d4737f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
cdn-edgestorageid
723
access-control-allow-origin
*
x-cache-status
HIT
cdn-cachedat
10/23/2021 11:07:08
cdn-pullzone
158053
access-control-expose-headers
Date, Server, Content-Type, Content-Length
content-length
128
server
BunnyCDN-DE1-722
access-control-allow-headers
Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
cdn-proxyver
1.0
cdn-requestpullcode
206
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, HEAD
content-type
application/vnd.apple.mpegurl
cdn-cache
MISS
cdn-uid
db684d02-716c-4e08-90c6-125c4e53f615
cache-control
no-cache
access-control-allow-credentials
true
cdn-requestid
1326f8e61b2f31af0dbf95a6501a462c
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame 323D 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 07:49:51 GMT
server
ESF
date
Sat, 23 Oct 2021 09:07:08 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 09:07:08 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 323D 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:01:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 323D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_WAku9BzYYrUAf-yx_AP37-a2A_ny6T-ZfKhkYyNDvbItYHEKRABIJLa-XxgleKQgqAHoAGMoYnxAsgBCakCoxShzPvvez7gAgCoAwHIA5sEqgSWAk_Qj_Gsis-g-Y7yf5SXhMjFDGqtkKioQtFXF7LqoelwmBRkeWWKXaxVLDw6yrSG5yfYduyZ76gb3yMssFK5c2UDrgXuKoHFY23dp12xtDY-CaFdUJQzU5yrrwuqSq3xclCnp0qF23CiEo0Cq5x0EbCy3zR3O7V9fmJWEAplpzU2yWPas9yaDjZJuvPXKvlAL9KW-HMxN5Qj5ftT37HbNX0wPq--Bsq0hxGUiIa7MJB_QJ5wYeTJIx84YAdnm48GYSC-U-Ldbbid1YqZsFsahpwwAj4LqPU0lN-I_i7D1ZnwEGXBFIxJ9IJt_2iR8N8CzI90qLgM5LYIQrzAxO5wxbxOw5NkFcNdb5qFXbA4YVQP7Qy-dTgwwASQv9Wx7wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHq5ThpQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBC-3SPSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNzY2ODMwOTcyNzU4OTQyNxjwm2s&sigh=HuCABu4m3qs&uach_m=[UACH]&template_id=494
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 323D 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:04:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 323D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 323D 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 323D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
l
www.google.com/ads/measurement/ Frame 323D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJjXVhfAHnunxYsxZOZB45jR5n8iaqIo8TazJKb7whuf8I7MSRjR7OK2Eldg-K6z_IvYs12KoD8unF7ETdvOuQStSZ_g
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
9a3fbb06dccc6bd708ce8a7c18eecc3a.js
www.gstatic.com/mysidia/ Frame 323D 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11281
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 09:36:35 GMT
css
fonts.googleapis.com/ Frame 3F64 		2 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 07:46:30 GMT
server
ESF
date
Sat, 23 Oct 2021 09:07:08 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 09:07:08 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3F64 		2 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:01:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3F64 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnUTCu9BzYY3UAf-yx_AP37-a2A_ny6T-ZfKhkYyNDvbItYHEKRABIJLa-XxgleKQgqAHoAGMoYnxAsgBCakCoxShzPvvez7gAgCoAwHIA5sEqgSTAk_Qx_357bYvqQXwgKpoChyXpb_6VRUljsCVrMFUeuVDGEbgo3Pj1Irf7PXc24rsvA3t2IFPlueaGCee52NF-oLtKrb5gHcZ9r_UKe3xwa91uf9ksFQjrwDIsj7TsYbSvZZ6r7Q42J_l4WrlT2JaecUl979tfdqIEBHmRLhPj14xqD-PpE67UcdRFyiIj5nJEoKvqF-MJOQAU0aEMxHLcVgiyal1NezP1JeKd8LMgTBvrK9Ij_0YOhBznwlZMCfk-kLIYnJHkolf2iezY175t38ras7T8rcMVTTARrmunpxXK7OsCwx8bsesfOY-lIm4H9Xe0W_T3rMMAEhptyogwCLqWzDyWZyVhRWUO4GGZu3YIfrzwASQv9Wx7wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHq5ThpQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDV8VjSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNzY2ODMwOTcyNzU4OTQyNxjwm2s&sigh=ri1GVpb5UI0&uach_m=[UACH]&template_id=494
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 3F64 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:04:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3F64 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F64 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3F64 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
9a3fbb06dccc6bd708ce8a7c18eecc3a.js
www.gstatic.com/mysidia/ Frame 3F64 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11281
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 09:36:35 GMT
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1185 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D25 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7EF8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 23 Oct 2021 09:07:07 GMT
expires
Sun, 23 Oct 2022 09:07:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
shopping
encrypted-tbn2.gstatic.com/ Frame 323D 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSntc-ZDcbvt632CVtdxwHjDehqARXRD3jEU5S8sZIVdxI8PM3eJ26wvnQQ-A&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8a65e9d964b374f9386614655e58d4d91984d80b4cf3aec05408291a607d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 11:52:31 GMT
x-content-type-options
nosniff
age
508477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14438
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 10:51:48 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 17 Oct 2022 11:52:31 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 323D 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR-kYE26NrmCVAcWlA9irQOaaD23OhEEeoDoukrxhdTOUx4ftEeHLicHKMqKeA&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daa80f6e1e685555f40440b4a724867532d81e37619171aa956fb473dc2d4b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:16:46 GMT
x-content-type-options
nosniff
age
103822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
31134
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:52:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 04:16:46 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 323D 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRL1Dem0wHoQGlwY4XswdDdTcnDsiAe52d-uBlx1ETHowNRC1-FjPpRB6yc-A&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b121afbdfd084f945157304440e635e3bf82f07e2f632062f109f2a6679ee2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 11:27:48 GMT
x-content-type-options
nosniff
age
164360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
22125
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:55:14 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 11:27:48 GMT
14978601946328591918
tpc.googlesyndication.com/simgad/ Frame 323D
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw
  • https://tpc.googlesyndication.com/simgad/14978601946328591918
9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14978601946328591918
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 05:08:22 GMT
x-content-type-options
nosniff
age
100726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9527
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 08:51:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Oct 2022 05:08:22 GMT

Redirect headers

timing-allow-origin
*
date
Fri, 22 Oct 2021 18:12:10 GMT
x-content-type-options
nosniff
server
cafe
age
53698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/14978601946328591918
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Nov 2021 18:12:10 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 3F64 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRgmEYwIPSTennyveiAm7_HQVG7JgdnsOgLaN_K15WLfPzSL8J14i5Zupx3NQ&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c05c05e9759dea58482bbd059e5270eb586bdd58ddfa525856e516a5aa0848d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:48:25 GMT
x-content-type-options
nosniff
age
112723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29878
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 02:40:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 01:48:25 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 3F64 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQqEjYcx_buhRjjGpd2RL_ajJVkTaWQBYOlOXU8f2DHck4QL34&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55464748e5683a0a74c307761554484848be496a692a6dce22cd75c9b688880a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:38 GMT
x-content-type-options
nosniff
age
206670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18156
x-xss-protection
0
last-modified
Sat, 16 Oct 2021 02:07:30 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 20 Oct 2022 23:42:38 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 3F64 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRztt8XybWBopGFVro0Dr3MDKP0bb3iJ8hnOhAKZ-n59hc9VeSR87XggE4sfQ&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75e5f2c53ad60226ae129939d789e62627a5bf22e0bf63d761c791a36cb9a2e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 03:04:24 GMT
x-content-type-options
nosniff
age
108164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20400
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 03:02:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 03:04:24 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 3F64 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRZcpys6QGNYOr8qYPyT5cqMQlvLP91AG72lyOVeGc74uLWU6NQTBjySbcrcA&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a736d0eb1e415b2d66513c1acfd9a5f8f17d4f6a0a286986da3308dc9600b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:19:42 GMT
x-content-type-options
nosniff
age
197246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17894
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 11:40:06 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 02:19:42 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 3F64 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR-kYE26NrmCVAcWlA9irQOaaD23OhEEeoDoukrxhdTOUx4ftEeHLicHKMqKeA&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daa80f6e1e685555f40440b4a724867532d81e37619171aa956fb473dc2d4b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:16:46 GMT
x-content-type-options
nosniff
age
103822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
31134
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:52:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 04:16:46 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 3F64 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQqdWUKHON4FwapEn2eU35q5VffvVmquETOWrC1OFwYh67CW4j3esavD3JNMn4&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a771688beae44fc2524ef969e89a63893d6f79bea53c9a869ba6771ea76f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:01:40 GMT
x-content-type-options
nosniff
age
111928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19099
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 12:43:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 02:01:40 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 3F64 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQhbZIQ1SN0ATnZMwBTql94TxkLYioRpivIGJ92zGlLySrGDYWK5i8cIqiIsA&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9e8408671a6d861a901910b9265ae166a37d5bd441525efaa167edd83eb021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 10:07:24 GMT
x-content-type-options
nosniff
age
169184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17092
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 02:42:52 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 10:07:24 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 3F64 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRk1M4kzDdJ4nHGnXS-Pj9J39UsBe3IKbPCkFIljTFngykV_XjU&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5c4367d01ab9a9673b35c5330f27ea9b110aa58b8ef56056ca70de36b3e3875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 11:38:05 GMT
x-content-type-options
nosniff
age
163743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25891
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:36:15 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 11:38:05 GMT
14978601946328591918
tpc.googlesyndication.com/simgad/ Frame 3F64
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw
  • https://tpc.googlesyndication.com/simgad/14978601946328591918
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14978601946328591918
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 05:08:22 GMT
x-content-type-options
nosniff
age
100726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9527
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 08:51:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Oct 2022 05:08:22 GMT

Redirect headers

timing-allow-origin
*
date
Fri, 22 Oct 2021 18:12:10 GMT
x-content-type-options
nosniff
server
cafe
age
53698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/14978601946328591918
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Nov 2021 18:12:10 GMT
1
mc.yandex.com/watch/50509831/
Redirect Chain
  • https://mc.yandex.com/watch/50509831?wmode=7&page-url=https%3A%2F%2Funimedia.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A308%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
  • https://mc.yandex.com/watch/50509831/1?wmode=7&page-url=https%3A%2F%2Funimedia.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A308%3Afu%3A0%3Aen%3Autf-8%3Ala%...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/50509831/1?wmode=7&page-url=https%3A%2F%2Funimedia.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A308%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1173148516332%3Ahid%3A669207884%3Az%3A0%3Ai%3A202101023090707%3Aet%3A1634980028%3Ac%3A1%3Arn%3A31364168%3Arqn%3A1%3Au%3A1634980028802397076%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634980026009%3Ads%3A0%2C35%2C25%2C11%2C21%2C0%2C%2C1162%2C2%2C%2C%2C%2C1247%3Adsn%3A0%2C36%2C24%2C12%2C21%2C0%2C%2C1154%2C1%2C%2C%2C%2C1247%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634980028%3At%3AUNIMEDIA%20-%20Portalul%20de%20%C8%99tiri%20nr.%201%20din%20Moldova&t=gdpr%2814%29ti%282%29
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
82633d4c1a0d0fdfcf4eda01904c8ee000a7bfeed8da7e5dcb21469b458b7cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
x-content-type-options
nosniff
last-modified
Sat, 23-Oct-2021 09:07:08 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://unimedia.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sat, 23-Oct-2021 09:07:08 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
last-modified
Sat, 23-Oct-2021 09:07:08 GMT
location
/watch/50509831/1?wmode=7&page-url=https%3A%2F%2Funimedia.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A308%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1173148516332%3Ahid%3A669207884%3Az%3A0%3Ai%3A202101023090707%3Aet%3A1634980028%3Ac%3A1%3Arn%3A31364168%3Arqn%3A1%3Au%3A1634980028802397076%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634980026009%3Ads%3A0%2C35%2C25%2C11%2C21%2C0%2C%2C1162%2C2%2C%2C%2C%2C1247%3Adsn%3A0%2C36%2C24%2C12%2C21%2C0%2C%2C1154%2C1%2C%2C%2C%2C1247%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634980028%3At%3AUNIMEDIA%20-%20Portalul%20de%20%C8%99tiri%20nr.%201%20din%20Moldova&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://unimedia.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 23-Oct-2021 09:07:08 GMT
/
www.facebook.com/tr/ Frame 09F4 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=867719186706401&ev=PageView&dl=https%3A%2F%2Fwww.privesc.eu%2FWidget%2Fembeded%2F%25C3%258Enregistrare%2FMoldova%2CParlament%2CGuvern%2CConferinte%2COfflineuri%2CEmisiuni%2CRIA%2CConcerte%2CRetransmisiuni%2CSport%2CMonden%2CAltele%2C&rl=https%3A%2F%2Funimedia.info%2F&if=true&ts=1634980028235&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&it=1634980027863&coo=false&rqm=GET
Requested by
Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 23 Oct 2021 09:07:08 GMT
css
fonts.googleapis.com/ Frame DB21 		2 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 08:41:38 GMT
server
ESF
date
Sat, 23 Oct 2021 09:07:08 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 09:07:08 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DB21 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:01:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DB21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8ukMu9BzYY7UAf-yx_AP37-a2A_ny6T-ZfKhkYyNDp7JtYHEKRABIJLa-XxgleKQgqAHoAGMoYnxAsgBCakCoxShzPvvez7gAgCoAwHIA5sEqgSTAk_Qw6F_hM0dXPRJr6Hzh0bPGdeEZgR3D5MNbHkZGjjTUvG7Ce-i4u0u_S7-NgzCXYR6n7Rz5i1FdAsJdnB_RKOV_2JOn9clEQAnzJkRK3iFT5PIEnR0F1_jgAhHzCK918oeHTi_zCjiHSrWtSLJDccgLx6tk9Jut-9aOsbP4BwJVuqTWdebR3hjrwfp0JGKh2I_xNL40EO2CTyr-ZGao9fO6IbXA15o9bRIXCbxEOWcVkSeSC0lDoM1jwPiX1AkePZu6AKMpyscn3vfz4JhHOKAf2P-I2BA6atMrA80ZAnJKHV5jYBvKa4ElzraU2AVWrumZaZIJcLHuco4fXRAFM5HdJuHN3lhOD_vBQV51f78yvVzwASQv9Wx7wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHq5ThpQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDf0w7SCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNzY2ODMwOTcyNzU4OTQyNxjwm2s&sigh=vCClS5JqFC4&uach_m=[UACH]&template_id=494
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame DB21 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:04:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DB21 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DB21 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DB21 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
9a3fbb06dccc6bd708ce8a7c18eecc3a.js
www.gstatic.com/mysidia/ Frame DB21 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11281
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 09:36:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E99F 		624 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNU63aM3r1aPwWhrDIbN4BLok13VXxSELKL52WeXj0EVvL_LilDsKImlkIx4txl3WzYrYowqUaRf576swsRy3fwh7bptyCtzR-nxhtZrXlsokVQSWmpciuvF0M_6mQ5nAO7okhkQ-WVnmIHZuEJoj3QGBSTwC7FfAU1mFMAMg8Zu5K5t0Hs
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNU63aM3r1aPwWhrDIbN4BLok13VXxSELKL52WeXj0EVvL_LilDsKImlkIx4txl3WzYrYowqUaRf576swsRy3fwh7bptyCtzR-nxhtZrXlsokVQSWmpciuvF0M_6mQ5nAO7okhkQ-WVnmIHZuEJoj3QGBSTwC7FfAU1mFMAMg8Zu5K5t0Hs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 23 Oct 2021 09:07:08 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame D79D 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwSrZgq-g4DyDJDcSqsAYdAhEIQHPZaVgg1nIibOUg5MSzDcE-1x-Vab1VepDzqyJqrOmfXLnC58hYMe2LOh9MTGQ9_On05OxlDvn9f_qvBSgzy56-IiZTKt-J6RfUyZCsOS6F3LwoyP2vYbpNlDAh8328iA&cry=1&dbm_d=AKAmf-D1qp48yaROu7UysIhiA4nEmS4_NKT5FYaTGxhve4apK-0_nlvb7N_6Hzdm7Cisd8Rqq7RS1cG3GCGZxBk00QJVxlsofVZBHTpzcxqJkit7TOhBNat93OVc3OW7CBMcfvob8QlIrx2IJksUEY7D2wVJglALDSaN0FponzB7x_yXsACD9FYfmQAReRJyBzBIM93uMeP4JyE8ywBSpJamfNNur-fqspz0jxeg6UM6se9-4J0SQE-XWosnych0wvwlcT7doOj12w0Ee9o_ZTOfUN0DE5gyNl4DKpYgxHaH_eG53fXXqErpYvIdIT2Hx-ZgODgASYrQRN_jUlIeHQQOQH_ZdIguAwy68hxZCEBy7a3PwpRJCWZvmiXj-CsAOj4ORfyyvj6LnYFqKUi9-kyAatzVaRNG5IJqkg8Az7u2vM9GPUKF7xcAEhwTKHFcCaXIE4N7Zvli7DlpfTKIzt9qZUPUlBWCGO7dK_xuQad0I65IHkaMmBIW1wAAtNCQ_9NvpK4c6alRb-Hv8AFHEWrL58ZUT4pYlUvJ1HfJ--tkWY4fZaXsIRFA6ILWtoFJ131UN3A4JV6lSDdw3nAz6OPmdWHk_eTLfqeZWYNHCxZ0Z_0pAprEz-ODmck0nXHaZZaFHaI60FPTlP9zptxP4YAiT6gplpfNa3Jk-FzNzVbIzbgcgGuYPFBU6C6yi8Y-ZP45j46QwEClBChyM8yQlat7FOCFgtuZkLZN0sUhf7TUrP96c99ZWoqO5GjI8RM824MmeLAAbvucwK5liC8mI0rrQgyWogxDP5wM5FD_hOI3ujqV5y6u77-iYDkay5aXC_s2wOjo1zM00msHF1Rz4hUza4jeSnPt5AXM8CCMwg_9gPJ9srwQBgGIQnbLpbcIzfHl0bu16umbyuoF44lXvWPuYm03zYDvgYqSAJEVDI5uZ6Q7EVP3hCbx9dJrnI6_bFQuDqcpthxUGf-rvWQuGX6HcXyHmDmNS_MvSB2IcxGOdadLhYLCYWE4i8SaDtmbeoHaaNH0hP9r4ZeasYKJtW5xIx6fvA_fJtqRry3wNv83sWJyUqYV3Zm6aPpI7ytiKqsxmDcag6reGGytvzWaSBwPU_rCcXRi2lIX5K9RnWUSa40NDhELuAotFiD4aL7XvZodbCGTgLMJzxhgL9RVnyzkwvNd3iFonpVOtiA0kQm8u6QLonLqUNbdIISq0VcchxllAvtRdY3zILw7cnaZiggN7OZkf5l20NvDD2QeYPIDY5x4M-YbfhDzjffMrFKea6iqFhPvy5eb3P3KXX9N0558IORheGMMYlRwteXeKFgXnKXf2_tjFHlJxfTlIC0Vcaj0RsCIGehLvsguiQqkiqapULKXg7h5PgkDy03hbtsv_-RrWb_JljJZY4EujU9eRJSahYjPSvxB17S32uXn0ABDbFuGwNgDj4ysquqet6nUQG2kXZqMiw_ugt7vSKclEBISRKakBirurdsF-aOUq0X0KAORDngt9xDgxHlMnjItE75ujWDJNRezFhVs8bYyQvTYIf6x4AKrQzf7Dhdf5RfAHhQL3TJx6aFYuq8g28e4e17uWI_7_n5dDfwEtw_CgiKtrxZI3DqJZ87K1u28347D7mzNM3flqmYVfhZmUMVGAqKbswsdOx4JlIWHQGHKTHqPCQS5kRwCtIVmunWKWpC831HqW8Qu_lkZRRpqYItY8T240UGBN-6VVsRqMQ6BTRI-1fP7H2sXD_oSugSvNccjJFn7Vx4Qy5S76z-e7pdVqYHLRYq1Al84XcomTsdTOhFgQ859T1MmeWbUFW2_0RirfJ_qQaFDHcyoTGrR0suNC6bRMNW5-FoGtmofF2t5hUKJiWjOYZCEJzhGIrBuqxELUm4NZ36JKUfppYtnwOvfb_eDN64aPdLpcmZinrFNdwcTV-NiYBws6N2afxUA3h223zPUctyU_ujPJGZLe41jyQi4iD5dGao0Rw2M18xxeXII_jRuLwDNHbhy5SRoKO7RoSAOd3ZcHJ09lb94hLEWO0grt64_QGUS5PGwHTOe8FvHAMiUzYaT0e64BKdiU1z2I4D9mzcIL0vV5uM8P7QYqprJYC3ukjolzqJn1wm426D01wVgwCiFEoCreYAuj3t-5HhcyFqc3R9EGQByR7edOn6jO2157cI0B5TUdsJ_Am-ezLkyXkBgg5aos2abbCp3UYvVQ9f2OJqi_VfjcteuUyJugwgxEvvIuBFzle2Jd-TTDC8ivzChBzY85gJjnz5EciWESTOWe1QO8jP1n862E6fEjh8ONAloXCgNx8rL8TyjLO-f-jIr2xLoPY57kni3LejQhCZ-G2Hj0d2Fg3Ha-7KAyoMd2LxYhyvg9n5gZQwp_5CECpksCB2abBl1scOa_5wsAOB5IHRKsNxSqUP2sLEoDzpTMchdGvZCNB7C2M9iquz2W2gAI6Pd6J3StdYNeKUbDvr6vdIKmOYSS3nfmvfeBM6wiEAR-Y0VJj5_JYO7wlqDzAeC3Xgjw8h_F36l1r9jMFP8EgE6gQlpI6qhFQxZNZihqo5TfzfcCIlX8nrPEPIkcsaBNuBuMQO9LGR__-0Z4sN9KjypSTUmgWf3MQaBejUQZPVnCSJ73SnFY-_l4KiAkJZJ-cwFHXAJ1wVZTPp0tpQ7JlsPHd1Nr8prhX_fuFolrb8c1D_G5Zh0vLD8Y5r-pbNEK8CSOEW9zZ2vi5CGSK-uGTCmonFRK0EOl6TI5_BLAK3xt-bjjboajlX3B-xmwLZgwJH-blIYMBUF5bynVxC9CiXZ9zI3pTCAvQHxzyAxCo4swf0bM5S8_zNIc_nINgtUq16MCVTolpCIJYYflypleTen1jG1FLNBYobOUrqMGfP1kMp7F6bL7NiSG8b9z0TljY_yVCI6GXYIDb_k5IJw9-YimTG0CUjROsMoICzT-wJep4v9VN_E2l2xXZKvNSQ7jd05PuF_lWjhPsOkd4NBOC6mRZbHRs9t7CKouiNZVa2Ua4M7FzLsuaC-Pe9uKJ7WfWHTSQ6hnJjEpsd5V-pe-BHQCpCD2RS-qQio38T2_ObdwjN6JsuYCDe3YPj-6ijQbRuJpMSp2ZYzYYiSaWBgRMlO1VYosXwjookzG14FPoOk1-Xl21bDxOr8howM34BLOstYu2d8fHopQxZZT9TdMS-vbPJZTWfFzzcnbg6f3Mt4WnA_phZp9djL8j60g9soyT3rF2ipfhks8hcWRAmChzVYnLqtJknimRv-67JiKEynRyFr8pguEZd3KvLIY9AveMQ-3BtqHYbMJaW7Ngkgzf-CHQVa7XTzUGxMYTmmA-4&cid=CAASFeRobLptMq0O1nXld93VJzc1oduv-A&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
901423308767e9b6022a291e22e0dbf07cc54cd31c73a7c5fd901bafbe031819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D79D 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4pWwk7jnxEhigYaiQeKWrISQPnvBRlOoGa9GiBBrH0B3eiAXYZtQCoryoqF8fsl9okJFBPXrbkg6blDcsxJpCigljGj3979jlTG_cYTCcu0_6Gh0
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame D79D 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad13.adfarm1.adition.com/ Frame D79D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/js?wp_id=4285696&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCabUIu9BzYY_UAf-yx_AP37-a2A-vhYvOZK3DwJTkDvAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgT0AU_Qu5qZJTFbUP0SXjOLr1FA8MSi0ouf1AtSIOSszVqQWnDjUXXsW9Po9AYRXzMplvmyEYnNS3OL4b8ntJeoDIcEWNribciAnzu_gGRN9ikFlDqQ-z4hdxJWtmL2Id2swhL8X0KWPlXxxGkQsL1_MMz7-yiruUcLbZpx4x0JzJOFJOPCIyeCwKlI_WmK6uB7mLeSWM13ONzLa4GpaFqm5uFccFVC7yNUYOFyQfrBbzhCW5Gh36AN_jacyOUNZQIYxA9if8RDswEWieQdtbQNzH0GyjwouvB6Vfy06tmNtWa_oRszsNIwtIQ_vPu2f1LM_8CA6PjABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzc2NjAxNDM0NzQyMjcyNYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRobLptMq0O1nXld93VJzc1oduv-A%26sig%3DAOD64_1HtjHoLJJ2fcG1CvwZsOktKISQXA%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-BrsKt4t6ng3GQXh_TxVpwbU1N3C-LgZXsoKnq_m7g-tTppGompcs67h6FKd3srd_3TvCfgOEa242enM584jAujYbVJrNU9yXwX1ajaRe1r1d-cnS6WYiWX1EA98lwQfDvQCpl7tS5vOVCh4sRLRUYsUz9oWg%26cry%3D1%26dbm_d%3DAKAmf-DM4QoLlR8WlHQMhdoHM90c5Ko7qOSUUnW-knVFFs0_zFXagvyYQuXYZ2JnMm3n0mXNjFeNPUSIhz5qSVFN4HnzQ50AVN7-dFts4DgZhe6gSlorWFfto_AsGl0guv_OlzJz2dc_L4FywmfWaMk9xmstMphYR1ePk4IQ6lxYHf3v9Xq5ErhLGPX9zi2MCCHTlfuwU1b9hHwPseOsT_oEZK_N42mY9NIl4igHFANGVW7sLjKiBN4lbGkjeKX9hnzcWT9AQL5RS8bPOq4WWGpgoz5gfEOccV8WY-r9xFn1RQQGzkPcIkHyHYMvOOZlBBoPfyL_Bp-Gh8WNTe3kIQTQfcfEbj4Z9q8wjGV-e7JZ5mPP7jDaqUCaDFyZuxT8-I6ESLEkEFeZA8gQpKb99JfqDo5kiVls2cfU0kqGTO8MiYDMsbYkJPtMPraJcWW5GD79WWLZgQje%26adurl%3D
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
013d43a47cf3e2ec94a1b371359fba2b05b07af1bdfe253b9900bcfc8e0355ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:07:08 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D79D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D79D 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D79D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
css
fonts.googleapis.com/ Frame 86DD 		2 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 07:46:22 GMT
server
ESF
date
Sat, 23 Oct 2021 09:07:08 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 09:07:08 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 86DD 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:01:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 86DD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzBJ5u9BzYZDUAf-yx_AP37-a2A_ny6T-ZfKhkYyNDp7JtYHEKRABIJLa-XxgleKQgqAHoAGMoYnxAsgBCakCoxShzPvvez7gAgCoAwHIA5sEqgT_AU_QiJRUW3LVwn-sHDqp1FHZhOhtfo62kxxcXL6c4uEwZda2X6wxHVynRrO7geUiG1Y5X4RgDDkvtJz2G8l5xiopzGbDSFBT8vd11NTyPnyvgsDzQSIdlc6xNht108jiUAnWaMeTc4wMKmqdao0KV-vPjT8wmaidvyAGCtOlaMNxheaMB6yFQskOKU7K_ah8il8LMCpGfYgy9YbdHwkwo-O-W0JrzCg9Cpsz8t_qKZysI-iy0gzXfcb6LyxIwFrnR-4wG5uLUaVWcYxx-DAqsCzUmgg6hwnsZ9CMuYdLMUtb33RNL1BRtFuUsDRkx1tCDw5QgP7DTsoWlgs4ABbE9sAEkL_Vse8D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6uU4aUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ2OwF0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03NzY2MDE0MzQ3NDIyNzI1gAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTc2NjgzMDk3Mjc1ODk0MjcY8Jtr&sigh=C1U0Yd25HVw&uach_m=[UACH]&template_id=494
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 86DD 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:04:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 86DD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 86DD 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 86DD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
l
www.google.com/ads/measurement/ Frame 86DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRU16OLYNsqHDTS22y4fzieC-48SnoeKp6x2b6srSMCyOjYUvcUeYaiKb0Lm4w6Hmocl0hlB0IL2ueg0dNYGEVSmUGNWQ
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
9a3fbb06dccc6bd708ce8a7c18eecc3a.js
www.gstatic.com/mysidia/ Frame 86DD 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11281
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 09:36:35 GMT
css
fonts.googleapis.com/ Frame 5CEA 		2 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 07:43:51 GMT
server
ESF
date
Sat, 23 Oct 2021 09:07:08 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 09:07:08 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5CEA 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:01:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5CEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7kz3u9BzYZHUAf-yx_AP37-a2A_ny6T-ZfKhkYyNDvbItYHEKRABIJLa-XxgleKQgqAHoAGMoYnxAsgBCakCoxShzPvvez7gAgCoAwHIA5sEqgT_AU_QWcEIQHT03kwcLnflkAD8rYK3QZqSKyRtTlpKRuVVHp-Gzy5S327dF-IUt2XQwYf6dhjg2200IwPIUEXwEUGWalU59Yr2J5AeXjDiL_AeV2JIneAhLyi5WIcLV55ElOOS9xjLxNrkmjTSxCGa143Ve2oS-9apury4TpY8b4-_Cne3OvyXqZ0VjWj2UAN9nmk1KJ3bClvDm4NDlT8HKjNmMFa63rDEc0LWj_6Y7uFlib377t9DxCJ2I2H1GdVE1FzpXt3653jjjX5xpoILaWT8KDIppS3iNBAR7bLZFCEJJlFojQC6jlDKNl0lC39qt2gYy3wPOxhjXM_lLyc7ucAEkL_Vse8D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6uU4aUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQtLII0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03NzY2MDE0MzQ3NDIyNzI1gAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTc2NjgzMDk3Mjc1ODk0MjcY8Jtr&sigh=jYxjza3p_tw&uach_m=[UACH]&template_id=494
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 5CEA 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:04:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5CEA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5CEA 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5CEA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
l
www.google.com/ads/measurement/ Frame 5CEA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfd3wLgCeioXTFUBRZ4OLWFlHoOnhGFgkU19-lwdQTpvNAk7LJxKfSIZSPjJEgDCo4UIlUNA-q8VipQ0Onq0sb7hRJNA
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
9a3fbb06dccc6bd708ce8a7c18eecc3a.js
www.gstatic.com/mysidia/ Frame 5CEA 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11281
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 09:36:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AF40 		640 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNW4vT6X-CKazmMHc-vU_LvnzF_x1lX8JUX566uFSai45x1hebwrmVMZztg71H38aaoe1ar1LETj8sjYLsDMKRTKUyTV-xypQqs4r0n6H8iy4FPhLfqkJWnNCxTFUppJeIQ-Z-VApJz5IIUQLKMqr2OY0HdqaYQIL5S3vnsWOPsDUkoHSXc
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNW4vT6X-CKazmMHc-vU_LvnzF_x1lX8JUX566uFSai45x1hebwrmVMZztg71H38aaoe1ar1LETj8sjYLsDMKRTKUyTV-xypQqs4r0n6H8iy4FPhLfqkJWnNCxTFUppJeIQ-Z-VApJz5IIUQLKMqr2OY0HdqaYQIL5S3vnsWOPsDUkoHSXc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 23 Oct 2021 09:07:08 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame 83B5 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk00UOZGpJcQp1R6Rmad4AT-rXtfDORp6iv6QyNHR2e3Rab3RUBUAckkqIMm45pSwA3sNquIugbZcy6DLaqZi2DNA-IICIp5OVBNYS15izQYjBcp750YsOmZiWnm9WCiNqu6SkRZkD3hu7z0FKcR6f8O9cLA&cry=1&dbm_d=AKAmf-Czano_7wnp9ppa-QjJv3Ob8A1yeXVYDGoHjuBGYGGRaJ6OR4iq88NKWvitSTpDZ0oonOfS_A8fSmtZULE60eWjaDq5b5p7lyDdf_vOcmFaoX09iHh24nof-H3NhAJldzXgXep9I5gqFs2D2nJaCPi9-eUbqBU0ybtfmLyXD-VdxDu_2ydW7xnLQafyGmh91yGwNxJ-oYyjXowunrCxtCkOsveedjdltNunyEQir4uRfnUO5gFslXKO9joW6tbvzzJKZik6GpbQyUGTqtnueO9nyIIaUbTfom3OB6N9eN7fED7MjCEPaAs8v_D3YUc3o-Av3nKdIGgwIWCKbRFm1VqP3wnhanh7gED-bj-lTqdSscON5gSA_9WVrc0Km-RldUCkIpvUvukgiQNT4rhltPVMRyNRw7b0n39tjr6i81uWzOMoyW1QRnNXxGkNGv88lenFPOf2AyXKoY1Oijm03qdOirJWWTq01P1i1h-r1jzWxjc3fNAJ7qDZT8TCZDkxqlekaG-LRpF_YzVqieRR5yPMNpcPuLJYkMvz9fvtr2-tdk4v-InXDTFj9552rDtoOiNF2E8QFZYAzuVpfTas6IJLte1b78JbsYCDTVVZnPpN1Fk4FX_6VpPz0jVGvNcueAhgml0hGFyIb5ju0AaAgh1FXULacxtoCFEPk_J2gE38MgRCwrS1X_ejgZ5n2B92SK2cJisfxNwjGtUk-2SbLxvMPxv3dhDACdlh9nTnoWz8hbgL0bELyD-LZ1b9c8b8dsfxbTfQKKAt5x5mXkd3QZVo805wmAy9xmiGoXyP1RoxODNg1GChM5FUdHcJ_lsnI4IZuYIGLYCcvaOkNKmP6o1d8t1WA7O6I0Aw-UOmfvvlyXd8nuYq7VAWDiw3y-Thp-vKFxZmDYEjDJyEoXWNq9Ejm0-DfvyEeKTZx8HgXjqbyDFGIic7kjqiI3Q9uT1Q4Nbt5vak1tMkbHM_DjYBN8gyB6HS5cyOp_a5M8dQC3y6wXFUJN0qkOit9fWDSil6TlaUGdUvZfOHgnp8AxXjdumfOwbYkvWK_Ai--AqPVe1uJZ9idI87nqYoODg5Tvl1bROOSCSvupfQXfgkyQ8yOMqD1qT1t6DIar30DdswBxatdmvOarYmgeOz0_lXfzaUrgWC9G_wopLZwVTjb6SuexCsTZtE5LHzDRVydYob5Jqtns7QAdjeMSfAwzUXfAFKAc0NkCKEn9zJrl-40y8RsRQSgCwrQ4wmPTPUwoz_gG-_wL3Syqpg9N-tdItTC-DlZsEgpbW3CslthgVDFPIcbnhuy81DU4nHHYTgfdPPON7xCoE6MJ2QP8r8eXpxfOVq2tWFJl44rO4ADy-FMeZou20i5u4YRJK5TMnY7H99Dpl-QdqFCI6sTrpHX4N_L1Msd0aBwlKHCPwhTKiQpemPULMlq_i-w7FmsEvuH-KaiklbToVes7HP7kmIgUddcd8ac-2ZkL5oM9XG0kEK5bWY5ebM3Vc0BDCU_0nJBwAODsnWKMXIqoZOc0OHCTgs8JoVxswoC53KGc9xSdyfJuoWx2t-qRO-wQOc81Z8nH6q1Ar8AF21Zd6dV47ks0ioFbbVDH8Ph6Q6Y_H83uYjbHP5MWQ03RmV0S_AhOVH6lCvM4lB7oTC0pmZ8uqJSyJZO2CuVpdHuECC1u5zwCNujoVQDQo0qhTkDQMm1Oj9ugRVWCznsWk8aeJ4uMF7-x0ESzpV3XOUz-W4av3Qfdq1CbMVdzmRA6_SJRmy2AR6Jfq8zMunaSA52TQNBxEIejwpiUX1cMZmxF89yUxS0zrZVTZ0xP1XWH8FfjbOFJWTiCzMQHe9KHGvqmsi-Gh9Svs4HUVrXX26KDz5qeTAdRS5qvXsQWrJuNZlYUt4ouMF403Z-XBizWOrLQONq-pJgfisRTz5Z8UJlHBwiF9jRyYjMsQgCPi3jCD81754GBv4ygnLscq35N7asBkQxja9AxbiF3w1KbGBc3v6zZbHe18t2IvputvSjpXzlZ9J0rq1rPHiURT3oHTQZO3xsgd2MisH5oQPFxp95otLHnZeJCLku4KqgHA1OSm1CiBFJB8h3xRvd5CEkbyOfO6s4AsH0xHXqoPFYpVUBE1BuIOwAxEhiqpGK3-jqVyJPr2M9F4JWXgBVVS5HxUlSUl048tEzgIzIQ7rZEnEVaF5Cu45EYsZ0_tUzPZOcWilaqW5FVExB4DijG3REqwSIEOHwY2BxzexbNhs8VxwtS7xsnnmij_amhtGgReySUe7UcZ2mUCHr96XfZhqgfgPsSXFAvOiJm3paikncMrlqhz7X2fVjF_XOMUFzrBuBtBT3PaIlCd6_UxJ98mmss55CBhda3Q26tTYRAdaCaoXIMxjKWdU_bjBG-ioI0U2tnD1bdg-NWKC6C6x82VIBO3PCZKxitH3-Qao_mnm0mZBxeI1g0xIvEC4KNFkM5I3ey2eSNnsoas8xwZIav6qowaGrdqOC1pV2Oa6_oXEQx5dYss9ifqfgaICptKH4u_sgxBXPuZOXRGAWdc-5IT6XdlQZOpf80YbjgOpGgQQz4O9bKFZRLFjZyK94bK2TwPA6s6Kbw96G-2_WF7Q5bPnCBO69JF3-Mk3ACi5XWAifv7FGketwmR9LZ_A2vN-0jEmlWjc85iI7SMzEWVuMAHvcg3qF_00bbYfe7C1lxPg7jhn9L9PcShURzeCW-xMAYWb5wFXaezNrBfpUTp0eKqo7DeIVUzCQ67OzTVwuSvxDhHibgX5XBebtdh9jJCQLMctWNK6cHtORSz8g-ms-rwMuFq-XCPE_qvl9wcHQW3gYlcZcMzHR0OmFx_PyZGUMXWV4Qo6VedZzWWiN_F1upQD8Ks3PBsawE-StFy6fI_-DlQaZ2F6fq-8zihVzHQOaNPDNS__daZ4wTxxv36SDO6WW4VNq3loTM_L_2tWQ8kXnID7W7iNYeyH1K_ZEfF9FLLfiUuY1z3jZ3p9vaLKZX0yLwhnbnlZZ6RE_xlRW-RK8CRbK1CVhDHcIruakXujGlFYAZA1M6amnW6nf35MvHTekbamwGdFrtCXVJaGH_9Vo4Oexd7nNNeiGPz2VQMphuS5VyDEJsd5WrjD3IWJWWaHUVpu2-8MEIcO12xUJaBflYk9i5Ut_SB4h_C9WL91rFiMnHZnA-MKa4o889po44kUd1Ya0qjFGo_bOKiYnH2avIMFDd89ZnWU_-Y1YPff5J27JmqYLvkjJzQ4f4Kj8XXt8Fmfjo5_2kjxmavoCMmZ6xZ9KTX1HBvOYYD3OOm4R5Z00O6nAlyWDl7eQDeXkK2Ckfp89bDYUsPFT8WCqnHkJbcQg0mkIPq5-ZWsFNjkjUd6lX-kVoUwni0fKmn4Yobev83IFRnVgBf7BXjnnZflXBLhiwAa0aEr0xhZo3fQIGrBeFwVUg&cid=CAASFeRoGAgTdaf2x9FbimiBPhd9qFmL_g&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00e7157ec5f2b09ad67d01bdded4a13f814e4877604fec9d707975d9eae07a2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12980
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 83B5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4T5NklfvDqxOVvPJzX6_YiBUj1A-qaI7-y6RL_ln06aw52bLqv8GktOrEBVEDFqRz86Z3oZKZG6hQq2HtT7-PqTKfnlManmEL9zaPNVna3rCIrTI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 83B5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 83B5 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 83B5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7443 		499 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNVB5nJZSeBbIbFwiKMPHiRGsiJFZn5PalWrMlWdcNXaDHmvyQOqmCrsQoueso2007PyoWQbY2b6Uzs1881ceZEY-fq4ZEUzgAfWinmUS6vUuHJ1hNZvtvRC4LrZvh2tItqm3yt31ZVeV2Pi6kKPsDanRL3mpPN9ad2JpR-Ecz1j7IRd860
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNVB5nJZSeBbIbFwiKMPHiRGsiJFZn5PalWrMlWdcNXaDHmvyQOqmCrsQoueso2007PyoWQbY2b6Uzs1881ceZEY-fq4ZEUzgAfWinmUS6vUuHJ1hNZvtvRC4LrZvh2tItqm3yt31ZVeV2Pi6kKPsDanRL3mpPN9ad2JpR-Ecz1j7IRd860
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 23 Oct 2021 09:07:08 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame 60BD 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGs9rTYx4u6dnThWOjaQLYOu4TrPUizhgPU20yiobEUQZmzVaU_DQf5aYQslTsdxBmgPPn52cMiQF-RZyft1ZUqCSRojS_uJjzCY6g1v5TXGfhyB1MGXoDVFKadjk6CfvQZRq2f4ZGjfutsUpZrhNHvSnXgQ&cry=1&dbm_d=AKAmf-CZka4QO1ymi-ENjxj5DHJ-MUGTEM2QTu_pOsFv6JvMp6ZtFMPE4Tnin1rBdr3ZJx6N4HztHcbrNZhT9QL89KG48VtlNHXcpUw9sa65rjJqv8Ohis6aH1w_raujHS4HmxXWGX4rlJnNen2hEeyStmprqQg-VNmh6UlxbqGX4vWtsIH59agPaCEl5QTepp8NebTgv6n5z3oADw4jcommpreSTSdzxqIep-mgJIQKloF_QaT7YR4Aa8CWooR8aT5ELfMIXv128m2A6_fEsv8sOauIvey_nKI2ib3Ye1v_QBcghJeAfUGRMA4pYrZ28Rh84B_UKksoT3IE66LNjnpQJlZWIaTwZcBV29mjJhpxKJn37aE4yoZELXfJ8h7V-RZu0QAibY48kppVxKAak0O_bukZz49MhZm44aR7CCK2FGpQbudHQcuVDbWr6rvVAEQq72Z2eXzVHg385Yt-lM3dRkdGZbrmYEgNIu2qsTKivQ36GMO2C4H2uk-gYwzxpiNMGNrbX2w9nsrwbu1HSCrRMdPskJSn3io9D5c2767a0B2FE7x2-JlMZsqsUmmOHv6bVSU9L3f5RTPNifjXSKpi-9J4gOjEZm1mXscK0zwBaJ-_viHjsaEBnTcQWkZxa-Ofg2XLPXRO567_l2y2HL8hUH9z9rY0rbVztBQX27WSYPgkBQSle6v1_xiJaVZgG7iQaan6ICMAT5rih0GlpD1Xy7k4TkLj2hjPJjaNuApaXb-5cN9y1DZrBkk09Sl9HwoY0rRbWQwZV9SVA0V4KjAPiXsGlmQXSpToW5mztgX-O37z9wlOt0YhDTv5961PnaCzALFtddR05m6JNMyn5xMvZaC9qqIBD-LEoeOLj-TBQpPWvtOLVSBK8n7_jF09F1_Nq9q3oIC057etLDFgTebAMId-gC9qn5BZhfroRozHetsi81YHKdfNBteQ45TSz5bX8B4F1v7yNbF623c_OBQBta3qNqVX_CenSY2wpY4tRjGaFeycfzIaqXhrrpOz00L6Nnfsks567cb6zzlizNWyXhCZVeb-f4VlS_i-DZsnns1HTuQ9vbd1_wDcS6J4jjYtFNfh4f9oQZdqW7R92uJM1c3cLyLEXJl7e0hYZMx5nDjATBg3gIr1djQB_64xaxtqpHFrB0BXpqWnLY_qgKDjAgh_ul4e22rSJ2_8B90mwToRwv5kD_bJbLlUMZZNqHcFMnVLtjj0i9zg_eXgrT6WYFmVQPp19IwPYs8ySEZUL4gVpU8Cdp7GkT7pu8cHhUqHqt98hVt2FuL-NBTotqk_GarQTxAF10XDFsFsCb6hXA_PHGy_Wrn0hJ1HlOnaEDrQXiGt-5eYyw4ADN2uNCPmv1k82Vt14y76PA-vQ6m5B_9bJoMpDZ6Hz6xXj7cKQhhft9cnKxh1r0Veezhohi78jPkWJ7KWO7Jf1-Og8d60zoUKGcF7P4kCMkWk-k2vRJF_idzm2z7Z2TkMUbylGNUoJRqkP9MO7xnsG6NpQdMsqGIDir-nXFhUkWseFmB0A53kadkYo2Zw5ul1jTCQIu7O5Yo5JuSQezrBPh6b0VgaSs5lvZOTPYHSv61o-1FQL0LJFcR6Bkdj9h3R1f7_p3vlYOTdaJR7UJ3fzTusuDlEDXDoYomMbYNmebDQTJkNomDsiLu-WLFGtbUBcacCW2bcKNYm4s21stn5luNMdLStZn1prPp0-mpa-5TA0AYsRAAjEysAcItmhxBq6OxAMWkyeZa-TUpM1Sw37QG9o_xNol42dZ0Sd16ETHEXt9S5bd-eTYjBsgEtWVEorgUtQrIzeb_9grSVm1LY4LFnImk2wU1XemkoA1v5bHt4AJgnjyuQrD6NKeeFuScVcRDg6YuOtpb_pBciV9TAb6-d7T1QgI-72ZoCUqN366nAP5K-3YtRlGmACuidEoDBvAg9YbEOJM13GbP6Wyf2cImtbjBpWt08qSJ_f4_w2VzomqFTVPBjm_K4fs5bj3xMvSeaNDVu-HwVEY1fhCzdfGWVZxu1E1oJPZZuO5Ial2rvrGkQPYIARS7UnioVMmmsQBj-NCXP1cHky9bzuJ9Wrqt9_5vUkZkhD1-geIOWCWvALfkGU24Sc4Ng3iHYx3Q2ISqVV9_i_hoH2rNAvEVjtqnSd3DLgsGP4brf5tJMPl_QCS6jcEuQaoVVnkIBPSuarbX4NfMOGTfBfYDwe-Mx0mXUD1oOPLXspWN2a6HsaonTBSRFqmCkSLKB8Uc0ijKPYmCQIt58BfrQ8JyGUFJ9s2Sz6I0SYTfkfOsrr-WnEJQ7KXA7lW7wOCP1mFDK1jsq343XlfpSwuilBYoOna7FwqYBnwdJ5KFS1QZ5jp3KvA0mtS3gMMHCEQ5ZpGKadC9P0HqKRC1aSvvKfOmAOGxu5nVS6IFXf-GEkgjIPnVjywvRy17dVTA3NnyI17pl7eijHzzChRSTs_YuJSs6Fvg9rOTI7QR2BDLko2QZVK9SJevPfeq7yGwkCJiMBtTxBd72K6MC7ApethkY61OiKgXx_p9sxR1aEC-z879DImtO22uVpUsJpzMShW6VMEUgFRThUqcyKZZXKpBjNTJhnr2YOFRvDMDxXrkC1kgcHrKJRAhzyzxJmfXHWuXiHfTgw5hmBlAMwRiZ357Kl32Exi_Zb9nzIwktZoF5Xk--07U53RGzidU4TPHpTtUqBUtN-Vx2q1ZlFnQt3uDJO2tiNH-SEns-s8A9i3N-EvdvPd-eB-MDOvSFUMOxOxU02BBNI7A6gPdSFZjIfqkyCLL21Jh-LoHLmZrBFWB6gUCIQy4hVnnPLS_9DorewyPtF5QH3tX-E3wHRqeW4aJnJdmgs55mSdLpK_-2Dr8Orp-wHwLPuDsICUk2N2cIVYK-04TBggmW5OWqxSZS1zEoK6IDsoPLYG_s058HfpbOlGl84d6fJucnzfs6drfRDeBExJsrx_mfPU8iAH_HvNADpSXRzLv7gYJ6BLActasULFsKw0GcF4flLIYE-Kp5-mItdSDKKQf3CKbz6M8kahiKeUr2PMvEIu2ZG01J_dqrz84N8w-EYKC5XWX_DyYuX7ndia8mEroKLmJzHtGvA8qobVn4PpjuIPmFcCXU872WpUOALDEZYhxpTr0aMfirjL6N4DM8DqXTK7nFKKoPHm7iDULi8JOJzlot7nDbGkYqFAjNC0yfKvr46TyoCJ6NRRvZqd6QDMNLYSMWBNtkSXeq8ZPLC3gjHocn_-6XSJ8aV-x7zjZSWadgpnL1M-lAQl-CTVxr0gpgc1oN_foEV7BAD2ljJaoh89xCGZnQYq26xIYl_Ug&cid=CAASFeRoBF6zFQUNtGyl-GTGVtzh4SxSZQ&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63efe7467fa4b9d99c8f3fd0340930f88e5f91802de89024c4b9817b52ddb35a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13008
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60BD 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwY8HyAXhhAa7NWOxzTsQrXjsesJdagA-jx7qhJiyb9wdSdLlFSKpYI2_tn4cM5swe1ZouHQniVwW1pM-m4AP5agnA-Py0HD8eRgrJbzRdgyGQnlw
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame 60BD 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad13.adfarm1.adition.com/ Frame 60BD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/js?wp_id=4285696&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCrWn3u9BzYZPUAf-yx_AP37-a2A-vhYvOZK3DwJTkDvAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgT0AU_QHdlK-y0SdUaaD6lUq0our03xUKu9mJccc3Mj_tDcyGnU0iquHktjdFlzh9-NHxWlDvaItZZZqM-fXU5pA67GhIy-qhkyfmk0Z48JAc0HTzob5c4ABFdRfX2CcpYR_L26fLItas-ToMHKgU5UtDco_OZpnjD4VgEBSLiiArKrIEgNCFt80DJHBYOQnu_Rp1FwnUU8yG6FJx8cdp_qxmLfM__5fyKnAbP3_SuC918sBX-BuhcWDP74dq8vp9JyldZLCaKas_-MREkgd37pEN4C8GrUaxTBKtgnRBKLnxqb0QLZRSX92iH4fdM4QVFP3s-FOCLABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzc2NjAxNDM0NzQyMjcyNYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoBF6zFQUNtGyl-GTGVtzh4SxSZQ%26sig%3DAOD64_1WlyelH4XK1n6xt4SKAriWq5FNAA%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-DJc1-ZjoibY-8kiv3DALQDxn00fk6d9Uj5fBki97HtcsuJB8ZER6uevoBd06orHo2SB8Sbhwj8YCNCLK6uSU8kzQrGRf_uN7358IkBM06e1Y0FCGYFnt4vF3dUohMNfhCBjyhf4g0S32mJinNUKrYkCoLRQw%26cry%3D1%26dbm_d%3DAKAmf-A0DI9P8PsGZA8BmiYoHUA4Xc6qn57gayOah0Fh-My5a4LL2CGOyR_RmfCOtTA16sOg_CD3PUlgPOlKjgWSeBEZSEf05mVU_cLKhDFBC5TNXMaydQNlN0Ds05y4LbMhO7uMvRlFjAPJC7FGjF2WieFlG239InuU-OTxiZ1jXQH1l20V0WeysnfTnEVFskzqQ4s5ZLjtCBNrE2U-Q7FR89ZQTEgCpkXbQacNdaKIr7HVFacKqvArj7IEa0mZswyIVYC22wARBC6punjojqgqd8HMTVgTgdBDT6Fjq0Ll-yEjv30CBlyF-mBE7Gic0dBv4Pb0EGwNPE4n2N_Pj65m1ilbWWia4-2mfowZmJoX4raMN1j50n5UQryuy-Me0YcPaKjvFPClOi-Hye6rcNBdllhr-JTr4s26Y229G2Ux1-l7B29rfjk9_5jWs0h0dPLsIhPzeaXS%26adurl%3D
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
513156ad2577e26f744cd1d9bac907071df064e6f3982b1d36e718d17859578d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:07:08 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 60BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60BD 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 60BD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
l
www.google.com/ads/measurement/ Frame 60BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl6iPbD7d57n-zlRnJBF4dBT_ui4Os1bn0CGHssx-4ZQZpLcE4MAda1Js7EGqerVWbeyRSxEEsMOhFgO70yg026EK9bw
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
shopping
encrypted-tbn1.gstatic.com/ Frame DB21 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRgmEYwIPSTennyveiAm7_HQVG7JgdnsOgLaN_K15WLfPzSL8J14i5Zupx3NQ&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c05c05e9759dea58482bbd059e5270eb586bdd58ddfa525856e516a5aa0848d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:48:25 GMT
x-content-type-options
nosniff
age
112723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29878
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 02:40:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 01:48:25 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame DB21 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTdBTujJP7kx4EB5N5E-SNo8ca4psBxc-InJuj7qExlxd1i7YU1CVjq0BBX3Lw&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95738cebf0175a455b2119bfc27c5be1f845181cf9d2f1ed537ae0057c3fcd72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 11:37:43 GMT
x-content-type-options
nosniff
age
163765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
47873
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 03:35:14 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 11:37:43 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame DB21 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRztt8XybWBopGFVro0Dr3MDKP0bb3iJ8hnOhAKZ-n59hc9VeSR87XggE4sfQ&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75e5f2c53ad60226ae129939d789e62627a5bf22e0bf63d761c791a36cb9a2e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 03:04:24 GMT
x-content-type-options
nosniff
age
108164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20400
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 03:02:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 03:04:24 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame DB21 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQqEjYcx_buhRjjGpd2RL_ajJVkTaWQBYOlOXU8f2DHck4QL34&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55464748e5683a0a74c307761554484848be496a692a6dce22cd75c9b688880a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:38 GMT
x-content-type-options
nosniff
age
206670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18156
x-xss-protection
0
last-modified
Sat, 16 Oct 2021 02:07:30 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 20 Oct 2022 23:42:38 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame DB21 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR-kYE26NrmCVAcWlA9irQOaaD23OhEEeoDoukrxhdTOUx4ftEeHLicHKMqKeA&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daa80f6e1e685555f40440b4a724867532d81e37619171aa956fb473dc2d4b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:16:46 GMT
x-content-type-options
nosniff
age
103822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
31134
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:52:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 04:16:46 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame DB21 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ55EV3xiQf0sWvDbMItVKHbmdhqPTPB7SKGzzHM3mRvsdmIMoHUSXoiOfSH14&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2a08f88a6ef467f055abb1a50c4631a591102f342cf541b8d32403df7dc000b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:59:36 GMT
x-content-type-options
nosniff
age
122852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20578
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 01:47:37 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 22:59:36 GMT
9074747796639100022
tpc.googlesyndication.com/simgad/ Frame DB21
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi
  • https://tpc.googlesyndication.com/simgad/9074747796639100022
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9074747796639100022
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fc1139b95456b8d7d3eea1986793a3a55df913bc5b587805c132cab22c89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 15:15:25 GMT
x-content-type-options
nosniff
age
150703
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16716
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 08:56:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 15:15:25 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 01:56:01 GMT
x-content-type-options
nosniff
server
cafe
age
25867
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/9074747796639100022
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Nov 2021 01:56:01 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 86DD 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRgmEYwIPSTennyveiAm7_HQVG7JgdnsOgLaN_K15WLfPzSL8J14i5Zupx3NQ&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c05c05e9759dea58482bbd059e5270eb586bdd58ddfa525856e516a5aa0848d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:48:25 GMT
x-content-type-options
nosniff
age
112723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29878
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 02:40:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 01:48:25 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 86DD 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTdBTujJP7kx4EB5N5E-SNo8ca4psBxc-InJuj7qExlxd1i7YU1CVjq0BBX3Lw&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95738cebf0175a455b2119bfc27c5be1f845181cf9d2f1ed537ae0057c3fcd72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 11:37:43 GMT
x-content-type-options
nosniff
age
163765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
47873
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 03:35:14 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 11:37:43 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 86DD 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRztt8XybWBopGFVro0Dr3MDKP0bb3iJ8hnOhAKZ-n59hc9VeSR87XggE4sfQ&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75e5f2c53ad60226ae129939d789e62627a5bf22e0bf63d761c791a36cb9a2e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 03:04:24 GMT
x-content-type-options
nosniff
age
108164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20400
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 03:02:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 03:04:24 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 86DD 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQqEjYcx_buhRjjGpd2RL_ajJVkTaWQBYOlOXU8f2DHck4QL34&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55464748e5683a0a74c307761554484848be496a692a6dce22cd75c9b688880a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:38 GMT
x-content-type-options
nosniff
age
206670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18156
x-xss-protection
0
last-modified
Sat, 16 Oct 2021 02:07:30 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 20 Oct 2022 23:42:38 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 86DD 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR-kYE26NrmCVAcWlA9irQOaaD23OhEEeoDoukrxhdTOUx4ftEeHLicHKMqKeA&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daa80f6e1e685555f40440b4a724867532d81e37619171aa956fb473dc2d4b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:16:46 GMT
x-content-type-options
nosniff
age
103822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
31134
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:52:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 04:16:46 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 86DD 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ55EV3xiQf0sWvDbMItVKHbmdhqPTPB7SKGzzHM3mRvsdmIMoHUSXoiOfSH14&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2a08f88a6ef467f055abb1a50c4631a591102f342cf541b8d32403df7dc000b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:59:36 GMT
x-content-type-options
nosniff
age
122852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20578
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 01:47:37 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 22:59:36 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 86DD 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTLCdNsg85OlpMckRtLxCFfyBMti1Z_Wi8pL1Hv57BgJ0HDuHIB9xFjrHNiFQ&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be787b59752a62314c0e9ed486be7c3d5417031ef2c23de1775aff3c2c5c9064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:15:42 GMT
x-content-type-options
nosniff
age
172286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
26091
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 03:58:23 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 09:15:42 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 86DD 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQfWiHBBmjje6SfW_6IjIBweBY1EgR5Ix5HmwDJ2VNgr1JakJKE&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6abb20eb5bfb087d4f2561081c1089242c3e56bff64e7e6450ae1e432fcee3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 11:33:51 GMT
x-content-type-options
nosniff
age
163997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
26977
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 02:52:51 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 11:33:51 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 86DD 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRZcpys6QGNYOr8qYPyT5cqMQlvLP91AG72lyOVeGc74uLWU6NQTBjySbcrcA&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a736d0eb1e415b2d66513c1acfd9a5f8f17d4f6a0a286986da3308dc9600b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:19:42 GMT
x-content-type-options
nosniff
age
197246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17894
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 11:40:06 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 02:19:42 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 86DD 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQqdWUKHON4FwapEn2eU35q5VffvVmquETOWrC1OFwYh67CW4j3esavD3JNMn4&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a771688beae44fc2524ef969e89a63893d6f79bea53c9a869ba6771ea76f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:01:40 GMT
x-content-type-options
nosniff
age
111928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19099
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 12:43:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 02:01:40 GMT
9074747796639100022
tpc.googlesyndication.com/simgad/ Frame 86DD
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi
  • https://tpc.googlesyndication.com/simgad/9074747796639100022
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9074747796639100022
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fc1139b95456b8d7d3eea1986793a3a55df913bc5b587805c132cab22c89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 15:15:25 GMT
x-content-type-options
nosniff
age
150703
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16716
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 08:56:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 15:15:25 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 01:56:01 GMT
x-content-type-options
nosniff
server
cafe
age
25867
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/9074747796639100022
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Nov 2021 01:56:01 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 5CEA 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRgmEYwIPSTennyveiAm7_HQVG7JgdnsOgLaN_K15WLfPzSL8J14i5Zupx3NQ&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c05c05e9759dea58482bbd059e5270eb586bdd58ddfa525856e516a5aa0848d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:48:25 GMT
x-content-type-options
nosniff
age
112723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29878
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 02:40:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 01:48:25 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 5CEA 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQqEjYcx_buhRjjGpd2RL_ajJVkTaWQBYOlOXU8f2DHck4QL34&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55464748e5683a0a74c307761554484848be496a692a6dce22cd75c9b688880a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:38 GMT
x-content-type-options
nosniff
age
206670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18156
x-xss-protection
0
last-modified
Sat, 16 Oct 2021 02:07:30 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 20 Oct 2022 23:42:38 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5CEA 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRztt8XybWBopGFVro0Dr3MDKP0bb3iJ8hnOhAKZ-n59hc9VeSR87XggE4sfQ&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75e5f2c53ad60226ae129939d789e62627a5bf22e0bf63d761c791a36cb9a2e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 03:04:24 GMT
x-content-type-options
nosniff
age
108164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20400
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 03:02:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 03:04:24 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 5CEA 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRZcpys6QGNYOr8qYPyT5cqMQlvLP91AG72lyOVeGc74uLWU6NQTBjySbcrcA&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a736d0eb1e415b2d66513c1acfd9a5f8f17d4f6a0a286986da3308dc9600b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:19:42 GMT
x-content-type-options
nosniff
age
197246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17894
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 11:40:06 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 02:19:42 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 5CEA 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR-kYE26NrmCVAcWlA9irQOaaD23OhEEeoDoukrxhdTOUx4ftEeHLicHKMqKeA&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daa80f6e1e685555f40440b4a724867532d81e37619171aa956fb473dc2d4b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:16:46 GMT
x-content-type-options
nosniff
age
103822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
31134
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:52:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 04:16:46 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 5CEA 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQqdWUKHON4FwapEn2eU35q5VffvVmquETOWrC1OFwYh67CW4j3esavD3JNMn4&usqp=CAI
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a771688beae44fc2524ef969e89a63893d6f79bea53c9a869ba6771ea76f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:01:40 GMT
x-content-type-options
nosniff
age
111928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19099
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 12:43:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 02:01:40 GMT
14978601946328591918
tpc.googlesyndication.com/simgad/ Frame 5CEA
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw
  • https://tpc.googlesyndication.com/simgad/14978601946328591918
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14978601946328591918
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 05:08:22 GMT
x-content-type-options
nosniff
age
100726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9527
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 08:51:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Oct 2022 05:08:22 GMT

Redirect headers

timing-allow-origin
*
date
Fri, 22 Oct 2021 18:12:10 GMT
x-content-type-options
nosniff
server
cafe
age
53698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/14978601946328591918
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Nov 2021 18:12:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 26F3 		363 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNXpyak69zJk0nVV39KDz1hq_DFNaXYt6NX1QudfKSOBmiYt_YfWIIhrpSwZkRaax4gGFMPLxLxUxj3-0AiEvdfHGCpER0e5LJYa4_MO3TOvJbCSC35RUzEKo88C7dKIvmuCMe1KHGZblTg5h1Yc7lo6wMJQ8cvGmKzAe-zJDKxFVorbmTE
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNXpyak69zJk0nVV39KDz1hq_DFNaXYt6NX1QudfKSOBmiYt_YfWIIhrpSwZkRaax4gGFMPLxLxUxj3-0AiEvdfHGCpER0e5LJYa4_MO3TOvJbCSC35RUzEKo88C7dKIvmuCMe1KHGZblTg5h1Yc7lo6wMJQ8cvGmKzAe-zJDKxFVorbmTE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 23 Oct 2021 09:07:08 GMT
server
cafe
cache-control
private
content-length
206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame 1185 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCsKpFv7-b7-qyJ4-gr7MNiyguW8H_HO-JEGvrQb67PmFsAi9xim8rE1DQdExECcgqrcKxF7rBk7K6w-Fx7N_v-qq4bxMU1tUa3q4qDnrc4DBuP_q-FlHFMOcL5Ph49gxXBtaZyVBnPOgdtU0cyUAcx5VnYA&cry=1&dbm_d=AKAmf-DkMOfMqrPJY9va9wWwT_BxA2O4fHWUYoJfxPnEmjALvMZj9sUNAkgxGHtkGCvnBKKbXOARjt4sEHIcInTC5G74T5VdSiT6CaPfb1HrrB1u3Z-eerdlWc0_mF-EBZIPsXNIY4Blc66FuSZJCoa5UIeDVp9RO78TTwdlvid7zevXr7vJCByZJP0bxIZi_ykbHfUcIsr2JocILETfVH-1vHt7ts_inIbrM6GqgNFL9cuxKNurnbwPo_dcIVj0Ju_dTUSJeekquK9trOnxOEqnNTtfKBbI7g82VkU8GrSaIa0hLTf-K3lxObINAb5t7nCX11PmTWR8vDhFaL5_HivZ8E47oXV0lxhXTVoLSlPyoI-BJaYJWrMpm8PaIu_p4oq46MzhVC86l24voFTrdpMgNF5j6pwDgfzr_wQDTm-a3PL28s__b84nfXUg4S2uGA30zNIRKg_6L1ZThUz7UwnfTFnoZEd6L-MCiNGAWrQWDpcovKX_Uggpkus-wzVThVSAfPmxaOTfi_mo7ko3ScjzmtOJeC9UF_Nam9PHeAn-lQAIDfEB-UkrCM_WoqDFUjoHeq9_t70sKP_6hdnpIN9S9nPRB-UtCTliS-grXZF-rHKrAGv6XpFa5vO1bp0wkkta8Ie4c4vYlPAo57C4YzoZgpmY_PFT3hx9CxhHF6pOnvOPuGuJc3FFZO5fdV5txwXPpMIK9SdIj0qI0t1I2eH9C5unL8taFS1CJL_LTrGeEcXrpxBSbsWOVhdvK_CKRrhwfRXPpHxvxUGvzYNUpapQmVXvppRa1zJ3ifrlQrFiKjJifJUeNdK22W3CUKWh_IoFvb-lEecZNt2tDJf428_DmsLyDXAmkoP5fMYhbQNPAYwo1kcicN4o5yn5Kf3x-QbzhS1ZhCm-qug89MRQVst2C05eCREZaNVQ7Ec__nRYU1TOtmXtWzXfhIMRfDoCLUCEpolw6--B9NgkGXwEsH-Bj3Nthbxji5fqTXcoRU7XIQc8Z8avM-DF34DsNr0sgIHg-YzyHFE-3wDxlhcb7yAMLzHmIt311SEEpTBSK8-f7_zbAqsTQpeFfodxhO375iR7Jp2oKeq8oMIeHJD26MU1K0nR6PT2DwRkls9qgy1sXFVBI6nm3L3g0TVLZESI2SbuiTMlUc_hmzPoRff6oVuCwAJMfMYYvWdWcwZrQp6qkRWUSjs_IcdSPqslGy3f29Xo1aLXXgWyMx-1j9_PF6S7DOa0dNGnE8GXZ0xdeK-MTj2C-_L3gDrr3kwdUema-ePdof0KUMlSR9X82ZSokmHoKh6kJXs-CCyKewXl3IgN1qVF0xkTV5ep-jr1VDGo1ShRsN361CrdCZNaQYxb2LQStiFEhEhc-p9Zf1Ly0_CA_VhABAxl-QwbHKfxdkU0Z0estGtolFcYbhjULElSBnVhqSg1JD2Xjs0zFQlOS6S4OkghWOsO_qO6brqeyGgTL8ZpU_uWzLRaC9QFPAUNahpNBELeyXk_aMQ0unNvNuOKoJlE9xdy1dIFkV2ssAz67MnzBYDLkse06UMNlH7YYX2WOnw5UUTw-aU_9xsFvQ6v1YGZ70oelUKUO5A92_MwiFN9HhhZ_sz8-_G1bR959DvR1zWRA4I9p3zqU9KbGhjrFRfFlolEFksa-XIBJCRgRR-66WNTP7E7vpuBb8FmMndNNBY0pUDPSyLJfADXn9hgTv63FZvMPI6sXaUuSTzg85jupo6Md_oHxgotnwUpgrkOEQJ8xYfi722X54GbhxTIszHfFhr6zsQJi1H3iHLMId2nL-8NvhagagWNrNxMaCqTKE6-YOHV6INgUuvCphJD-WmhGCtiV4pMpLMyEb6ee-ZX26pI0jUsUsVKu7XBQHf-IrXL7KBocADHk3CyOBsn9krfKSLAXBONRcAn7jIJQnvY8CdrStyPHfMLiSAYC_0NYzaA1an7HGPB4nVGSDaWl__KkdjQOREjxbBAqRTHtqvG0GOONYxRvjaeR3N2RBushCTYdvEaDf_iIgLmClPs5PhxhIAZAS4ONG3QJV6F3vRntqqzLl72QFzOmhahaIMhJQohwwf9x9QrTlSQ0JzzfFsAVRb-MHUkxfMY1gCb_bG1XBsjETobuNkUKc_bMQ9kRU-cdnBVIlMLzWVLtJPThhhtJ8kteEmq83Qfr_MU4nr82T68fmWAsJrNqDqPYOs7ae-ZjpaEPBEHI9nUu3EJEkUNiTc5CzzIJRpo5xyUM8n8bBhXMhIkAzrIjzH6itV3sHhjlpfzrOqsM6PSv723Pj8qHLJA8wMfOC3s_2bsMJSQPTvVYzfcrken5RyYFhAMFiFuDYJMhrnNYLlphPDzzaQ18kxssdXf1PfnoyznuuLfyN4WZ7Mz2dYVT4tSUUENQpb4QtiBfK6KJCWLuL3gRiJ-3bi-BMguaocgo2lCPaZzA006vb-pZU7OEJM6RWuV_cXcr3u3TD7Hf3BmhUFpcAc9w32Fh7JfTrACFu-1wLtY5Ztp6rH9MzcW4yhE7jOBroy4gi7wQf1PQpxvjgU5yVFHYzbVNKDRrNxIMtmd0q8ruz2KcyMNfZizSKSQSk2rXAdUByESKcLz5uaz_TB1N3eDRJO0OU8RhLDklY8TeuWHATlIW5l2hRQR-sL-Bet8QwUZ6lyrVLZniNJrNz8h_6Is_PNzmdltKe0jd_PqEF0_UdQziMXqRkhhnVRZHOu1UFP_sdJjDoWPJgg3GUFPWmmY72EGCEKVwTh-J-WZBTm8bxO0kfJMWRPfY_Z6RMCGq_xXnJ2iCFQIxkHIp8yBdSIf0lcLK23AefAPTtGYTFhZm9WftA172e4urRr6cIfsSXgItMXoy1SMKgmGq4Iy8W3Lfr7npjLql6HpMaYrx0iBQg25eZkrz04NOVPLZt8FWdssTAHKwh7O2JHPw14-SHT8xm0fuoo6CcnX1UXFgk2pS0QOHNXW-dn1PWU4k4RNeiVlh00zAcdxfZkCGb_FpVbSq8XyNs8XooG3-O8TnUOtnECIzXIi3Z56Asgqf1F7IqahMEs0rj05DcStMjBHhPXeGw8gsmZAFgHtUrvIFJr3EQqLOmqUVfi--FoZZ7VdPAeOgbltMVaknCc1PLdVQsHkc79IcW0iHVCATlWhaic7B0SZj-FPk-dnLPB7sAMQIItSw8oFOfQ44Jc05tropNJckNu0le2f0ZnIInV_xFheRMDkigya6A0X2MNg72frrLE4d0Bi3FaAbbw8mefVk9WZmE_F-D8oUXIdJtNG6vmK3V_oV1cDajStG4OX_DIv79hYZ2WNlg&cid=CAASFeRoaQvfxYpWD9PSbRhLMyPRA5FkYg&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c9050e08bed3893c685966b1379346a26c30e79dfd1704fbf02d45ebc20f7f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13163
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1185 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOkQt5xjW4PeBqZNl9O-IXnco-FRnlJbDDLyr5PqEIUBFK3eX17HM4PqUJs1qqPKXkctRQVIJaKyGXI82m3eDkIQa1HpXodsaHZAY0elpuqI8bGMM
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 1185 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1185 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 1185 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1472 		363 B
270 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNVpqYGkRreOv_E-A0xnupYEAwKHRmneukEfvTyZVHOeKQRTTOAvYYYPlC7r6IDUmeYom_j9pjEKRJPRTpTUB6ZfmcdxNG5BxjherNKVb745Wq6cyw3boXHNjkzou4kP3AIK3vKrnwVqsJfbuRIx-DzWUyhW6-FrKag1I8a88-hFgx-sB5c
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNVpqYGkRreOv_E-A0xnupYEAwKHRmneukEfvTyZVHOeKQRTTOAvYYYPlC7r6IDUmeYom_j9pjEKRJPRTpTUB6ZfmcdxNG5BxjherNKVb745Wq6cyw3boXHNjkzou4kP3AIK3vKrnwVqsJfbuRIx-DzWUyhW6-FrKag1I8a88-hFgx-sB5c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 23 Oct 2021 09:07:08 GMT
server
cafe
cache-control
private
content-length
206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame 3D25 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvxuRdOI-HACEg7YNANYL3cEV2kXNdAcZPVJUChgh2xDbHogs7VeUUqMJX5GSyXbS83Xz9BULWmNMoI9kSLhx72LAcnhbxprcDq-QOiEZESGjTshItnANTRsDO-4paJXwnTuO3agLqz676zUHcKatO5Pw3Bg&cry=1&dbm_d=AKAmf-DatHoPnsBbMieTM4dwJMAVe6WCVQ3k5bkJHwYKYBYkoR8hcSY-qkplFLtThfy4FUOx81xszariTlF7ZdNOObxVCQOOkS_li3L84W8fb6jD1JvmHqGjAWCgkvX_we-M3SYlR2v99455omcxPzzwZGPWB0tnTa7iS9ODWtgLjDLYuKqMGfrf-IGfRSYhO1O7NJVInX9wx0DgIl9qvguFhleyNrSojs-sff9i6BQQPljoahP0V0QG9eS3LDqxMGRIyKI0uTcs4mu-QsEg-pi-D5WrezMXtBnCSKBiaWzSPXXfzSxzr8YtCa8ulxEKC0-1VhtdF_Sk3xElw-YS17R1btX3NOaz3sohysATaP9Tayn3UO_YW_5Fnl-64QXB59Whm5w7o5OV9TxmxNWxzvnKW6U84RQR_DZ9N7uNlULrVU1rdQQOMOm5SVA4uhwDzoYYZ8KuiZWZ7lO4hVFF_sctQLwVPZ5pM_wkpcTzjKmUxPzWXGm6czb63Od9Cys1YSjkIQYte3MoHgrU08bvTes5Dv8B3YghdPz35Gca6aNAlYzqCep18VsgZfQwk52bb7xG-ulinu9MJ5j0h87RdmC6SkYM6sL9CnAc21trWo8mbiLVGnoQ0_-hSeIhZgO4Fwv6z7do6HbFlH7boG_pA9oINBYNFYovpPrwO30L1hUcCQKmmYVjuc82IBptN08yT6fZOBGY4WeE-pN122txHAaQUUJIbppTn3J_ytlgVe4DotWN9l4uJgRNmwYzub0z10YzUWYrpIswF6cO7FbTVUvdoIMy3eFM4yOLk3IfGCtPlta6viC5GTLFEjjFCcfGE0VDAcOxxacje60HWW6hABlh-F9nz25Qb02IZnA7cMa-Cn9X_KcewhlvSgcmco5GHiwEvXSFSY4aAuPgJ0CYDr0DbvAJBpIFkCUz6stJtCWvN18tcW_cOJmjTncHSF1_F7FZckg-yLZQOd0P9tRIHQwJGTlskreIIwP1mRe2HN5dZjhhgkrMguAK1zWkluBwWAeuvo4KyaJqQP04RGrqRegexGoJLotAdcwKivrwnlepZTjumsWiauP-1YNzT5F5pyCTv5bi_JnzUvvqGnIJL7yd1P9RW3eXBHDO6W-V-HgS8YJ_HRsKJlxOPI3iUxOK0C2LnePwumf17tJy39T6thle1vD19xecXDXdnVomg98qHnF13paJcNk9HZ_Xkw2tnvky_hBhxsNzjZujKHBBQ1ynldwZTNPY4BIlAazSshnePJrINriNXqxollpUaUVahDF9MihbZ312o8m0d7jC2m4ulvttHzEPbKa77I-IiOCa5wqK05RXZbwRC5mzJZq3uN6_x7oj7iVajFqnORfaValuk2BXmruy6pkQKtd1BK1GbLTLgvPj362m1DNRIqz8x16Vy1N136qFP4BtA8jJmabfE9zhmBkwIMXK3viwGClvjAhlLDePKEz3d6bA0hDIn3AKoJ0PKW-aXNKdKga28akZlDhLC9z42GHn5jHw2W1vJ4RepRlq76CIXnzx85OvWFSxnMcREPbfKehe3ZMyEag37aBiTbBvpY_rgQaNnQpv4rb4KHZqFxt-cVCvbZSHANXFqf1w7z0BjIyHfrr894EPNKc1t1GcG0OC0CvFX1TaUwmhT1LgmHLuvI5uPJjbHmmA2C1kSd9sYqM7A7OzZtevpb_46_EG6l7OEVTUuKvtybI4AcnQLNUYD1kAZ9u4xrVVVS97m3bzXleeNQNgnO9FKmStmyaf1d86AyO1jdqPIqhat6tQpAe8uOHfcvz5bDc5JYBjN_LMCtP3D9hcth2WvNyaWNFD43JIQc9NqMVlhabTlkThz9Yj4Y1xlzbCjW_mTKYxQSF2mFDYcipS5_8BUpZBOw1Zt-mw6WYsdAbX3A58uPi0IaU4Qi1AYI5iPcftEp40AM9kMIIdjrMIG1KlaGbZPRCMHZ0vzFDptTKkpGHQ0BpPGOgu-wmDAzW5oGNIPG7Ysoc3DDYang7QSWaNsCgeolnD75vSwwIocveUluB7-TlpcaXJX1Ft5M4BAh_T0UEoWh9sIIXMpK6oA4gBqJvCG2TY8bOoMJgFnP5xpT_e8Tbq-9X2W9_uwHNeKbBhuJX0qRIL7eAEakyguKGldyP1_dv5yIQdTTq_YW9fNxfcaGiFmCokQ1TmTbm80LeYktJzbTL0cdIDgB6UsSsIixoZEip5nR-ypyfHoWPGzA_sFW-wim4vQM5wvpMU7ImK9zoFFlbkI_XgOVaj0vkqvvjc9xgmRELZ5ahsGQfUvbjJr1GG5xwmtcssSU1CW86q4uxDuSE_PsAxDeCMLK28Lpiayu72LIrDbtKhY7fZlQm36NYSP1RsdJVtTlshk5istRkP_b_RHaebJnqQn7fvoKITe2T70mssielas02uSYboIRClUIy9-dWgL6oeUitGm-u-nE7J9VN5YeKsZ4YhzsfsAEIF7VVTdVkhPsdiQNt27PDzbS7iG9ngLRJt-mI5MiNkWjy3tCTncn8YtQzWkTJ3OpLTnFMRXpnLM5BXxDWdVnt0Et1khOKSmIe6EURfbO03akqlTX0XM4SuFYF4NwoilE2iC2Jdfy5lPtaVcmwoUJQ8c95pjQq-aT_I4hLyEndPBvumCDjsjZlISlii9t1gpB3qK5VhTZhfApZ3q0NiRgZ4rpE2UmI39Lm9PAxCc6ud6i6VICld3MMF8o9nEtnxi_yYE8K9eTuu0UdOG1nzHGveamRh-Bw7ZF_izzgpLJvQAH41uWaYfyhys0nRwE_hZGbfzT68VD40lE6FZP90_RpyU5_IubLZvvIRN3AFQIpN5fsMlclmShltdK5V9-DftLQ-oN78IugmfktfXZXcRsIpoA1tmuMMJWT-m7jD-zmImjLgU4YY0bsmSfNndz-yj8ByXZC0wT1VKhbd-rGVNZfBYBWsk_uHNPmboMRqveAGPMp1AAVte9W8sflofzOf1I_rlWoRqcYH6qCQWTWRhAw6qcaZq9_PHV9TazU5s9BFjW5ChO5aKaoFoVLtYYlCXpuutuPvM5ONc3q8rZGVu99Ckb_xzoF2KD0OlDwgElGPUEocjuJO3uVgYQP6LymQfz6o16_keVWk51P4l4RUI9hqY2Rw_S-u489M0m8KLDR1UcJU2ymbYUjkJ0Kvh2NCVFsz2Ki6zx8u_ZCO464lltllO4gKlk82ezVRtNWEXY5F84Unbq613gW1HXJNUx_mW8tyS-wrt6EPEfxE3j4JbaFY0QqTXnMdMLwiPwVJTVXn3622g2dfYDKIWuvCmj-WxuOPMw&cid=CAASFeRoT8O19kwXo97v8XS1GK7wHqBqQA&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6071d5e9f2418bb4bad72f3cf46e4c74912192aa240bc81a4577e8133b423728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13094
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D25 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DvMI51I00G3WevfohrIPQnVvXNwR2ppDeXoWb7dX7ASrapuOfjKHfNCe8tw1P1vv6vBhXo9yVvKIzqR7gVIAg9wybNrkuFRyScHnlMysJgCKrzL64
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3D25 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D25 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3D25 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 56B8 		398 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNWM7lXZ0mdKqGwKf2o1AI2HfaaqvCNwnv9ww03XY5ACJ07m3LsQQQiMoFM80hF2SFNVCPTrfbg_HpyZlNcM1lCZc2PrAzjMZUZDamkq95VEg_qXMHlorg4kdw3ZWulJq4Lg-sbsHzN7uq46aj3O-B7txakhNlvKz3oXMbIfmMtBjKbthCc
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNWM7lXZ0mdKqGwKf2o1AI2HfaaqvCNwnv9ww03XY5ACJ07m3LsQQQiMoFM80hF2SFNVCPTrfbg_HpyZlNcM1lCZc2PrAzjMZUZDamkq95VEg_qXMHlorg4kdw3ZWulJq4Lg-sbsHzN7uq46aj3O-B7txakhNlvKz3oXMbIfmMtBjKbthCc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 23 Oct 2021 09:07:08 GMT
server
cafe
cache-control
private
content-length
258
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame 7EF8 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bfk91KG4rqVGFqorWwlwFavQGxoXKCB0zu7jZiXOF1PtZZ4txCxL82zAEeUtGLvM97udAfx1ybMErRiPhHO6iv-skO9pc12t7xyp7yMUd3s2QgWXeJ9vxZMu7wpLNjfcZzWCT7Sf_A2S9QlCqRF26CMM7SIw&cry=1&dbm_d=AKAmf-BRV2fl7FqeSlhwrx4MBwtb1wdXYJZEXUxqRCnWuUv8s87-QauDq9V40TURfS0VrTdLAB-iA7eJoSPZE1isOBo22XXf-8cx47x3QsewIJGE4lTmazLm7YxS6Ml-hsdU1OIHPW2sD24fQFRCfHCE3cuRqV4XWytU3GP05iJDa9SP_VbbdqaJvYKJ76NDHmZ490Ltp-P1yPONchXkzJoAsuN5eOWdmGpaAn8-WfkcP0Y4mqieKV_o2Fe5GopkmY0gcQZiE-y5ZVzsezGb3R8o_J_7eRJlZnNh-RdrlZrPnG8gvt7WVhJMyANgURg0fssB91a8CEPuVYwKKz5EBZ9rs3qZTJM_heT0O8VjCsIHDVMxUmeVF_NXqMln3OLIxV7iqtPKWc2iE8Eym6FxizUY8HQoELOoiufykh4Pr3wjMcHEZyVsUpfPPBDpucJsqMZezQATSPecHl-I1JFkmZXqHCn0BAlz6mon8Ovc7iGwjdOqsbhIgcBtRKJrNy9mbdiFPa12ABB8r7m1RIvpnroSEnH0DTJrDsIZ8saNWrpVofQlegvnLFso4j_kAzoaEkybf5iwpyPKNVnVG96zJ9MRPUHFYvrZRrDwzXOAIeF4UJOnCR6SdG87cc2oa2gvDmJj3LJ2BWZZ3fDf4iB9U85D61bSIKeimVb9CETYMkx33lm_qvEz9esXozqP39n8vltvUa6eWHvQwtINJwS2yiEMB_osy3s5dz4PvfK9WX7IoXjy9RQHzn_Ti3gkMCkXn1ojjP2LMI8JoI_mG_J2dMuvrCyskxelWMyn_zPITlGlrR2QmHCtlQ5FEpq7o-D_2rnPl3NhMsu7JtoxNDqZEwTjS4DYQuu9uFgkYyFRk9Cr16L0JkNRaBkWY06JMZJPJ-kOhNe4RXqcAkERp1JNW7aSenEXFR-RgR-PcPPVG1H3TjW_8Obvhpq-8HJqixV-d-rbx7QelXwM1a3f7PriAyNH-JqApWfpR2NU5kT6SP1meYoCD8VmFsWEniNUettp1sHdz5600ojGi228e0NVsDFjhqSRD4awkZHoZXEV09p8_P_-VoWgrdw5xT0Cuj4H9dzKqCyjPCSNYAutakJOpBhK0-PABacfYtpbIOfRCBmTdW1DO2SjDmj51MJrvJh0YyHZp-V9CoGuorSCCn0qXbER_UoCHa6OU9GSLBSwUjPLQZsJb0_HHyhI3FzrBjDoqcTU6lXgYWKp9NNV8Q_k-dHdTCEAeHFEWmchaJeXmnsABPA95Dn3-Yt2eUvJ5asBXNXjuCuNBz4nRLjvSOHVADtq64uZz0W_k00L7lbVolbjEzHVBq2wsy_Qoq2xPpiotXMEyxTtIgEBfAG-HWbrvxP1c-e_DTYXmJXCElE_9zJoOUW3HG0agmLBqY0nGKGHDtB4RO-Lkq0XQtcldoXDBtrrzENOnEo7DDswPAyGhhApHWKYW1i9Q6tb-ilz6D4kikZtBjjMjTDoPa6piVs_E6tlDVPapIB_yniiW_b4lcAYrMCNf80nlcQHLG5b5Nyd-fsZJpYV2Okp3zoB3ZTh4ChfRYxOzPcAE_8Bx7LnPEfffjNwOYMl-Ydj6B5VMcbAfBwx32eE2GUyvkyAMq39OlKJ1YSlDC0sPBcL-9oWxI88DUgc74i4MSXxKOQI6yTj148xfKKgidWFt6Lh4lByWyQqyA_7MYnplymZA4BFirhc71j_5XoWODcAC5IbL_cBwCM4LidyvEvvfH6BG0Qw2zgjyH_yjgQ2SqBiBLOFizDky59RkPPcoH3nWbTdQDtDZ2AJPMETXZCrQoDFrrmVJXmdDvfY-vLlNPyUyc0t2ezZezuj2i8Ri4glXx35IgntoZvDzwTCs9LlzDmVB63ahFXBK949wv5b2FupggoAkUPW7FSNFUpGdEVV8EYuiy49UM8Y3GbXalu4Hg_tCYO1OUEdPhGD8_nPgR6lmgcx9Dk9PQn6G8nB8BKog3riEr1UqB0K_kykOTu-Z4ntDn2mWh_UeiD686i8Y3ntDp7TWOt4IZe_e7-aVWFE1qrNkl3f78xQ7ajgEvLkdzs5a-ZgruWltThFACsO1ht7seIbxtNF9kibm0SdRFKvvfWjPs3eKDH7rg-QgCpbLYWjMxKzNq5b-PDojWgWiTzHtwSj83Jl0kOZ9yxHxQz4hhRIbzPeNMtgIflLkdJMPjlHMoYzwBPCLG8RRWBjFEbomHauR5tNuNqiRVx0dwv-qb4Dm_Tw3BS0s_lYHCjqz8v0Q5pZn7XrNQ9SMFBnpmzJSCj_oBVaXJbn33ei7h5fDMPh2WWi4CaiiIXHbrjhnwV9afVdhbBvUEUbBW_qwvM9qISq5ucGQZoOlO8ZcbjwzEhng9bAqQwKU1LEEoIpd2HQpOJGm215D2ZohHgJpYIj61CpRxYsD5KboeLiX-OnF7Cqm5aXp9NQNqgTxHWUN26TH6NK7U6S_0eLCKRe0WFiOM0dAMNqKW4t5GsngfzNQL2aQ1BW1w_siXnbTujI75TdP79INhMC1tZrtrN_YzzyVQaxV_CjA7TUZobzEg3L5pmq-Y4_1MFMlT3XjYagzkuaV9SnEjRzjnLiSKz282LBpQWrtkcn80ooljulCC0Si-ZcxBAzfgBu8_aQ-57qM1g9KHflmnJXnqz812W3WryYsflFCYt4W_1t6wRsWbVV6HgaNsvLtl9dhcwNCnXBxH6tWC066GZGBMeOQqJTBCeaEZfU1rNfr7gevfeDI6puKeoEjTZSd3cpBvsMr9B1tNNyjvo_vOVj2A6oxBpOy2xBchE7sOKjjLyeLSdCg3vWIr3KTJjzfaZsnE4KZqAIG8jWSv8E4tpgKMIXsuaRwFbPSjF32DT78o04AURIW0XbyxZSddAqZXBFYcdJJavyIRHanbiIuyuhGgoUBO27Ed3aca-yvADMX86kIYXQj5I6QczhMWOqjfiljhRw6D322k2mduyXyks9LrEf2eXiv1NeIxir2pgCbacFEYOIah6YvlgOnrXkCyYnSURwDH1I6F3J5eWvwnNsHtDnEscNYW9Xapf2jat7UHcHsqNnhFf6aI81KrYUQiW0R6Mqu3C7pNfrZu-qZ_A1yoA1T0IqwRxfO4XQKICxkiUv_JyXhXgsuG4ev95yM0aMsm2VEWS0OhiwaIis5Qw_shh4aESP-ZkLUBb6Qc9gEWDElmeAkeytcIR9sP82xsmXpMkHliBcJDIaCgY8BF1xTs5I45UT8jkBtkZ_5c7dpnHfa0uGgeaYrhfkwNuJZYShbQ2T7SGsMCqPzK44y4jnYd_yJRworLTh1PCRtWIz_uax2rkObbc&cid=CAASFeRoOZ0sikO69vWCQFR15bdpVE-oXg&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f2f57919bf8840558eaf4e0c39ee737777b6112891d6d0f172cad5066aae593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13107
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EF8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CUEP_v5Dh9uq3QGzWIghncRh82I3LdRGW6ukmzuftWL664r1-Yfkr3Dx8tvyJGLS7fSwCIgLjpVJdckuyMXUdpYr6O_LAlEg_iVosKyKvDe_tfBjM
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame 7EF8 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad13.adfarm1.adition.com/ Frame 7EF8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/js?wp_id=4285696&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCkLWWu9BzYZjUAf-yx_AP37-a2A-vhYvOZK3DwJTkDvAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgT0AU_QURb3ZxVikSN_gyn7lQPi6rC7yMWo_gMCXEPAhLH7fSqCLQ3n2B9qB9Xe0CeB2awyPAU9uEuLHhplSTwgpK_-7KMYObZIS6ukPbT_9Z0mLVElRCNLUlp45gQltFSszO1DxD1IJXBmkHH1LKW0F754guGfay3TDIj7epkOFqv80shMKQR-NQmCY31lIRz_P2B7v4Fa7e4gQdSNCl5Tl2-bKhYCeiDCDrf7QJsujel_-Y607KTYQa5XUMF9pot6RYjAddXMQTugiJcu-JPAVe0qTXXdPjEoBWBr8YZNVSLFLT_PPw91dhd3U8d5RnNGLN53v17ABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzc2NjAxNDM0NzQyMjcyNYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOZ0sikO69vWCQFR15bdpVE-oXg%26sig%3DAOD64_08MY9Wjxsp6DbP-qVdFegdZ2QDVg%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-BUV0ZrQZowvkU6wOslafxTvRA22UhVwaRGZbjmTIzHjH-_0R1XItvcU7ct1evl8tl7774jeLgN44qNBkpRZNqy1iMdD56cI7lcqanm6NP7KAiUBmK4ZB0M0ApFya0djC6X1B-DMqYiP53IPWm5DidHeZY6LQ%26cry%3D1%26dbm_d%3DAKAmf-AALI0WxZVZlJZ1tt4WLBrlhoI7nd1-FeqB1SGNxXwIDfQUYjGqwbzay_2lyrIWGxS-d2Ez8DP--Jdw53bgJie2-tkZKXIWvCWToHrvX_dP1zHvLgNwAWK9JvK1y0ddA_G16y0-f_tBqUNsdiqi4P55Rgkk5Hx4vG70SBXxwx7fcFQIhb2ZkImtZAXHWcE272fyCpYSKcus3IMMf_5-Lw5iCrdFdxBhOUWgMUGeAqEpvKft7yBeoPHInbNJ1O7x6TysxXHN2YP3Pw9P3z7fMRSahogUzyKCHP4hK5D5l5_HrCyjPzotVUnGMIi_59yRlgexNO1lAfYPSEjTlZBU5png3wDAQoEeQoxufNCjPs-V3amZVF-1vOElyrDA_2FlouwBcB5AxP2KjbP1fhPqegy5eYDG_LpKldSeAIHvyAb8yRh9PWpWSv1BebIAZEnLxmTo5zA3%26adurl%3D
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
2e818cf57dc5dab70b4f8a2b4da51415dac691f3abfd3c570e2f0fb1767e615c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:07:08 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 7EF8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 08:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 08:57:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7EF8 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 09:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 7EF8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:06:35 GMT
l
www.google.com/ads/measurement/ Frame 7EF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRY47iV0Eo3wbur4r202v_uQQHeTEFO86DMu_3y1VGwwDSoK4xaH-gds_orErLRredvNJdrH7eDtIoM-evUr0kUjXH8Eg
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame D79D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwSrZgq-g4DyDJDcSqsAYdAhEIQHPZaVgg1nIibOUg5MSzDcE-1x-Vab1VepDzqyJqrOmfXLnC58hYMe2LOh9MTGQ9_On05OxlDvn9f_qvBSgzy56-IiZTKt-J6RfUyZCsOS6F3LwoyP2vYbpNlDAh8328iA&cry=1&dbm_d=AKAmf-D1qp48yaROu7UysIhiA4nEmS4_NKT5FYaTGxhve4apK-0_nlvb7N_6Hzdm7Cisd8Rqq7RS1cG3GCGZxBk00QJVxlsofVZBHTpzcxqJkit7TOhBNat93OVc3OW7CBMcfvob8QlIrx2IJksUEY7D2wVJglALDSaN0FponzB7x_yXsACD9FYfmQAReRJyBzBIM93uMeP4JyE8ywBSpJamfNNur-fqspz0jxeg6UM6se9-4J0SQE-XWosnych0wvwlcT7doOj12w0Ee9o_ZTOfUN0DE5gyNl4DKpYgxHaH_eG53fXXqErpYvIdIT2Hx-ZgODgASYrQRN_jUlIeHQQOQH_ZdIguAwy68hxZCEBy7a3PwpRJCWZvmiXj-CsAOj4ORfyyvj6LnYFqKUi9-kyAatzVaRNG5IJqkg8Az7u2vM9GPUKF7xcAEhwTKHFcCaXIE4N7Zvli7DlpfTKIzt9qZUPUlBWCGO7dK_xuQad0I65IHkaMmBIW1wAAtNCQ_9NvpK4c6alRb-Hv8AFHEWrL58ZUT4pYlUvJ1HfJ--tkWY4fZaXsIRFA6ILWtoFJ131UN3A4JV6lSDdw3nAz6OPmdWHk_eTLfqeZWYNHCxZ0Z_0pAprEz-ODmck0nXHaZZaFHaI60FPTlP9zptxP4YAiT6gplpfNa3Jk-FzNzVbIzbgcgGuYPFBU6C6yi8Y-ZP45j46QwEClBChyM8yQlat7FOCFgtuZkLZN0sUhf7TUrP96c99ZWoqO5GjI8RM824MmeLAAbvucwK5liC8mI0rrQgyWogxDP5wM5FD_hOI3ujqV5y6u77-iYDkay5aXC_s2wOjo1zM00msHF1Rz4hUza4jeSnPt5AXM8CCMwg_9gPJ9srwQBgGIQnbLpbcIzfHl0bu16umbyuoF44lXvWPuYm03zYDvgYqSAJEVDI5uZ6Q7EVP3hCbx9dJrnI6_bFQuDqcpthxUGf-rvWQuGX6HcXyHmDmNS_MvSB2IcxGOdadLhYLCYWE4i8SaDtmbeoHaaNH0hP9r4ZeasYKJtW5xIx6fvA_fJtqRry3wNv83sWJyUqYV3Zm6aPpI7ytiKqsxmDcag6reGGytvzWaSBwPU_rCcXRi2lIX5K9RnWUSa40NDhELuAotFiD4aL7XvZodbCGTgLMJzxhgL9RVnyzkwvNd3iFonpVOtiA0kQm8u6QLonLqUNbdIISq0VcchxllAvtRdY3zILw7cnaZiggN7OZkf5l20NvDD2QeYPIDY5x4M-YbfhDzjffMrFKea6iqFhPvy5eb3P3KXX9N0558IORheGMMYlRwteXeKFgXnKXf2_tjFHlJxfTlIC0Vcaj0RsCIGehLvsguiQqkiqapULKXg7h5PgkDy03hbtsv_-RrWb_JljJZY4EujU9eRJSahYjPSvxB17S32uXn0ABDbFuGwNgDj4ysquqet6nUQG2kXZqMiw_ugt7vSKclEBISRKakBirurdsF-aOUq0X0KAORDngt9xDgxHlMnjItE75ujWDJNRezFhVs8bYyQvTYIf6x4AKrQzf7Dhdf5RfAHhQL3TJx6aFYuq8g28e4e17uWI_7_n5dDfwEtw_CgiKtrxZI3DqJZ87K1u28347D7mzNM3flqmYVfhZmUMVGAqKbswsdOx4JlIWHQGHKTHqPCQS5kRwCtIVmunWKWpC831HqW8Qu_lkZRRpqYItY8T240UGBN-6VVsRqMQ6BTRI-1fP7H2sXD_oSugSvNccjJFn7Vx4Qy5S76z-e7pdVqYHLRYq1Al84XcomTsdTOhFgQ859T1MmeWbUFW2_0RirfJ_qQaFDHcyoTGrR0suNC6bRMNW5-FoGtmofF2t5hUKJiWjOYZCEJzhGIrBuqxELUm4NZ36JKUfppYtnwOvfb_eDN64aPdLpcmZinrFNdwcTV-NiYBws6N2afxUA3h223zPUctyU_ujPJGZLe41jyQi4iD5dGao0Rw2M18xxeXII_jRuLwDNHbhy5SRoKO7RoSAOd3ZcHJ09lb94hLEWO0grt64_QGUS5PGwHTOe8FvHAMiUzYaT0e64BKdiU1z2I4D9mzcIL0vV5uM8P7QYqprJYC3ukjolzqJn1wm426D01wVgwCiFEoCreYAuj3t-5HhcyFqc3R9EGQByR7edOn6jO2157cI0B5TUdsJ_Am-ezLkyXkBgg5aos2abbCp3UYvVQ9f2OJqi_VfjcteuUyJugwgxEvvIuBFzle2Jd-TTDC8ivzChBzY85gJjnz5EciWESTOWe1QO8jP1n862E6fEjh8ONAloXCgNx8rL8TyjLO-f-jIr2xLoPY57kni3LejQhCZ-G2Hj0d2Fg3Ha-7KAyoMd2LxYhyvg9n5gZQwp_5CECpksCB2abBl1scOa_5wsAOB5IHRKsNxSqUP2sLEoDzpTMchdGvZCNB7C2M9iquz2W2gAI6Pd6J3StdYNeKUbDvr6vdIKmOYSS3nfmvfeBM6wiEAR-Y0VJj5_JYO7wlqDzAeC3Xgjw8h_F36l1r9jMFP8EgE6gQlpI6qhFQxZNZihqo5TfzfcCIlX8nrPEPIkcsaBNuBuMQO9LGR__-0Z4sN9KjypSTUmgWf3MQaBejUQZPVnCSJ73SnFY-_l4KiAkJZJ-cwFHXAJ1wVZTPp0tpQ7JlsPHd1Nr8prhX_fuFolrb8c1D_G5Zh0vLD8Y5r-pbNEK8CSOEW9zZ2vi5CGSK-uGTCmonFRK0EOl6TI5_BLAK3xt-bjjboajlX3B-xmwLZgwJH-blIYMBUF5bynVxC9CiXZ9zI3pTCAvQHxzyAxCo4swf0bM5S8_zNIc_nINgtUq16MCVTolpCIJYYflypleTen1jG1FLNBYobOUrqMGfP1kMp7F6bL7NiSG8b9z0TljY_yVCI6GXYIDb_k5IJw9-YimTG0CUjROsMoICzT-wJep4v9VN_E2l2xXZKvNSQ7jd05PuF_lWjhPsOkd4NBOC6mRZbHRs9t7CKouiNZVa2Ua4M7FzLsuaC-Pe9uKJ7WfWHTSQ6hnJjEpsd5V-pe-BHQCpCD2RS-qQio38T2_ObdwjN6JsuYCDe3YPj-6ijQbRuJpMSp2ZYzYYiSaWBgRMlO1VYosXwjookzG14FPoOk1-Xl21bDxOr8howM34BLOstYu2d8fHopQxZZT9TdMS-vbPJZTWfFzzcnbg6f3Mt4WnA_phZp9djL8j60g9soyT3rF2ipfhks8hcWRAmChzVYnLqtJknimRv-67JiKEynRyFr8pguEZd3KvLIY9AveMQ-3BtqHYbMJaW7Ngkgzf-CHQVa7XTzUGxMYTmmA-4&cid=CAASFeRobLptMq0O1nXld93VJzc1oduv-A&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:05:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D79D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwSrZgq-g4DyDJDcSqsAYdAhEIQHPZaVgg1nIibOUg5MSzDcE-1x-Vab1VepDzqyJqrOmfXLnC58hYMe2LOh9MTGQ9_On05OxlDvn9f_qvBSgzy56-IiZTKt-J6RfUyZCsOS6F3LwoyP2vYbpNlDAh8328iA&cry=1&dbm_d=AKAmf-D1qp48yaROu7UysIhiA4nEmS4_NKT5FYaTGxhve4apK-0_nlvb7N_6Hzdm7Cisd8Rqq7RS1cG3GCGZxBk00QJVxlsofVZBHTpzcxqJkit7TOhBNat93OVc3OW7CBMcfvob8QlIrx2IJksUEY7D2wVJglALDSaN0FponzB7x_yXsACD9FYfmQAReRJyBzBIM93uMeP4JyE8ywBSpJamfNNur-fqspz0jxeg6UM6se9-4J0SQE-XWosnych0wvwlcT7doOj12w0Ee9o_ZTOfUN0DE5gyNl4DKpYgxHaH_eG53fXXqErpYvIdIT2Hx-ZgODgASYrQRN_jUlIeHQQOQH_ZdIguAwy68hxZCEBy7a3PwpRJCWZvmiXj-CsAOj4ORfyyvj6LnYFqKUi9-kyAatzVaRNG5IJqkg8Az7u2vM9GPUKF7xcAEhwTKHFcCaXIE4N7Zvli7DlpfTKIzt9qZUPUlBWCGO7dK_xuQad0I65IHkaMmBIW1wAAtNCQ_9NvpK4c6alRb-Hv8AFHEWrL58ZUT4pYlUvJ1HfJ--tkWY4fZaXsIRFA6ILWtoFJ131UN3A4JV6lSDdw3nAz6OPmdWHk_eTLfqeZWYNHCxZ0Z_0pAprEz-ODmck0nXHaZZaFHaI60FPTlP9zptxP4YAiT6gplpfNa3Jk-FzNzVbIzbgcgGuYPFBU6C6yi8Y-ZP45j46QwEClBChyM8yQlat7FOCFgtuZkLZN0sUhf7TUrP96c99ZWoqO5GjI8RM824MmeLAAbvucwK5liC8mI0rrQgyWogxDP5wM5FD_hOI3ujqV5y6u77-iYDkay5aXC_s2wOjo1zM00msHF1Rz4hUza4jeSnPt5AXM8CCMwg_9gPJ9srwQBgGIQnbLpbcIzfHl0bu16umbyuoF44lXvWPuYm03zYDvgYqSAJEVDI5uZ6Q7EVP3hCbx9dJrnI6_bFQuDqcpthxUGf-rvWQuGX6HcXyHmDmNS_MvSB2IcxGOdadLhYLCYWE4i8SaDtmbeoHaaNH0hP9r4ZeasYKJtW5xIx6fvA_fJtqRry3wNv83sWJyUqYV3Zm6aPpI7ytiKqsxmDcag6reGGytvzWaSBwPU_rCcXRi2lIX5K9RnWUSa40NDhELuAotFiD4aL7XvZodbCGTgLMJzxhgL9RVnyzkwvNd3iFonpVOtiA0kQm8u6QLonLqUNbdIISq0VcchxllAvtRdY3zILw7cnaZiggN7OZkf5l20NvDD2QeYPIDY5x4M-YbfhDzjffMrFKea6iqFhPvy5eb3P3KXX9N0558IORheGMMYlRwteXeKFgXnKXf2_tjFHlJxfTlIC0Vcaj0RsCIGehLvsguiQqkiqapULKXg7h5PgkDy03hbtsv_-RrWb_JljJZY4EujU9eRJSahYjPSvxB17S32uXn0ABDbFuGwNgDj4ysquqet6nUQG2kXZqMiw_ugt7vSKclEBISRKakBirurdsF-aOUq0X0KAORDngt9xDgxHlMnjItE75ujWDJNRezFhVs8bYyQvTYIf6x4AKrQzf7Dhdf5RfAHhQL3TJx6aFYuq8g28e4e17uWI_7_n5dDfwEtw_CgiKtrxZI3DqJZ87K1u28347D7mzNM3flqmYVfhZmUMVGAqKbswsdOx4JlIWHQGHKTHqPCQS5kRwCtIVmunWKWpC831HqW8Qu_lkZRRpqYItY8T240UGBN-6VVsRqMQ6BTRI-1fP7H2sXD_oSugSvNccjJFn7Vx4Qy5S76z-e7pdVqYHLRYq1Al84XcomTsdTOhFgQ859T1MmeWbUFW2_0RirfJ_qQaFDHcyoTGrR0suNC6bRMNW5-FoGtmofF2t5hUKJiWjOYZCEJzhGIrBuqxELUm4NZ36JKUfppYtnwOvfb_eDN64aPdLpcmZinrFNdwcTV-NiYBws6N2afxUA3h223zPUctyU_ujPJGZLe41jyQi4iD5dGao0Rw2M18xxeXII_jRuLwDNHbhy5SRoKO7RoSAOd3ZcHJ09lb94hLEWO0grt64_QGUS5PGwHTOe8FvHAMiUzYaT0e64BKdiU1z2I4D9mzcIL0vV5uM8P7QYqprJYC3ukjolzqJn1wm426D01wVgwCiFEoCreYAuj3t-5HhcyFqc3R9EGQByR7edOn6jO2157cI0B5TUdsJ_Am-ezLkyXkBgg5aos2abbCp3UYvVQ9f2OJqi_VfjcteuUyJugwgxEvvIuBFzle2Jd-TTDC8ivzChBzY85gJjnz5EciWESTOWe1QO8jP1n862E6fEjh8ONAloXCgNx8rL8TyjLO-f-jIr2xLoPY57kni3LejQhCZ-G2Hj0d2Fg3Ha-7KAyoMd2LxYhyvg9n5gZQwp_5CECpksCB2abBl1scOa_5wsAOB5IHRKsNxSqUP2sLEoDzpTMchdGvZCNB7C2M9iquz2W2gAI6Pd6J3StdYNeKUbDvr6vdIKmOYSS3nfmvfeBM6wiEAR-Y0VJj5_JYO7wlqDzAeC3Xgjw8h_F36l1r9jMFP8EgE6gQlpI6qhFQxZNZihqo5TfzfcCIlX8nrPEPIkcsaBNuBuMQO9LGR__-0Z4sN9KjypSTUmgWf3MQaBejUQZPVnCSJ73SnFY-_l4KiAkJZJ-cwFHXAJ1wVZTPp0tpQ7JlsPHd1Nr8prhX_fuFolrb8c1D_G5Zh0vLD8Y5r-pbNEK8CSOEW9zZ2vi5CGSK-uGTCmonFRK0EOl6TI5_BLAK3xt-bjjboajlX3B-xmwLZgwJH-blIYMBUF5bynVxC9CiXZ9zI3pTCAvQHxzyAxCo4swf0bM5S8_zNIc_nINgtUq16MCVTolpCIJYYflypleTen1jG1FLNBYobOUrqMGfP1kMp7F6bL7NiSG8b9z0TljY_yVCI6GXYIDb_k5IJw9-YimTG0CUjROsMoICzT-wJep4v9VN_E2l2xXZKvNSQ7jd05PuF_lWjhPsOkd4NBOC6mRZbHRs9t7CKouiNZVa2Ua4M7FzLsuaC-Pe9uKJ7WfWHTSQ6hnJjEpsd5V-pe-BHQCpCD2RS-qQio38T2_ObdwjN6JsuYCDe3YPj-6ijQbRuJpMSp2ZYzYYiSaWBgRMlO1VYosXwjookzG14FPoOk1-Xl21bDxOr8howM34BLOstYu2d8fHopQxZZT9TdMS-vbPJZTWfFzzcnbg6f3Mt4WnA_phZp9djL8j60g9soyT3rF2ipfhks8hcWRAmChzVYnLqtJknimRv-67JiKEynRyFr8pguEZd3KvLIY9AveMQ-3BtqHYbMJaW7Ngkgzf-CHQVa7XTzUGxMYTmmA-4&cid=CAASFeRobLptMq0O1nXld93VJzc1oduv-A&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
truncated
/ Frame 323D 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afc672ca263cf8787af8987aa3aca761cc56fb4b00b9c71af4a91a0f3c729b31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F64 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf850f4ecded897ed197b5cf4657f60f2f63b17949316ecf3425c0f0c8d00749

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 323D 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 05:28:40 GMT
x-content-type-options
nosniff
age
185908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 05:28:40 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 3F64 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 05:28:40 GMT
x-content-type-options
nosniff
age
185908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 05:28:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 83B5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk00UOZGpJcQp1R6Rmad4AT-rXtfDORp6iv6QyNHR2e3Rab3RUBUAckkqIMm45pSwA3sNquIugbZcy6DLaqZi2DNA-IICIp5OVBNYS15izQYjBcp750YsOmZiWnm9WCiNqu6SkRZkD3hu7z0FKcR6f8O9cLA&cry=1&dbm_d=AKAmf-Czano_7wnp9ppa-QjJv3Ob8A1yeXVYDGoHjuBGYGGRaJ6OR4iq88NKWvitSTpDZ0oonOfS_A8fSmtZULE60eWjaDq5b5p7lyDdf_vOcmFaoX09iHh24nof-H3NhAJldzXgXep9I5gqFs2D2nJaCPi9-eUbqBU0ybtfmLyXD-VdxDu_2ydW7xnLQafyGmh91yGwNxJ-oYyjXowunrCxtCkOsveedjdltNunyEQir4uRfnUO5gFslXKO9joW6tbvzzJKZik6GpbQyUGTqtnueO9nyIIaUbTfom3OB6N9eN7fED7MjCEPaAs8v_D3YUc3o-Av3nKdIGgwIWCKbRFm1VqP3wnhanh7gED-bj-lTqdSscON5gSA_9WVrc0Km-RldUCkIpvUvukgiQNT4rhltPVMRyNRw7b0n39tjr6i81uWzOMoyW1QRnNXxGkNGv88lenFPOf2AyXKoY1Oijm03qdOirJWWTq01P1i1h-r1jzWxjc3fNAJ7qDZT8TCZDkxqlekaG-LRpF_YzVqieRR5yPMNpcPuLJYkMvz9fvtr2-tdk4v-InXDTFj9552rDtoOiNF2E8QFZYAzuVpfTas6IJLte1b78JbsYCDTVVZnPpN1Fk4FX_6VpPz0jVGvNcueAhgml0hGFyIb5ju0AaAgh1FXULacxtoCFEPk_J2gE38MgRCwrS1X_ejgZ5n2B92SK2cJisfxNwjGtUk-2SbLxvMPxv3dhDACdlh9nTnoWz8hbgL0bELyD-LZ1b9c8b8dsfxbTfQKKAt5x5mXkd3QZVo805wmAy9xmiGoXyP1RoxODNg1GChM5FUdHcJ_lsnI4IZuYIGLYCcvaOkNKmP6o1d8t1WA7O6I0Aw-UOmfvvlyXd8nuYq7VAWDiw3y-Thp-vKFxZmDYEjDJyEoXWNq9Ejm0-DfvyEeKTZx8HgXjqbyDFGIic7kjqiI3Q9uT1Q4Nbt5vak1tMkbHM_DjYBN8gyB6HS5cyOp_a5M8dQC3y6wXFUJN0qkOit9fWDSil6TlaUGdUvZfOHgnp8AxXjdumfOwbYkvWK_Ai--AqPVe1uJZ9idI87nqYoODg5Tvl1bROOSCSvupfQXfgkyQ8yOMqD1qT1t6DIar30DdswBxatdmvOarYmgeOz0_lXfzaUrgWC9G_wopLZwVTjb6SuexCsTZtE5LHzDRVydYob5Jqtns7QAdjeMSfAwzUXfAFKAc0NkCKEn9zJrl-40y8RsRQSgCwrQ4wmPTPUwoz_gG-_wL3Syqpg9N-tdItTC-DlZsEgpbW3CslthgVDFPIcbnhuy81DU4nHHYTgfdPPON7xCoE6MJ2QP8r8eXpxfOVq2tWFJl44rO4ADy-FMeZou20i5u4YRJK5TMnY7H99Dpl-QdqFCI6sTrpHX4N_L1Msd0aBwlKHCPwhTKiQpemPULMlq_i-w7FmsEvuH-KaiklbToVes7HP7kmIgUddcd8ac-2ZkL5oM9XG0kEK5bWY5ebM3Vc0BDCU_0nJBwAODsnWKMXIqoZOc0OHCTgs8JoVxswoC53KGc9xSdyfJuoWx2t-qRO-wQOc81Z8nH6q1Ar8AF21Zd6dV47ks0ioFbbVDH8Ph6Q6Y_H83uYjbHP5MWQ03RmV0S_AhOVH6lCvM4lB7oTC0pmZ8uqJSyJZO2CuVpdHuECC1u5zwCNujoVQDQo0qhTkDQMm1Oj9ugRVWCznsWk8aeJ4uMF7-x0ESzpV3XOUz-W4av3Qfdq1CbMVdzmRA6_SJRmy2AR6Jfq8zMunaSA52TQNBxEIejwpiUX1cMZmxF89yUxS0zrZVTZ0xP1XWH8FfjbOFJWTiCzMQHe9KHGvqmsi-Gh9Svs4HUVrXX26KDz5qeTAdRS5qvXsQWrJuNZlYUt4ouMF403Z-XBizWOrLQONq-pJgfisRTz5Z8UJlHBwiF9jRyYjMsQgCPi3jCD81754GBv4ygnLscq35N7asBkQxja9AxbiF3w1KbGBc3v6zZbHe18t2IvputvSjpXzlZ9J0rq1rPHiURT3oHTQZO3xsgd2MisH5oQPFxp95otLHnZeJCLku4KqgHA1OSm1CiBFJB8h3xRvd5CEkbyOfO6s4AsH0xHXqoPFYpVUBE1BuIOwAxEhiqpGK3-jqVyJPr2M9F4JWXgBVVS5HxUlSUl048tEzgIzIQ7rZEnEVaF5Cu45EYsZ0_tUzPZOcWilaqW5FVExB4DijG3REqwSIEOHwY2BxzexbNhs8VxwtS7xsnnmij_amhtGgReySUe7UcZ2mUCHr96XfZhqgfgPsSXFAvOiJm3paikncMrlqhz7X2fVjF_XOMUFzrBuBtBT3PaIlCd6_UxJ98mmss55CBhda3Q26tTYRAdaCaoXIMxjKWdU_bjBG-ioI0U2tnD1bdg-NWKC6C6x82VIBO3PCZKxitH3-Qao_mnm0mZBxeI1g0xIvEC4KNFkM5I3ey2eSNnsoas8xwZIav6qowaGrdqOC1pV2Oa6_oXEQx5dYss9ifqfgaICptKH4u_sgxBXPuZOXRGAWdc-5IT6XdlQZOpf80YbjgOpGgQQz4O9bKFZRLFjZyK94bK2TwPA6s6Kbw96G-2_WF7Q5bPnCBO69JF3-Mk3ACi5XWAifv7FGketwmR9LZ_A2vN-0jEmlWjc85iI7SMzEWVuMAHvcg3qF_00bbYfe7C1lxPg7jhn9L9PcShURzeCW-xMAYWb5wFXaezNrBfpUTp0eKqo7DeIVUzCQ67OzTVwuSvxDhHibgX5XBebtdh9jJCQLMctWNK6cHtORSz8g-ms-rwMuFq-XCPE_qvl9wcHQW3gYlcZcMzHR0OmFx_PyZGUMXWV4Qo6VedZzWWiN_F1upQD8Ks3PBsawE-StFy6fI_-DlQaZ2F6fq-8zihVzHQOaNPDNS__daZ4wTxxv36SDO6WW4VNq3loTM_L_2tWQ8kXnID7W7iNYeyH1K_ZEfF9FLLfiUuY1z3jZ3p9vaLKZX0yLwhnbnlZZ6RE_xlRW-RK8CRbK1CVhDHcIruakXujGlFYAZA1M6amnW6nf35MvHTekbamwGdFrtCXVJaGH_9Vo4Oexd7nNNeiGPz2VQMphuS5VyDEJsd5WrjD3IWJWWaHUVpu2-8MEIcO12xUJaBflYk9i5Ut_SB4h_C9WL91rFiMnHZnA-MKa4o889po44kUd1Ya0qjFGo_bOKiYnH2avIMFDd89ZnWU_-Y1YPff5J27JmqYLvkjJzQ4f4Kj8XXt8Fmfjo5_2kjxmavoCMmZ6xZ9KTX1HBvOYYD3OOm4R5Z00O6nAlyWDl7eQDeXkK2Ckfp89bDYUsPFT8WCqnHkJbcQg0mkIPq5-ZWsFNjkjUd6lX-kVoUwni0fKmn4Yobev83IFRnVgBf7BXjnnZflXBLhiwAa0aEr0xhZo3fQIGrBeFwVUg&cid=CAASFeRoGAgTdaf2x9FbimiBPhd9qFmL_g&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:05:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 83B5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk00UOZGpJcQp1R6Rmad4AT-rXtfDORp6iv6QyNHR2e3Rab3RUBUAckkqIMm45pSwA3sNquIugbZcy6DLaqZi2DNA-IICIp5OVBNYS15izQYjBcp750YsOmZiWnm9WCiNqu6SkRZkD3hu7z0FKcR6f8O9cLA&cry=1&dbm_d=AKAmf-Czano_7wnp9ppa-QjJv3Ob8A1yeXVYDGoHjuBGYGGRaJ6OR4iq88NKWvitSTpDZ0oonOfS_A8fSmtZULE60eWjaDq5b5p7lyDdf_vOcmFaoX09iHh24nof-H3NhAJldzXgXep9I5gqFs2D2nJaCPi9-eUbqBU0ybtfmLyXD-VdxDu_2ydW7xnLQafyGmh91yGwNxJ-oYyjXowunrCxtCkOsveedjdltNunyEQir4uRfnUO5gFslXKO9joW6tbvzzJKZik6GpbQyUGTqtnueO9nyIIaUbTfom3OB6N9eN7fED7MjCEPaAs8v_D3YUc3o-Av3nKdIGgwIWCKbRFm1VqP3wnhanh7gED-bj-lTqdSscON5gSA_9WVrc0Km-RldUCkIpvUvukgiQNT4rhltPVMRyNRw7b0n39tjr6i81uWzOMoyW1QRnNXxGkNGv88lenFPOf2AyXKoY1Oijm03qdOirJWWTq01P1i1h-r1jzWxjc3fNAJ7qDZT8TCZDkxqlekaG-LRpF_YzVqieRR5yPMNpcPuLJYkMvz9fvtr2-tdk4v-InXDTFj9552rDtoOiNF2E8QFZYAzuVpfTas6IJLte1b78JbsYCDTVVZnPpN1Fk4FX_6VpPz0jVGvNcueAhgml0hGFyIb5ju0AaAgh1FXULacxtoCFEPk_J2gE38MgRCwrS1X_ejgZ5n2B92SK2cJisfxNwjGtUk-2SbLxvMPxv3dhDACdlh9nTnoWz8hbgL0bELyD-LZ1b9c8b8dsfxbTfQKKAt5x5mXkd3QZVo805wmAy9xmiGoXyP1RoxODNg1GChM5FUdHcJ_lsnI4IZuYIGLYCcvaOkNKmP6o1d8t1WA7O6I0Aw-UOmfvvlyXd8nuYq7VAWDiw3y-Thp-vKFxZmDYEjDJyEoXWNq9Ejm0-DfvyEeKTZx8HgXjqbyDFGIic7kjqiI3Q9uT1Q4Nbt5vak1tMkbHM_DjYBN8gyB6HS5cyOp_a5M8dQC3y6wXFUJN0qkOit9fWDSil6TlaUGdUvZfOHgnp8AxXjdumfOwbYkvWK_Ai--AqPVe1uJZ9idI87nqYoODg5Tvl1bROOSCSvupfQXfgkyQ8yOMqD1qT1t6DIar30DdswBxatdmvOarYmgeOz0_lXfzaUrgWC9G_wopLZwVTjb6SuexCsTZtE5LHzDRVydYob5Jqtns7QAdjeMSfAwzUXfAFKAc0NkCKEn9zJrl-40y8RsRQSgCwrQ4wmPTPUwoz_gG-_wL3Syqpg9N-tdItTC-DlZsEgpbW3CslthgVDFPIcbnhuy81DU4nHHYTgfdPPON7xCoE6MJ2QP8r8eXpxfOVq2tWFJl44rO4ADy-FMeZou20i5u4YRJK5TMnY7H99Dpl-QdqFCI6sTrpHX4N_L1Msd0aBwlKHCPwhTKiQpemPULMlq_i-w7FmsEvuH-KaiklbToVes7HP7kmIgUddcd8ac-2ZkL5oM9XG0kEK5bWY5ebM3Vc0BDCU_0nJBwAODsnWKMXIqoZOc0OHCTgs8JoVxswoC53KGc9xSdyfJuoWx2t-qRO-wQOc81Z8nH6q1Ar8AF21Zd6dV47ks0ioFbbVDH8Ph6Q6Y_H83uYjbHP5MWQ03RmV0S_AhOVH6lCvM4lB7oTC0pmZ8uqJSyJZO2CuVpdHuECC1u5zwCNujoVQDQo0qhTkDQMm1Oj9ugRVWCznsWk8aeJ4uMF7-x0ESzpV3XOUz-W4av3Qfdq1CbMVdzmRA6_SJRmy2AR6Jfq8zMunaSA52TQNBxEIejwpiUX1cMZmxF89yUxS0zrZVTZ0xP1XWH8FfjbOFJWTiCzMQHe9KHGvqmsi-Gh9Svs4HUVrXX26KDz5qeTAdRS5qvXsQWrJuNZlYUt4ouMF403Z-XBizWOrLQONq-pJgfisRTz5Z8UJlHBwiF9jRyYjMsQgCPi3jCD81754GBv4ygnLscq35N7asBkQxja9AxbiF3w1KbGBc3v6zZbHe18t2IvputvSjpXzlZ9J0rq1rPHiURT3oHTQZO3xsgd2MisH5oQPFxp95otLHnZeJCLku4KqgHA1OSm1CiBFJB8h3xRvd5CEkbyOfO6s4AsH0xHXqoPFYpVUBE1BuIOwAxEhiqpGK3-jqVyJPr2M9F4JWXgBVVS5HxUlSUl048tEzgIzIQ7rZEnEVaF5Cu45EYsZ0_tUzPZOcWilaqW5FVExB4DijG3REqwSIEOHwY2BxzexbNhs8VxwtS7xsnnmij_amhtGgReySUe7UcZ2mUCHr96XfZhqgfgPsSXFAvOiJm3paikncMrlqhz7X2fVjF_XOMUFzrBuBtBT3PaIlCd6_UxJ98mmss55CBhda3Q26tTYRAdaCaoXIMxjKWdU_bjBG-ioI0U2tnD1bdg-NWKC6C6x82VIBO3PCZKxitH3-Qao_mnm0mZBxeI1g0xIvEC4KNFkM5I3ey2eSNnsoas8xwZIav6qowaGrdqOC1pV2Oa6_oXEQx5dYss9ifqfgaICptKH4u_sgxBXPuZOXRGAWdc-5IT6XdlQZOpf80YbjgOpGgQQz4O9bKFZRLFjZyK94bK2TwPA6s6Kbw96G-2_WF7Q5bPnCBO69JF3-Mk3ACi5XWAifv7FGketwmR9LZ_A2vN-0jEmlWjc85iI7SMzEWVuMAHvcg3qF_00bbYfe7C1lxPg7jhn9L9PcShURzeCW-xMAYWb5wFXaezNrBfpUTp0eKqo7DeIVUzCQ67OzTVwuSvxDhHibgX5XBebtdh9jJCQLMctWNK6cHtORSz8g-ms-rwMuFq-XCPE_qvl9wcHQW3gYlcZcMzHR0OmFx_PyZGUMXWV4Qo6VedZzWWiN_F1upQD8Ks3PBsawE-StFy6fI_-DlQaZ2F6fq-8zihVzHQOaNPDNS__daZ4wTxxv36SDO6WW4VNq3loTM_L_2tWQ8kXnID7W7iNYeyH1K_ZEfF9FLLfiUuY1z3jZ3p9vaLKZX0yLwhnbnlZZ6RE_xlRW-RK8CRbK1CVhDHcIruakXujGlFYAZA1M6amnW6nf35MvHTekbamwGdFrtCXVJaGH_9Vo4Oexd7nNNeiGPz2VQMphuS5VyDEJsd5WrjD3IWJWWaHUVpu2-8MEIcO12xUJaBflYk9i5Ut_SB4h_C9WL91rFiMnHZnA-MKa4o889po44kUd1Ya0qjFGo_bOKiYnH2avIMFDd89ZnWU_-Y1YPff5J27JmqYLvkjJzQ4f4Kj8XXt8Fmfjo5_2kjxmavoCMmZ6xZ9KTX1HBvOYYD3OOm4R5Z00O6nAlyWDl7eQDeXkK2Ckfp89bDYUsPFT8WCqnHkJbcQg0mkIPq5-ZWsFNjkjUd6lX-kVoUwni0fKmn4Yobev83IFRnVgBf7BXjnnZflXBLhiwAa0aEr0xhZo3fQIGrBeFwVUg&cid=CAASFeRoGAgTdaf2x9FbimiBPhd9qFmL_g&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 60BD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGs9rTYx4u6dnThWOjaQLYOu4TrPUizhgPU20yiobEUQZmzVaU_DQf5aYQslTsdxBmgPPn52cMiQF-RZyft1ZUqCSRojS_uJjzCY6g1v5TXGfhyB1MGXoDVFKadjk6CfvQZRq2f4ZGjfutsUpZrhNHvSnXgQ&cry=1&dbm_d=AKAmf-CZka4QO1ymi-ENjxj5DHJ-MUGTEM2QTu_pOsFv6JvMp6ZtFMPE4Tnin1rBdr3ZJx6N4HztHcbrNZhT9QL89KG48VtlNHXcpUw9sa65rjJqv8Ohis6aH1w_raujHS4HmxXWGX4rlJnNen2hEeyStmprqQg-VNmh6UlxbqGX4vWtsIH59agPaCEl5QTepp8NebTgv6n5z3oADw4jcommpreSTSdzxqIep-mgJIQKloF_QaT7YR4Aa8CWooR8aT5ELfMIXv128m2A6_fEsv8sOauIvey_nKI2ib3Ye1v_QBcghJeAfUGRMA4pYrZ28Rh84B_UKksoT3IE66LNjnpQJlZWIaTwZcBV29mjJhpxKJn37aE4yoZELXfJ8h7V-RZu0QAibY48kppVxKAak0O_bukZz49MhZm44aR7CCK2FGpQbudHQcuVDbWr6rvVAEQq72Z2eXzVHg385Yt-lM3dRkdGZbrmYEgNIu2qsTKivQ36GMO2C4H2uk-gYwzxpiNMGNrbX2w9nsrwbu1HSCrRMdPskJSn3io9D5c2767a0B2FE7x2-JlMZsqsUmmOHv6bVSU9L3f5RTPNifjXSKpi-9J4gOjEZm1mXscK0zwBaJ-_viHjsaEBnTcQWkZxa-Ofg2XLPXRO567_l2y2HL8hUH9z9rY0rbVztBQX27WSYPgkBQSle6v1_xiJaVZgG7iQaan6ICMAT5rih0GlpD1Xy7k4TkLj2hjPJjaNuApaXb-5cN9y1DZrBkk09Sl9HwoY0rRbWQwZV9SVA0V4KjAPiXsGlmQXSpToW5mztgX-O37z9wlOt0YhDTv5961PnaCzALFtddR05m6JNMyn5xMvZaC9qqIBD-LEoeOLj-TBQpPWvtOLVSBK8n7_jF09F1_Nq9q3oIC057etLDFgTebAMId-gC9qn5BZhfroRozHetsi81YHKdfNBteQ45TSz5bX8B4F1v7yNbF623c_OBQBta3qNqVX_CenSY2wpY4tRjGaFeycfzIaqXhrrpOz00L6Nnfsks567cb6zzlizNWyXhCZVeb-f4VlS_i-DZsnns1HTuQ9vbd1_wDcS6J4jjYtFNfh4f9oQZdqW7R92uJM1c3cLyLEXJl7e0hYZMx5nDjATBg3gIr1djQB_64xaxtqpHFrB0BXpqWnLY_qgKDjAgh_ul4e22rSJ2_8B90mwToRwv5kD_bJbLlUMZZNqHcFMnVLtjj0i9zg_eXgrT6WYFmVQPp19IwPYs8ySEZUL4gVpU8Cdp7GkT7pu8cHhUqHqt98hVt2FuL-NBTotqk_GarQTxAF10XDFsFsCb6hXA_PHGy_Wrn0hJ1HlOnaEDrQXiGt-5eYyw4ADN2uNCPmv1k82Vt14y76PA-vQ6m5B_9bJoMpDZ6Hz6xXj7cKQhhft9cnKxh1r0Veezhohi78jPkWJ7KWO7Jf1-Og8d60zoUKGcF7P4kCMkWk-k2vRJF_idzm2z7Z2TkMUbylGNUoJRqkP9MO7xnsG6NpQdMsqGIDir-nXFhUkWseFmB0A53kadkYo2Zw5ul1jTCQIu7O5Yo5JuSQezrBPh6b0VgaSs5lvZOTPYHSv61o-1FQL0LJFcR6Bkdj9h3R1f7_p3vlYOTdaJR7UJ3fzTusuDlEDXDoYomMbYNmebDQTJkNomDsiLu-WLFGtbUBcacCW2bcKNYm4s21stn5luNMdLStZn1prPp0-mpa-5TA0AYsRAAjEysAcItmhxBq6OxAMWkyeZa-TUpM1Sw37QG9o_xNol42dZ0Sd16ETHEXt9S5bd-eTYjBsgEtWVEorgUtQrIzeb_9grSVm1LY4LFnImk2wU1XemkoA1v5bHt4AJgnjyuQrD6NKeeFuScVcRDg6YuOtpb_pBciV9TAb6-d7T1QgI-72ZoCUqN366nAP5K-3YtRlGmACuidEoDBvAg9YbEOJM13GbP6Wyf2cImtbjBpWt08qSJ_f4_w2VzomqFTVPBjm_K4fs5bj3xMvSeaNDVu-HwVEY1fhCzdfGWVZxu1E1oJPZZuO5Ial2rvrGkQPYIARS7UnioVMmmsQBj-NCXP1cHky9bzuJ9Wrqt9_5vUkZkhD1-geIOWCWvALfkGU24Sc4Ng3iHYx3Q2ISqVV9_i_hoH2rNAvEVjtqnSd3DLgsGP4brf5tJMPl_QCS6jcEuQaoVVnkIBPSuarbX4NfMOGTfBfYDwe-Mx0mXUD1oOPLXspWN2a6HsaonTBSRFqmCkSLKB8Uc0ijKPYmCQIt58BfrQ8JyGUFJ9s2Sz6I0SYTfkfOsrr-WnEJQ7KXA7lW7wOCP1mFDK1jsq343XlfpSwuilBYoOna7FwqYBnwdJ5KFS1QZ5jp3KvA0mtS3gMMHCEQ5ZpGKadC9P0HqKRC1aSvvKfOmAOGxu5nVS6IFXf-GEkgjIPnVjywvRy17dVTA3NnyI17pl7eijHzzChRSTs_YuJSs6Fvg9rOTI7QR2BDLko2QZVK9SJevPfeq7yGwkCJiMBtTxBd72K6MC7ApethkY61OiKgXx_p9sxR1aEC-z879DImtO22uVpUsJpzMShW6VMEUgFRThUqcyKZZXKpBjNTJhnr2YOFRvDMDxXrkC1kgcHrKJRAhzyzxJmfXHWuXiHfTgw5hmBlAMwRiZ357Kl32Exi_Zb9nzIwktZoF5Xk--07U53RGzidU4TPHpTtUqBUtN-Vx2q1ZlFnQt3uDJO2tiNH-SEns-s8A9i3N-EvdvPd-eB-MDOvSFUMOxOxU02BBNI7A6gPdSFZjIfqkyCLL21Jh-LoHLmZrBFWB6gUCIQy4hVnnPLS_9DorewyPtF5QH3tX-E3wHRqeW4aJnJdmgs55mSdLpK_-2Dr8Orp-wHwLPuDsICUk2N2cIVYK-04TBggmW5OWqxSZS1zEoK6IDsoPLYG_s058HfpbOlGl84d6fJucnzfs6drfRDeBExJsrx_mfPU8iAH_HvNADpSXRzLv7gYJ6BLActasULFsKw0GcF4flLIYE-Kp5-mItdSDKKQf3CKbz6M8kahiKeUr2PMvEIu2ZG01J_dqrz84N8w-EYKC5XWX_DyYuX7ndia8mEroKLmJzHtGvA8qobVn4PpjuIPmFcCXU872WpUOALDEZYhxpTr0aMfirjL6N4DM8DqXTK7nFKKoPHm7iDULi8JOJzlot7nDbGkYqFAjNC0yfKvr46TyoCJ6NRRvZqd6QDMNLYSMWBNtkSXeq8ZPLC3gjHocn_-6XSJ8aV-x7zjZSWadgpnL1M-lAQl-CTVxr0gpgc1oN_foEV7BAD2ljJaoh89xCGZnQYq26xIYl_Ug&cid=CAASFeRoBF6zFQUNtGyl-GTGVtzh4SxSZQ&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:05:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 60BD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGs9rTYx4u6dnThWOjaQLYOu4TrPUizhgPU20yiobEUQZmzVaU_DQf5aYQslTsdxBmgPPn52cMiQF-RZyft1ZUqCSRojS_uJjzCY6g1v5TXGfhyB1MGXoDVFKadjk6CfvQZRq2f4ZGjfutsUpZrhNHvSnXgQ&cry=1&dbm_d=AKAmf-CZka4QO1ymi-ENjxj5DHJ-MUGTEM2QTu_pOsFv6JvMp6ZtFMPE4Tnin1rBdr3ZJx6N4HztHcbrNZhT9QL89KG48VtlNHXcpUw9sa65rjJqv8Ohis6aH1w_raujHS4HmxXWGX4rlJnNen2hEeyStmprqQg-VNmh6UlxbqGX4vWtsIH59agPaCEl5QTepp8NebTgv6n5z3oADw4jcommpreSTSdzxqIep-mgJIQKloF_QaT7YR4Aa8CWooR8aT5ELfMIXv128m2A6_fEsv8sOauIvey_nKI2ib3Ye1v_QBcghJeAfUGRMA4pYrZ28Rh84B_UKksoT3IE66LNjnpQJlZWIaTwZcBV29mjJhpxKJn37aE4yoZELXfJ8h7V-RZu0QAibY48kppVxKAak0O_bukZz49MhZm44aR7CCK2FGpQbudHQcuVDbWr6rvVAEQq72Z2eXzVHg385Yt-lM3dRkdGZbrmYEgNIu2qsTKivQ36GMO2C4H2uk-gYwzxpiNMGNrbX2w9nsrwbu1HSCrRMdPskJSn3io9D5c2767a0B2FE7x2-JlMZsqsUmmOHv6bVSU9L3f5RTPNifjXSKpi-9J4gOjEZm1mXscK0zwBaJ-_viHjsaEBnTcQWkZxa-Ofg2XLPXRO567_l2y2HL8hUH9z9rY0rbVztBQX27WSYPgkBQSle6v1_xiJaVZgG7iQaan6ICMAT5rih0GlpD1Xy7k4TkLj2hjPJjaNuApaXb-5cN9y1DZrBkk09Sl9HwoY0rRbWQwZV9SVA0V4KjAPiXsGlmQXSpToW5mztgX-O37z9wlOt0YhDTv5961PnaCzALFtddR05m6JNMyn5xMvZaC9qqIBD-LEoeOLj-TBQpPWvtOLVSBK8n7_jF09F1_Nq9q3oIC057etLDFgTebAMId-gC9qn5BZhfroRozHetsi81YHKdfNBteQ45TSz5bX8B4F1v7yNbF623c_OBQBta3qNqVX_CenSY2wpY4tRjGaFeycfzIaqXhrrpOz00L6Nnfsks567cb6zzlizNWyXhCZVeb-f4VlS_i-DZsnns1HTuQ9vbd1_wDcS6J4jjYtFNfh4f9oQZdqW7R92uJM1c3cLyLEXJl7e0hYZMx5nDjATBg3gIr1djQB_64xaxtqpHFrB0BXpqWnLY_qgKDjAgh_ul4e22rSJ2_8B90mwToRwv5kD_bJbLlUMZZNqHcFMnVLtjj0i9zg_eXgrT6WYFmVQPp19IwPYs8ySEZUL4gVpU8Cdp7GkT7pu8cHhUqHqt98hVt2FuL-NBTotqk_GarQTxAF10XDFsFsCb6hXA_PHGy_Wrn0hJ1HlOnaEDrQXiGt-5eYyw4ADN2uNCPmv1k82Vt14y76PA-vQ6m5B_9bJoMpDZ6Hz6xXj7cKQhhft9cnKxh1r0Veezhohi78jPkWJ7KWO7Jf1-Og8d60zoUKGcF7P4kCMkWk-k2vRJF_idzm2z7Z2TkMUbylGNUoJRqkP9MO7xnsG6NpQdMsqGIDir-nXFhUkWseFmB0A53kadkYo2Zw5ul1jTCQIu7O5Yo5JuSQezrBPh6b0VgaSs5lvZOTPYHSv61o-1FQL0LJFcR6Bkdj9h3R1f7_p3vlYOTdaJR7UJ3fzTusuDlEDXDoYomMbYNmebDQTJkNomDsiLu-WLFGtbUBcacCW2bcKNYm4s21stn5luNMdLStZn1prPp0-mpa-5TA0AYsRAAjEysAcItmhxBq6OxAMWkyeZa-TUpM1Sw37QG9o_xNol42dZ0Sd16ETHEXt9S5bd-eTYjBsgEtWVEorgUtQrIzeb_9grSVm1LY4LFnImk2wU1XemkoA1v5bHt4AJgnjyuQrD6NKeeFuScVcRDg6YuOtpb_pBciV9TAb6-d7T1QgI-72ZoCUqN366nAP5K-3YtRlGmACuidEoDBvAg9YbEOJM13GbP6Wyf2cImtbjBpWt08qSJ_f4_w2VzomqFTVPBjm_K4fs5bj3xMvSeaNDVu-HwVEY1fhCzdfGWVZxu1E1oJPZZuO5Ial2rvrGkQPYIARS7UnioVMmmsQBj-NCXP1cHky9bzuJ9Wrqt9_5vUkZkhD1-geIOWCWvALfkGU24Sc4Ng3iHYx3Q2ISqVV9_i_hoH2rNAvEVjtqnSd3DLgsGP4brf5tJMPl_QCS6jcEuQaoVVnkIBPSuarbX4NfMOGTfBfYDwe-Mx0mXUD1oOPLXspWN2a6HsaonTBSRFqmCkSLKB8Uc0ijKPYmCQIt58BfrQ8JyGUFJ9s2Sz6I0SYTfkfOsrr-WnEJQ7KXA7lW7wOCP1mFDK1jsq343XlfpSwuilBYoOna7FwqYBnwdJ5KFS1QZ5jp3KvA0mtS3gMMHCEQ5ZpGKadC9P0HqKRC1aSvvKfOmAOGxu5nVS6IFXf-GEkgjIPnVjywvRy17dVTA3NnyI17pl7eijHzzChRSTs_YuJSs6Fvg9rOTI7QR2BDLko2QZVK9SJevPfeq7yGwkCJiMBtTxBd72K6MC7ApethkY61OiKgXx_p9sxR1aEC-z879DImtO22uVpUsJpzMShW6VMEUgFRThUqcyKZZXKpBjNTJhnr2YOFRvDMDxXrkC1kgcHrKJRAhzyzxJmfXHWuXiHfTgw5hmBlAMwRiZ357Kl32Exi_Zb9nzIwktZoF5Xk--07U53RGzidU4TPHpTtUqBUtN-Vx2q1ZlFnQt3uDJO2tiNH-SEns-s8A9i3N-EvdvPd-eB-MDOvSFUMOxOxU02BBNI7A6gPdSFZjIfqkyCLL21Jh-LoHLmZrBFWB6gUCIQy4hVnnPLS_9DorewyPtF5QH3tX-E3wHRqeW4aJnJdmgs55mSdLpK_-2Dr8Orp-wHwLPuDsICUk2N2cIVYK-04TBggmW5OWqxSZS1zEoK6IDsoPLYG_s058HfpbOlGl84d6fJucnzfs6drfRDeBExJsrx_mfPU8iAH_HvNADpSXRzLv7gYJ6BLActasULFsKw0GcF4flLIYE-Kp5-mItdSDKKQf3CKbz6M8kahiKeUr2PMvEIu2ZG01J_dqrz84N8w-EYKC5XWX_DyYuX7ndia8mEroKLmJzHtGvA8qobVn4PpjuIPmFcCXU872WpUOALDEZYhxpTr0aMfirjL6N4DM8DqXTK7nFKKoPHm7iDULi8JOJzlot7nDbGkYqFAjNC0yfKvr46TyoCJ6NRRvZqd6QDMNLYSMWBNtkSXeq8ZPLC3gjHocn_-6XSJ8aV-x7zjZSWadgpnL1M-lAQl-CTVxr0gpgc1oN_foEV7BAD2ljJaoh89xCGZnQYq26xIYl_Ug&cid=CAASFeRoBF6zFQUNtGyl-GTGVtzh4SxSZQ&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
criza-pjimage%20-%202021-10-22t111005.234.jpg
cdn.digita.media/unimedia/media/2021-10-22/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-pjimage%20-%202021-10-22t111005.234.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2e338c0e4d74ed0914826d29406f82aa905a79b5e9abc75b201bbb0f672f6a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"c7f47ca6b857c95da5669a4fb4dd0e3e"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88860
x-cache-status
MISS
cf-ray
6a29d03d3c3e696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44752
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 08:23:20 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfbMtRjfA7aF0LsVlvA8OaBmmkB01zF3TUbIdbTfe5fv%2Flw5YJ8zH%2F7YTWfkeFg9eqKmiye5t0T15ec%2F6RBIHRv5wuaTbIXCOIgp4ay1VKkVd31%2Fn4BAcCIFbx7%2FkcZu0HP3NlezEnUKXAS20dA7"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B04D8F9438F2F0
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-podul.ro.jpg
cdn.digita.media/unimedia/media/2021-10-23/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-23/criza-podul.ro.jpg
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b64c2691351dd9f71e3aec3dfc2f6d4cabd8c83aef76d8fe36eb9f6c65373718
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"d5beab9618c7ad0a9885e9fdbf1955de"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1796
x-cache-status
MISS
cf-ray
6a29d03d3c3f696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46423
x-xss-protection
"1; mode=block"
last-modified
Sat, 23 Oct 2021 08:49:51 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNbZi3NBbiUcN%2FKesGlV3qzBxjp2Mn7GhaXI%2FoRsm2y7K6XDWJ57q48bD5uEslCX%2FTiDXQr8bJ6pUxI7vx6CA613LWpijdOtUAFneLP9vsoiCC9GR2hZKmRa%2Bn5cMdGelFTnik3v6NG5zs46syA2"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B09CBF30A69456
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
criza-scandal.png
cdn.digita.media/unimedia/media/2021-10-22/ 		375 KB
376 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.digita.media/unimedia/media/2021-10-22/criza-scandal.png
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4f2d06c5401e610906be31c29c0eec9f5b6237a8ab6b91cccc2d12c0dfc9be
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection "1; mode=block"

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"a71959417bdfe67c90a65e994fd2e9ab"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
89319
x-cache-status
MISS
cf-ray
6a29d03d3c42696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
384448
x-xss-protection
"1; mode=block"
last-modified
Fri, 22 Oct 2021 08:28:58 GMT
server
cloudflare
date
Sat, 23 Oct 2021 09:07:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqhqswi0gQSvabGqp47mJt6%2FCHMvCfg626ArFNCL1546HZENqbIBPPlKO6vyuXKhoo3%2BZvfSlHErrXK41EFxCkYJgjt3G8Nss%2BSGel8BUZnBpZbsLPUI2kxNY04gPW1Fb5gW%2Fz8VxuagPQ68pFNW"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
16B04D2495AD2B41
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
rum
dsum-sec.casalemedia.com/ Frame E99F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfYAYasgxZ1VVoDUr--FoM&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfYAYasgxZ1VVoDUr--FoM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNU63aM3r1aPwWhrDIbN4BLok13VXxSELKL52WeXj0EVvL_LilDsKImlkIx4txl3WzYrYowqUaRf576swsRy3fwh7bptyCtzR-nxhtZrXlsokVQSWmpciuvF0M_6mQ5nAO7okhkQ-WVnmIHZuEJoj3QGBSTwC7FfAU1mFMAMg8Zu5K5t0Hs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Oct 2021 09:07:08 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfYAYasgxZ1VVoDUr--FoM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E99F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPQvM2S.731FgYPEViskgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfYAYasgxZ1VVoDUr--FoM&google_cver=1&google_hm=2
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfYAYasgxZ1VVoDUr--FoM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNU63aM3r1aPwWhrDIbN4BLok13VXxSELKL52WeXj0EVvL_LilDsKImlkIx4txl3WzYrYowqUaRf576swsRy3fwh7bptyCtzR-nxhtZrXlsokVQSWmpciuvF0M_6mQ5nAO7okhkQ-WVnmIHZuEJoj3QGBSTwC7FfAU1mFMAMg8Zu5K5t0Hs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Oct 2021 09:07:09 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEfYAYasgxZ1VVoDUr--FoM&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame E99F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKSIXkphZr7DbBARQb1cM_w&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKSIXkphZr7DbBARQb1cM_w%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKSIXkphZr7DbBARQb1cM_w%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNU63aM3r1aPwWhrDIbN4BLok13VXxSELKL52WeXj0EVvL_LilDsKImlkIx4txl3WzYrYowqUaRf576swsRy3fwh7bptyCtzR-nxhtZrXlsokVQSWmpciuvF0M_6mQ5nAO7okhkQ-WVnmIHZuEJoj3QGBSTwC7FfAU1mFMAMg8Zu5K5t0Hs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:08 GMT
X-Proxy-Origin
185.232.23.181; 185.232.23.181; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6e9d73fa-fb8b-4fc5-a094-44c91162404e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:08 GMT
X-Proxy-Origin
185.232.23.181; 185.232.23.181; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0bc88731-0d89-4bfc-ac13-387bcc4a040d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKSIXkphZr7DbBARQb1cM_w%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E99F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0MjMxNTMzMjgyNDQxODA3Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0MjMxNTMzMjgyNDQxODA3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNU63aM3r1aPwWhrDIbN4BLok13VXxSELKL52WeXj0EVvL_LilDsKImlkIx4txl3WzYrYowqUaRf576swsRy3fwh7bptyCtzR-nxhtZrXlsokVQSWmpciuvF0M_6mQ5nAO7okhkQ-WVnmIHZuEJoj3QGBSTwC7FfAU1mFMAMg8Zu5K5t0Hs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:08 GMT
X-Proxy-Origin
185.232.23.181; 185.232.23.181; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c2b153f4-45bc-40a6-b598-5dcb2ee9c6f2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0MjMxNTMzMjgyNDQxODA3Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 3D25 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvxuRdOI-HACEg7YNANYL3cEV2kXNdAcZPVJUChgh2xDbHogs7VeUUqMJX5GSyXbS83Xz9BULWmNMoI9kSLhx72LAcnhbxprcDq-QOiEZESGjTshItnANTRsDO-4paJXwnTuO3agLqz676zUHcKatO5Pw3Bg&cry=1&dbm_d=AKAmf-DatHoPnsBbMieTM4dwJMAVe6WCVQ3k5bkJHwYKYBYkoR8hcSY-qkplFLtThfy4FUOx81xszariTlF7ZdNOObxVCQOOkS_li3L84W8fb6jD1JvmHqGjAWCgkvX_we-M3SYlR2v99455omcxPzzwZGPWB0tnTa7iS9ODWtgLjDLYuKqMGfrf-IGfRSYhO1O7NJVInX9wx0DgIl9qvguFhleyNrSojs-sff9i6BQQPljoahP0V0QG9eS3LDqxMGRIyKI0uTcs4mu-QsEg-pi-D5WrezMXtBnCSKBiaWzSPXXfzSxzr8YtCa8ulxEKC0-1VhtdF_Sk3xElw-YS17R1btX3NOaz3sohysATaP9Tayn3UO_YW_5Fnl-64QXB59Whm5w7o5OV9TxmxNWxzvnKW6U84RQR_DZ9N7uNlULrVU1rdQQOMOm5SVA4uhwDzoYYZ8KuiZWZ7lO4hVFF_sctQLwVPZ5pM_wkpcTzjKmUxPzWXGm6czb63Od9Cys1YSjkIQYte3MoHgrU08bvTes5Dv8B3YghdPz35Gca6aNAlYzqCep18VsgZfQwk52bb7xG-ulinu9MJ5j0h87RdmC6SkYM6sL9CnAc21trWo8mbiLVGnoQ0_-hSeIhZgO4Fwv6z7do6HbFlH7boG_pA9oINBYNFYovpPrwO30L1hUcCQKmmYVjuc82IBptN08yT6fZOBGY4WeE-pN122txHAaQUUJIbppTn3J_ytlgVe4DotWN9l4uJgRNmwYzub0z10YzUWYrpIswF6cO7FbTVUvdoIMy3eFM4yOLk3IfGCtPlta6viC5GTLFEjjFCcfGE0VDAcOxxacje60HWW6hABlh-F9nz25Qb02IZnA7cMa-Cn9X_KcewhlvSgcmco5GHiwEvXSFSY4aAuPgJ0CYDr0DbvAJBpIFkCUz6stJtCWvN18tcW_cOJmjTncHSF1_F7FZckg-yLZQOd0P9tRIHQwJGTlskreIIwP1mRe2HN5dZjhhgkrMguAK1zWkluBwWAeuvo4KyaJqQP04RGrqRegexGoJLotAdcwKivrwnlepZTjumsWiauP-1YNzT5F5pyCTv5bi_JnzUvvqGnIJL7yd1P9RW3eXBHDO6W-V-HgS8YJ_HRsKJlxOPI3iUxOK0C2LnePwumf17tJy39T6thle1vD19xecXDXdnVomg98qHnF13paJcNk9HZ_Xkw2tnvky_hBhxsNzjZujKHBBQ1ynldwZTNPY4BIlAazSshnePJrINriNXqxollpUaUVahDF9MihbZ312o8m0d7jC2m4ulvttHzEPbKa77I-IiOCa5wqK05RXZbwRC5mzJZq3uN6_x7oj7iVajFqnORfaValuk2BXmruy6pkQKtd1BK1GbLTLgvPj362m1DNRIqz8x16Vy1N136qFP4BtA8jJmabfE9zhmBkwIMXK3viwGClvjAhlLDePKEz3d6bA0hDIn3AKoJ0PKW-aXNKdKga28akZlDhLC9z42GHn5jHw2W1vJ4RepRlq76CIXnzx85OvWFSxnMcREPbfKehe3ZMyEag37aBiTbBvpY_rgQaNnQpv4rb4KHZqFxt-cVCvbZSHANXFqf1w7z0BjIyHfrr894EPNKc1t1GcG0OC0CvFX1TaUwmhT1LgmHLuvI5uPJjbHmmA2C1kSd9sYqM7A7OzZtevpb_46_EG6l7OEVTUuKvtybI4AcnQLNUYD1kAZ9u4xrVVVS97m3bzXleeNQNgnO9FKmStmyaf1d86AyO1jdqPIqhat6tQpAe8uOHfcvz5bDc5JYBjN_LMCtP3D9hcth2WvNyaWNFD43JIQc9NqMVlhabTlkThz9Yj4Y1xlzbCjW_mTKYxQSF2mFDYcipS5_8BUpZBOw1Zt-mw6WYsdAbX3A58uPi0IaU4Qi1AYI5iPcftEp40AM9kMIIdjrMIG1KlaGbZPRCMHZ0vzFDptTKkpGHQ0BpPGOgu-wmDAzW5oGNIPG7Ysoc3DDYang7QSWaNsCgeolnD75vSwwIocveUluB7-TlpcaXJX1Ft5M4BAh_T0UEoWh9sIIXMpK6oA4gBqJvCG2TY8bOoMJgFnP5xpT_e8Tbq-9X2W9_uwHNeKbBhuJX0qRIL7eAEakyguKGldyP1_dv5yIQdTTq_YW9fNxfcaGiFmCokQ1TmTbm80LeYktJzbTL0cdIDgB6UsSsIixoZEip5nR-ypyfHoWPGzA_sFW-wim4vQM5wvpMU7ImK9zoFFlbkI_XgOVaj0vkqvvjc9xgmRELZ5ahsGQfUvbjJr1GG5xwmtcssSU1CW86q4uxDuSE_PsAxDeCMLK28Lpiayu72LIrDbtKhY7fZlQm36NYSP1RsdJVtTlshk5istRkP_b_RHaebJnqQn7fvoKITe2T70mssielas02uSYboIRClUIy9-dWgL6oeUitGm-u-nE7J9VN5YeKsZ4YhzsfsAEIF7VVTdVkhPsdiQNt27PDzbS7iG9ngLRJt-mI5MiNkWjy3tCTncn8YtQzWkTJ3OpLTnFMRXpnLM5BXxDWdVnt0Et1khOKSmIe6EURfbO03akqlTX0XM4SuFYF4NwoilE2iC2Jdfy5lPtaVcmwoUJQ8c95pjQq-aT_I4hLyEndPBvumCDjsjZlISlii9t1gpB3qK5VhTZhfApZ3q0NiRgZ4rpE2UmI39Lm9PAxCc6ud6i6VICld3MMF8o9nEtnxi_yYE8K9eTuu0UdOG1nzHGveamRh-Bw7ZF_izzgpLJvQAH41uWaYfyhys0nRwE_hZGbfzT68VD40lE6FZP90_RpyU5_IubLZvvIRN3AFQIpN5fsMlclmShltdK5V9-DftLQ-oN78IugmfktfXZXcRsIpoA1tmuMMJWT-m7jD-zmImjLgU4YY0bsmSfNndz-yj8ByXZC0wT1VKhbd-rGVNZfBYBWsk_uHNPmboMRqveAGPMp1AAVte9W8sflofzOf1I_rlWoRqcYH6qCQWTWRhAw6qcaZq9_PHV9TazU5s9BFjW5ChO5aKaoFoVLtYYlCXpuutuPvM5ONc3q8rZGVu99Ckb_xzoF2KD0OlDwgElGPUEocjuJO3uVgYQP6LymQfz6o16_keVWk51P4l4RUI9hqY2Rw_S-u489M0m8KLDR1UcJU2ymbYUjkJ0Kvh2NCVFsz2Ki6zx8u_ZCO464lltllO4gKlk82ezVRtNWEXY5F84Unbq613gW1HXJNUx_mW8tyS-wrt6EPEfxE3j4JbaFY0QqTXnMdMLwiPwVJTVXn3622g2dfYDKIWuvCmj-WxuOPMw&cid=CAASFeRoT8O19kwXo97v8XS1GK7wHqBqQA&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:05:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3D25 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvxuRdOI-HACEg7YNANYL3cEV2kXNdAcZPVJUChgh2xDbHogs7VeUUqMJX5GSyXbS83Xz9BULWmNMoI9kSLhx72LAcnhbxprcDq-QOiEZESGjTshItnANTRsDO-4paJXwnTuO3agLqz676zUHcKatO5Pw3Bg&cry=1&dbm_d=AKAmf-DatHoPnsBbMieTM4dwJMAVe6WCVQ3k5bkJHwYKYBYkoR8hcSY-qkplFLtThfy4FUOx81xszariTlF7ZdNOObxVCQOOkS_li3L84W8fb6jD1JvmHqGjAWCgkvX_we-M3SYlR2v99455omcxPzzwZGPWB0tnTa7iS9ODWtgLjDLYuKqMGfrf-IGfRSYhO1O7NJVInX9wx0DgIl9qvguFhleyNrSojs-sff9i6BQQPljoahP0V0QG9eS3LDqxMGRIyKI0uTcs4mu-QsEg-pi-D5WrezMXtBnCSKBiaWzSPXXfzSxzr8YtCa8ulxEKC0-1VhtdF_Sk3xElw-YS17R1btX3NOaz3sohysATaP9Tayn3UO_YW_5Fnl-64QXB59Whm5w7o5OV9TxmxNWxzvnKW6U84RQR_DZ9N7uNlULrVU1rdQQOMOm5SVA4uhwDzoYYZ8KuiZWZ7lO4hVFF_sctQLwVPZ5pM_wkpcTzjKmUxPzWXGm6czb63Od9Cys1YSjkIQYte3MoHgrU08bvTes5Dv8B3YghdPz35Gca6aNAlYzqCep18VsgZfQwk52bb7xG-ulinu9MJ5j0h87RdmC6SkYM6sL9CnAc21trWo8mbiLVGnoQ0_-hSeIhZgO4Fwv6z7do6HbFlH7boG_pA9oINBYNFYovpPrwO30L1hUcCQKmmYVjuc82IBptN08yT6fZOBGY4WeE-pN122txHAaQUUJIbppTn3J_ytlgVe4DotWN9l4uJgRNmwYzub0z10YzUWYrpIswF6cO7FbTVUvdoIMy3eFM4yOLk3IfGCtPlta6viC5GTLFEjjFCcfGE0VDAcOxxacje60HWW6hABlh-F9nz25Qb02IZnA7cMa-Cn9X_KcewhlvSgcmco5GHiwEvXSFSY4aAuPgJ0CYDr0DbvAJBpIFkCUz6stJtCWvN18tcW_cOJmjTncHSF1_F7FZckg-yLZQOd0P9tRIHQwJGTlskreIIwP1mRe2HN5dZjhhgkrMguAK1zWkluBwWAeuvo4KyaJqQP04RGrqRegexGoJLotAdcwKivrwnlepZTjumsWiauP-1YNzT5F5pyCTv5bi_JnzUvvqGnIJL7yd1P9RW3eXBHDO6W-V-HgS8YJ_HRsKJlxOPI3iUxOK0C2LnePwumf17tJy39T6thle1vD19xecXDXdnVomg98qHnF13paJcNk9HZ_Xkw2tnvky_hBhxsNzjZujKHBBQ1ynldwZTNPY4BIlAazSshnePJrINriNXqxollpUaUVahDF9MihbZ312o8m0d7jC2m4ulvttHzEPbKa77I-IiOCa5wqK05RXZbwRC5mzJZq3uN6_x7oj7iVajFqnORfaValuk2BXmruy6pkQKtd1BK1GbLTLgvPj362m1DNRIqz8x16Vy1N136qFP4BtA8jJmabfE9zhmBkwIMXK3viwGClvjAhlLDePKEz3d6bA0hDIn3AKoJ0PKW-aXNKdKga28akZlDhLC9z42GHn5jHw2W1vJ4RepRlq76CIXnzx85OvWFSxnMcREPbfKehe3ZMyEag37aBiTbBvpY_rgQaNnQpv4rb4KHZqFxt-cVCvbZSHANXFqf1w7z0BjIyHfrr894EPNKc1t1GcG0OC0CvFX1TaUwmhT1LgmHLuvI5uPJjbHmmA2C1kSd9sYqM7A7OzZtevpb_46_EG6l7OEVTUuKvtybI4AcnQLNUYD1kAZ9u4xrVVVS97m3bzXleeNQNgnO9FKmStmyaf1d86AyO1jdqPIqhat6tQpAe8uOHfcvz5bDc5JYBjN_LMCtP3D9hcth2WvNyaWNFD43JIQc9NqMVlhabTlkThz9Yj4Y1xlzbCjW_mTKYxQSF2mFDYcipS5_8BUpZBOw1Zt-mw6WYsdAbX3A58uPi0IaU4Qi1AYI5iPcftEp40AM9kMIIdjrMIG1KlaGbZPRCMHZ0vzFDptTKkpGHQ0BpPGOgu-wmDAzW5oGNIPG7Ysoc3DDYang7QSWaNsCgeolnD75vSwwIocveUluB7-TlpcaXJX1Ft5M4BAh_T0UEoWh9sIIXMpK6oA4gBqJvCG2TY8bOoMJgFnP5xpT_e8Tbq-9X2W9_uwHNeKbBhuJX0qRIL7eAEakyguKGldyP1_dv5yIQdTTq_YW9fNxfcaGiFmCokQ1TmTbm80LeYktJzbTL0cdIDgB6UsSsIixoZEip5nR-ypyfHoWPGzA_sFW-wim4vQM5wvpMU7ImK9zoFFlbkI_XgOVaj0vkqvvjc9xgmRELZ5ahsGQfUvbjJr1GG5xwmtcssSU1CW86q4uxDuSE_PsAxDeCMLK28Lpiayu72LIrDbtKhY7fZlQm36NYSP1RsdJVtTlshk5istRkP_b_RHaebJnqQn7fvoKITe2T70mssielas02uSYboIRClUIy9-dWgL6oeUitGm-u-nE7J9VN5YeKsZ4YhzsfsAEIF7VVTdVkhPsdiQNt27PDzbS7iG9ngLRJt-mI5MiNkWjy3tCTncn8YtQzWkTJ3OpLTnFMRXpnLM5BXxDWdVnt0Et1khOKSmIe6EURfbO03akqlTX0XM4SuFYF4NwoilE2iC2Jdfy5lPtaVcmwoUJQ8c95pjQq-aT_I4hLyEndPBvumCDjsjZlISlii9t1gpB3qK5VhTZhfApZ3q0NiRgZ4rpE2UmI39Lm9PAxCc6ud6i6VICld3MMF8o9nEtnxi_yYE8K9eTuu0UdOG1nzHGveamRh-Bw7ZF_izzgpLJvQAH41uWaYfyhys0nRwE_hZGbfzT68VD40lE6FZP90_RpyU5_IubLZvvIRN3AFQIpN5fsMlclmShltdK5V9-DftLQ-oN78IugmfktfXZXcRsIpoA1tmuMMJWT-m7jD-zmImjLgU4YY0bsmSfNndz-yj8ByXZC0wT1VKhbd-rGVNZfBYBWsk_uHNPmboMRqveAGPMp1AAVte9W8sflofzOf1I_rlWoRqcYH6qCQWTWRhAw6qcaZq9_PHV9TazU5s9BFjW5ChO5aKaoFoVLtYYlCXpuutuPvM5ONc3q8rZGVu99Ckb_xzoF2KD0OlDwgElGPUEocjuJO3uVgYQP6LymQfz6o16_keVWk51P4l4RUI9hqY2Rw_S-u489M0m8KLDR1UcJU2ymbYUjkJ0Kvh2NCVFsz2Ki6zx8u_ZCO464lltllO4gKlk82ezVRtNWEXY5F84Unbq613gW1HXJNUx_mW8tyS-wrt6EPEfxE3j4JbaFY0QqTXnMdMLwiPwVJTVXn3622g2dfYDKIWuvCmj-WxuOPMw&cid=CAASFeRoT8O19kwXo97v8XS1GK7wHqBqQA&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 1185 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCsKpFv7-b7-qyJ4-gr7MNiyguW8H_HO-JEGvrQb67PmFsAi9xim8rE1DQdExECcgqrcKxF7rBk7K6w-Fx7N_v-qq4bxMU1tUa3q4qDnrc4DBuP_q-FlHFMOcL5Ph49gxXBtaZyVBnPOgdtU0cyUAcx5VnYA&cry=1&dbm_d=AKAmf-DkMOfMqrPJY9va9wWwT_BxA2O4fHWUYoJfxPnEmjALvMZj9sUNAkgxGHtkGCvnBKKbXOARjt4sEHIcInTC5G74T5VdSiT6CaPfb1HrrB1u3Z-eerdlWc0_mF-EBZIPsXNIY4Blc66FuSZJCoa5UIeDVp9RO78TTwdlvid7zevXr7vJCByZJP0bxIZi_ykbHfUcIsr2JocILETfVH-1vHt7ts_inIbrM6GqgNFL9cuxKNurnbwPo_dcIVj0Ju_dTUSJeekquK9trOnxOEqnNTtfKBbI7g82VkU8GrSaIa0hLTf-K3lxObINAb5t7nCX11PmTWR8vDhFaL5_HivZ8E47oXV0lxhXTVoLSlPyoI-BJaYJWrMpm8PaIu_p4oq46MzhVC86l24voFTrdpMgNF5j6pwDgfzr_wQDTm-a3PL28s__b84nfXUg4S2uGA30zNIRKg_6L1ZThUz7UwnfTFnoZEd6L-MCiNGAWrQWDpcovKX_Uggpkus-wzVThVSAfPmxaOTfi_mo7ko3ScjzmtOJeC9UF_Nam9PHeAn-lQAIDfEB-UkrCM_WoqDFUjoHeq9_t70sKP_6hdnpIN9S9nPRB-UtCTliS-grXZF-rHKrAGv6XpFa5vO1bp0wkkta8Ie4c4vYlPAo57C4YzoZgpmY_PFT3hx9CxhHF6pOnvOPuGuJc3FFZO5fdV5txwXPpMIK9SdIj0qI0t1I2eH9C5unL8taFS1CJL_LTrGeEcXrpxBSbsWOVhdvK_CKRrhwfRXPpHxvxUGvzYNUpapQmVXvppRa1zJ3ifrlQrFiKjJifJUeNdK22W3CUKWh_IoFvb-lEecZNt2tDJf428_DmsLyDXAmkoP5fMYhbQNPAYwo1kcicN4o5yn5Kf3x-QbzhS1ZhCm-qug89MRQVst2C05eCREZaNVQ7Ec__nRYU1TOtmXtWzXfhIMRfDoCLUCEpolw6--B9NgkGXwEsH-Bj3Nthbxji5fqTXcoRU7XIQc8Z8avM-DF34DsNr0sgIHg-YzyHFE-3wDxlhcb7yAMLzHmIt311SEEpTBSK8-f7_zbAqsTQpeFfodxhO375iR7Jp2oKeq8oMIeHJD26MU1K0nR6PT2DwRkls9qgy1sXFVBI6nm3L3g0TVLZESI2SbuiTMlUc_hmzPoRff6oVuCwAJMfMYYvWdWcwZrQp6qkRWUSjs_IcdSPqslGy3f29Xo1aLXXgWyMx-1j9_PF6S7DOa0dNGnE8GXZ0xdeK-MTj2C-_L3gDrr3kwdUema-ePdof0KUMlSR9X82ZSokmHoKh6kJXs-CCyKewXl3IgN1qVF0xkTV5ep-jr1VDGo1ShRsN361CrdCZNaQYxb2LQStiFEhEhc-p9Zf1Ly0_CA_VhABAxl-QwbHKfxdkU0Z0estGtolFcYbhjULElSBnVhqSg1JD2Xjs0zFQlOS6S4OkghWOsO_qO6brqeyGgTL8ZpU_uWzLRaC9QFPAUNahpNBELeyXk_aMQ0unNvNuOKoJlE9xdy1dIFkV2ssAz67MnzBYDLkse06UMNlH7YYX2WOnw5UUTw-aU_9xsFvQ6v1YGZ70oelUKUO5A92_MwiFN9HhhZ_sz8-_G1bR959DvR1zWRA4I9p3zqU9KbGhjrFRfFlolEFksa-XIBJCRgRR-66WNTP7E7vpuBb8FmMndNNBY0pUDPSyLJfADXn9hgTv63FZvMPI6sXaUuSTzg85jupo6Md_oHxgotnwUpgrkOEQJ8xYfi722X54GbhxTIszHfFhr6zsQJi1H3iHLMId2nL-8NvhagagWNrNxMaCqTKE6-YOHV6INgUuvCphJD-WmhGCtiV4pMpLMyEb6ee-ZX26pI0jUsUsVKu7XBQHf-IrXL7KBocADHk3CyOBsn9krfKSLAXBONRcAn7jIJQnvY8CdrStyPHfMLiSAYC_0NYzaA1an7HGPB4nVGSDaWl__KkdjQOREjxbBAqRTHtqvG0GOONYxRvjaeR3N2RBushCTYdvEaDf_iIgLmClPs5PhxhIAZAS4ONG3QJV6F3vRntqqzLl72QFzOmhahaIMhJQohwwf9x9QrTlSQ0JzzfFsAVRb-MHUkxfMY1gCb_bG1XBsjETobuNkUKc_bMQ9kRU-cdnBVIlMLzWVLtJPThhhtJ8kteEmq83Qfr_MU4nr82T68fmWAsJrNqDqPYOs7ae-ZjpaEPBEHI9nUu3EJEkUNiTc5CzzIJRpo5xyUM8n8bBhXMhIkAzrIjzH6itV3sHhjlpfzrOqsM6PSv723Pj8qHLJA8wMfOC3s_2bsMJSQPTvVYzfcrken5RyYFhAMFiFuDYJMhrnNYLlphPDzzaQ18kxssdXf1PfnoyznuuLfyN4WZ7Mz2dYVT4tSUUENQpb4QtiBfK6KJCWLuL3gRiJ-3bi-BMguaocgo2lCPaZzA006vb-pZU7OEJM6RWuV_cXcr3u3TD7Hf3BmhUFpcAc9w32Fh7JfTrACFu-1wLtY5Ztp6rH9MzcW4yhE7jOBroy4gi7wQf1PQpxvjgU5yVFHYzbVNKDRrNxIMtmd0q8ruz2KcyMNfZizSKSQSk2rXAdUByESKcLz5uaz_TB1N3eDRJO0OU8RhLDklY8TeuWHATlIW5l2hRQR-sL-Bet8QwUZ6lyrVLZniNJrNz8h_6Is_PNzmdltKe0jd_PqEF0_UdQziMXqRkhhnVRZHOu1UFP_sdJjDoWPJgg3GUFPWmmY72EGCEKVwTh-J-WZBTm8bxO0kfJMWRPfY_Z6RMCGq_xXnJ2iCFQIxkHIp8yBdSIf0lcLK23AefAPTtGYTFhZm9WftA172e4urRr6cIfsSXgItMXoy1SMKgmGq4Iy8W3Lfr7npjLql6HpMaYrx0iBQg25eZkrz04NOVPLZt8FWdssTAHKwh7O2JHPw14-SHT8xm0fuoo6CcnX1UXFgk2pS0QOHNXW-dn1PWU4k4RNeiVlh00zAcdxfZkCGb_FpVbSq8XyNs8XooG3-O8TnUOtnECIzXIi3Z56Asgqf1F7IqahMEs0rj05DcStMjBHhPXeGw8gsmZAFgHtUrvIFJr3EQqLOmqUVfi--FoZZ7VdPAeOgbltMVaknCc1PLdVQsHkc79IcW0iHVCATlWhaic7B0SZj-FPk-dnLPB7sAMQIItSw8oFOfQ44Jc05tropNJckNu0le2f0ZnIInV_xFheRMDkigya6A0X2MNg72frrLE4d0Bi3FaAbbw8mefVk9WZmE_F-D8oUXIdJtNG6vmK3V_oV1cDajStG4OX_DIv79hYZ2WNlg&cid=CAASFeRoaQvfxYpWD9PSbRhLMyPRA5FkYg&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:05:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1185 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCsKpFv7-b7-qyJ4-gr7MNiyguW8H_HO-JEGvrQb67PmFsAi9xim8rE1DQdExECcgqrcKxF7rBk7K6w-Fx7N_v-qq4bxMU1tUa3q4qDnrc4DBuP_q-FlHFMOcL5Ph49gxXBtaZyVBnPOgdtU0cyUAcx5VnYA&cry=1&dbm_d=AKAmf-DkMOfMqrPJY9va9wWwT_BxA2O4fHWUYoJfxPnEmjALvMZj9sUNAkgxGHtkGCvnBKKbXOARjt4sEHIcInTC5G74T5VdSiT6CaPfb1HrrB1u3Z-eerdlWc0_mF-EBZIPsXNIY4Blc66FuSZJCoa5UIeDVp9RO78TTwdlvid7zevXr7vJCByZJP0bxIZi_ykbHfUcIsr2JocILETfVH-1vHt7ts_inIbrM6GqgNFL9cuxKNurnbwPo_dcIVj0Ju_dTUSJeekquK9trOnxOEqnNTtfKBbI7g82VkU8GrSaIa0hLTf-K3lxObINAb5t7nCX11PmTWR8vDhFaL5_HivZ8E47oXV0lxhXTVoLSlPyoI-BJaYJWrMpm8PaIu_p4oq46MzhVC86l24voFTrdpMgNF5j6pwDgfzr_wQDTm-a3PL28s__b84nfXUg4S2uGA30zNIRKg_6L1ZThUz7UwnfTFnoZEd6L-MCiNGAWrQWDpcovKX_Uggpkus-wzVThVSAfPmxaOTfi_mo7ko3ScjzmtOJeC9UF_Nam9PHeAn-lQAIDfEB-UkrCM_WoqDFUjoHeq9_t70sKP_6hdnpIN9S9nPRB-UtCTliS-grXZF-rHKrAGv6XpFa5vO1bp0wkkta8Ie4c4vYlPAo57C4YzoZgpmY_PFT3hx9CxhHF6pOnvOPuGuJc3FFZO5fdV5txwXPpMIK9SdIj0qI0t1I2eH9C5unL8taFS1CJL_LTrGeEcXrpxBSbsWOVhdvK_CKRrhwfRXPpHxvxUGvzYNUpapQmVXvppRa1zJ3ifrlQrFiKjJifJUeNdK22W3CUKWh_IoFvb-lEecZNt2tDJf428_DmsLyDXAmkoP5fMYhbQNPAYwo1kcicN4o5yn5Kf3x-QbzhS1ZhCm-qug89MRQVst2C05eCREZaNVQ7Ec__nRYU1TOtmXtWzXfhIMRfDoCLUCEpolw6--B9NgkGXwEsH-Bj3Nthbxji5fqTXcoRU7XIQc8Z8avM-DF34DsNr0sgIHg-YzyHFE-3wDxlhcb7yAMLzHmIt311SEEpTBSK8-f7_zbAqsTQpeFfodxhO375iR7Jp2oKeq8oMIeHJD26MU1K0nR6PT2DwRkls9qgy1sXFVBI6nm3L3g0TVLZESI2SbuiTMlUc_hmzPoRff6oVuCwAJMfMYYvWdWcwZrQp6qkRWUSjs_IcdSPqslGy3f29Xo1aLXXgWyMx-1j9_PF6S7DOa0dNGnE8GXZ0xdeK-MTj2C-_L3gDrr3kwdUema-ePdof0KUMlSR9X82ZSokmHoKh6kJXs-CCyKewXl3IgN1qVF0xkTV5ep-jr1VDGo1ShRsN361CrdCZNaQYxb2LQStiFEhEhc-p9Zf1Ly0_CA_VhABAxl-QwbHKfxdkU0Z0estGtolFcYbhjULElSBnVhqSg1JD2Xjs0zFQlOS6S4OkghWOsO_qO6brqeyGgTL8ZpU_uWzLRaC9QFPAUNahpNBELeyXk_aMQ0unNvNuOKoJlE9xdy1dIFkV2ssAz67MnzBYDLkse06UMNlH7YYX2WOnw5UUTw-aU_9xsFvQ6v1YGZ70oelUKUO5A92_MwiFN9HhhZ_sz8-_G1bR959DvR1zWRA4I9p3zqU9KbGhjrFRfFlolEFksa-XIBJCRgRR-66WNTP7E7vpuBb8FmMndNNBY0pUDPSyLJfADXn9hgTv63FZvMPI6sXaUuSTzg85jupo6Md_oHxgotnwUpgrkOEQJ8xYfi722X54GbhxTIszHfFhr6zsQJi1H3iHLMId2nL-8NvhagagWNrNxMaCqTKE6-YOHV6INgUuvCphJD-WmhGCtiV4pMpLMyEb6ee-ZX26pI0jUsUsVKu7XBQHf-IrXL7KBocADHk3CyOBsn9krfKSLAXBONRcAn7jIJQnvY8CdrStyPHfMLiSAYC_0NYzaA1an7HGPB4nVGSDaWl__KkdjQOREjxbBAqRTHtqvG0GOONYxRvjaeR3N2RBushCTYdvEaDf_iIgLmClPs5PhxhIAZAS4ONG3QJV6F3vRntqqzLl72QFzOmhahaIMhJQohwwf9x9QrTlSQ0JzzfFsAVRb-MHUkxfMY1gCb_bG1XBsjETobuNkUKc_bMQ9kRU-cdnBVIlMLzWVLtJPThhhtJ8kteEmq83Qfr_MU4nr82T68fmWAsJrNqDqPYOs7ae-ZjpaEPBEHI9nUu3EJEkUNiTc5CzzIJRpo5xyUM8n8bBhXMhIkAzrIjzH6itV3sHhjlpfzrOqsM6PSv723Pj8qHLJA8wMfOC3s_2bsMJSQPTvVYzfcrken5RyYFhAMFiFuDYJMhrnNYLlphPDzzaQ18kxssdXf1PfnoyznuuLfyN4WZ7Mz2dYVT4tSUUENQpb4QtiBfK6KJCWLuL3gRiJ-3bi-BMguaocgo2lCPaZzA006vb-pZU7OEJM6RWuV_cXcr3u3TD7Hf3BmhUFpcAc9w32Fh7JfTrACFu-1wLtY5Ztp6rH9MzcW4yhE7jOBroy4gi7wQf1PQpxvjgU5yVFHYzbVNKDRrNxIMtmd0q8ruz2KcyMNfZizSKSQSk2rXAdUByESKcLz5uaz_TB1N3eDRJO0OU8RhLDklY8TeuWHATlIW5l2hRQR-sL-Bet8QwUZ6lyrVLZniNJrNz8h_6Is_PNzmdltKe0jd_PqEF0_UdQziMXqRkhhnVRZHOu1UFP_sdJjDoWPJgg3GUFPWmmY72EGCEKVwTh-J-WZBTm8bxO0kfJMWRPfY_Z6RMCGq_xXnJ2iCFQIxkHIp8yBdSIf0lcLK23AefAPTtGYTFhZm9WftA172e4urRr6cIfsSXgItMXoy1SMKgmGq4Iy8W3Lfr7npjLql6HpMaYrx0iBQg25eZkrz04NOVPLZt8FWdssTAHKwh7O2JHPw14-SHT8xm0fuoo6CcnX1UXFgk2pS0QOHNXW-dn1PWU4k4RNeiVlh00zAcdxfZkCGb_FpVbSq8XyNs8XooG3-O8TnUOtnECIzXIi3Z56Asgqf1F7IqahMEs0rj05DcStMjBHhPXeGw8gsmZAFgHtUrvIFJr3EQqLOmqUVfi--FoZZ7VdPAeOgbltMVaknCc1PLdVQsHkc79IcW0iHVCATlWhaic7B0SZj-FPk-dnLPB7sAMQIItSw8oFOfQ44Jc05tropNJckNu0le2f0ZnIInV_xFheRMDkigya6A0X2MNg72frrLE4d0Bi3FaAbbw8mefVk9WZmE_F-D8oUXIdJtNG6vmK3V_oV1cDajStG4OX_DIv79hYZ2WNlg&cid=CAASFeRoaQvfxYpWD9PSbRhLMyPRA5FkYg&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 7EF8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bfk91KG4rqVGFqorWwlwFavQGxoXKCB0zu7jZiXOF1PtZZ4txCxL82zAEeUtGLvM97udAfx1ybMErRiPhHO6iv-skO9pc12t7xyp7yMUd3s2QgWXeJ9vxZMu7wpLNjfcZzWCT7Sf_A2S9QlCqRF26CMM7SIw&cry=1&dbm_d=AKAmf-BRV2fl7FqeSlhwrx4MBwtb1wdXYJZEXUxqRCnWuUv8s87-QauDq9V40TURfS0VrTdLAB-iA7eJoSPZE1isOBo22XXf-8cx47x3QsewIJGE4lTmazLm7YxS6Ml-hsdU1OIHPW2sD24fQFRCfHCE3cuRqV4XWytU3GP05iJDa9SP_VbbdqaJvYKJ76NDHmZ490Ltp-P1yPONchXkzJoAsuN5eOWdmGpaAn8-WfkcP0Y4mqieKV_o2Fe5GopkmY0gcQZiE-y5ZVzsezGb3R8o_J_7eRJlZnNh-RdrlZrPnG8gvt7WVhJMyANgURg0fssB91a8CEPuVYwKKz5EBZ9rs3qZTJM_heT0O8VjCsIHDVMxUmeVF_NXqMln3OLIxV7iqtPKWc2iE8Eym6FxizUY8HQoELOoiufykh4Pr3wjMcHEZyVsUpfPPBDpucJsqMZezQATSPecHl-I1JFkmZXqHCn0BAlz6mon8Ovc7iGwjdOqsbhIgcBtRKJrNy9mbdiFPa12ABB8r7m1RIvpnroSEnH0DTJrDsIZ8saNWrpVofQlegvnLFso4j_kAzoaEkybf5iwpyPKNVnVG96zJ9MRPUHFYvrZRrDwzXOAIeF4UJOnCR6SdG87cc2oa2gvDmJj3LJ2BWZZ3fDf4iB9U85D61bSIKeimVb9CETYMkx33lm_qvEz9esXozqP39n8vltvUa6eWHvQwtINJwS2yiEMB_osy3s5dz4PvfK9WX7IoXjy9RQHzn_Ti3gkMCkXn1ojjP2LMI8JoI_mG_J2dMuvrCyskxelWMyn_zPITlGlrR2QmHCtlQ5FEpq7o-D_2rnPl3NhMsu7JtoxNDqZEwTjS4DYQuu9uFgkYyFRk9Cr16L0JkNRaBkWY06JMZJPJ-kOhNe4RXqcAkERp1JNW7aSenEXFR-RgR-PcPPVG1H3TjW_8Obvhpq-8HJqixV-d-rbx7QelXwM1a3f7PriAyNH-JqApWfpR2NU5kT6SP1meYoCD8VmFsWEniNUettp1sHdz5600ojGi228e0NVsDFjhqSRD4awkZHoZXEV09p8_P_-VoWgrdw5xT0Cuj4H9dzKqCyjPCSNYAutakJOpBhK0-PABacfYtpbIOfRCBmTdW1DO2SjDmj51MJrvJh0YyHZp-V9CoGuorSCCn0qXbER_UoCHa6OU9GSLBSwUjPLQZsJb0_HHyhI3FzrBjDoqcTU6lXgYWKp9NNV8Q_k-dHdTCEAeHFEWmchaJeXmnsABPA95Dn3-Yt2eUvJ5asBXNXjuCuNBz4nRLjvSOHVADtq64uZz0W_k00L7lbVolbjEzHVBq2wsy_Qoq2xPpiotXMEyxTtIgEBfAG-HWbrvxP1c-e_DTYXmJXCElE_9zJoOUW3HG0agmLBqY0nGKGHDtB4RO-Lkq0XQtcldoXDBtrrzENOnEo7DDswPAyGhhApHWKYW1i9Q6tb-ilz6D4kikZtBjjMjTDoPa6piVs_E6tlDVPapIB_yniiW_b4lcAYrMCNf80nlcQHLG5b5Nyd-fsZJpYV2Okp3zoB3ZTh4ChfRYxOzPcAE_8Bx7LnPEfffjNwOYMl-Ydj6B5VMcbAfBwx32eE2GUyvkyAMq39OlKJ1YSlDC0sPBcL-9oWxI88DUgc74i4MSXxKOQI6yTj148xfKKgidWFt6Lh4lByWyQqyA_7MYnplymZA4BFirhc71j_5XoWODcAC5IbL_cBwCM4LidyvEvvfH6BG0Qw2zgjyH_yjgQ2SqBiBLOFizDky59RkPPcoH3nWbTdQDtDZ2AJPMETXZCrQoDFrrmVJXmdDvfY-vLlNPyUyc0t2ezZezuj2i8Ri4glXx35IgntoZvDzwTCs9LlzDmVB63ahFXBK949wv5b2FupggoAkUPW7FSNFUpGdEVV8EYuiy49UM8Y3GbXalu4Hg_tCYO1OUEdPhGD8_nPgR6lmgcx9Dk9PQn6G8nB8BKog3riEr1UqB0K_kykOTu-Z4ntDn2mWh_UeiD686i8Y3ntDp7TWOt4IZe_e7-aVWFE1qrNkl3f78xQ7ajgEvLkdzs5a-ZgruWltThFACsO1ht7seIbxtNF9kibm0SdRFKvvfWjPs3eKDH7rg-QgCpbLYWjMxKzNq5b-PDojWgWiTzHtwSj83Jl0kOZ9yxHxQz4hhRIbzPeNMtgIflLkdJMPjlHMoYzwBPCLG8RRWBjFEbomHauR5tNuNqiRVx0dwv-qb4Dm_Tw3BS0s_lYHCjqz8v0Q5pZn7XrNQ9SMFBnpmzJSCj_oBVaXJbn33ei7h5fDMPh2WWi4CaiiIXHbrjhnwV9afVdhbBvUEUbBW_qwvM9qISq5ucGQZoOlO8ZcbjwzEhng9bAqQwKU1LEEoIpd2HQpOJGm215D2ZohHgJpYIj61CpRxYsD5KboeLiX-OnF7Cqm5aXp9NQNqgTxHWUN26TH6NK7U6S_0eLCKRe0WFiOM0dAMNqKW4t5GsngfzNQL2aQ1BW1w_siXnbTujI75TdP79INhMC1tZrtrN_YzzyVQaxV_CjA7TUZobzEg3L5pmq-Y4_1MFMlT3XjYagzkuaV9SnEjRzjnLiSKz282LBpQWrtkcn80ooljulCC0Si-ZcxBAzfgBu8_aQ-57qM1g9KHflmnJXnqz812W3WryYsflFCYt4W_1t6wRsWbVV6HgaNsvLtl9dhcwNCnXBxH6tWC066GZGBMeOQqJTBCeaEZfU1rNfr7gevfeDI6puKeoEjTZSd3cpBvsMr9B1tNNyjvo_vOVj2A6oxBpOy2xBchE7sOKjjLyeLSdCg3vWIr3KTJjzfaZsnE4KZqAIG8jWSv8E4tpgKMIXsuaRwFbPSjF32DT78o04AURIW0XbyxZSddAqZXBFYcdJJavyIRHanbiIuyuhGgoUBO27Ed3aca-yvADMX86kIYXQj5I6QczhMWOqjfiljhRw6D322k2mduyXyks9LrEf2eXiv1NeIxir2pgCbacFEYOIah6YvlgOnrXkCyYnSURwDH1I6F3J5eWvwnNsHtDnEscNYW9Xapf2jat7UHcHsqNnhFf6aI81KrYUQiW0R6Mqu3C7pNfrZu-qZ_A1yoA1T0IqwRxfO4XQKICxkiUv_JyXhXgsuG4ev95yM0aMsm2VEWS0OhiwaIis5Qw_shh4aESP-ZkLUBb6Qc9gEWDElmeAkeytcIR9sP82xsmXpMkHliBcJDIaCgY8BF1xTs5I45UT8jkBtkZ_5c7dpnHfa0uGgeaYrhfkwNuJZYShbQ2T7SGsMCqPzK44y4jnYd_yJRworLTh1PCRtWIz_uax2rkObbc&cid=CAASFeRoOZ0sikO69vWCQFR15bdpVE-oXg&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 09:05:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7EF8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bfk91KG4rqVGFqorWwlwFavQGxoXKCB0zu7jZiXOF1PtZZ4txCxL82zAEeUtGLvM97udAfx1ybMErRiPhHO6iv-skO9pc12t7xyp7yMUd3s2QgWXeJ9vxZMu7wpLNjfcZzWCT7Sf_A2S9QlCqRF26CMM7SIw&cry=1&dbm_d=AKAmf-BRV2fl7FqeSlhwrx4MBwtb1wdXYJZEXUxqRCnWuUv8s87-QauDq9V40TURfS0VrTdLAB-iA7eJoSPZE1isOBo22XXf-8cx47x3QsewIJGE4lTmazLm7YxS6Ml-hsdU1OIHPW2sD24fQFRCfHCE3cuRqV4XWytU3GP05iJDa9SP_VbbdqaJvYKJ76NDHmZ490Ltp-P1yPONchXkzJoAsuN5eOWdmGpaAn8-WfkcP0Y4mqieKV_o2Fe5GopkmY0gcQZiE-y5ZVzsezGb3R8o_J_7eRJlZnNh-RdrlZrPnG8gvt7WVhJMyANgURg0fssB91a8CEPuVYwKKz5EBZ9rs3qZTJM_heT0O8VjCsIHDVMxUmeVF_NXqMln3OLIxV7iqtPKWc2iE8Eym6FxizUY8HQoELOoiufykh4Pr3wjMcHEZyVsUpfPPBDpucJsqMZezQATSPecHl-I1JFkmZXqHCn0BAlz6mon8Ovc7iGwjdOqsbhIgcBtRKJrNy9mbdiFPa12ABB8r7m1RIvpnroSEnH0DTJrDsIZ8saNWrpVofQlegvnLFso4j_kAzoaEkybf5iwpyPKNVnVG96zJ9MRPUHFYvrZRrDwzXOAIeF4UJOnCR6SdG87cc2oa2gvDmJj3LJ2BWZZ3fDf4iB9U85D61bSIKeimVb9CETYMkx33lm_qvEz9esXozqP39n8vltvUa6eWHvQwtINJwS2yiEMB_osy3s5dz4PvfK9WX7IoXjy9RQHzn_Ti3gkMCkXn1ojjP2LMI8JoI_mG_J2dMuvrCyskxelWMyn_zPITlGlrR2QmHCtlQ5FEpq7o-D_2rnPl3NhMsu7JtoxNDqZEwTjS4DYQuu9uFgkYyFRk9Cr16L0JkNRaBkWY06JMZJPJ-kOhNe4RXqcAkERp1JNW7aSenEXFR-RgR-PcPPVG1H3TjW_8Obvhpq-8HJqixV-d-rbx7QelXwM1a3f7PriAyNH-JqApWfpR2NU5kT6SP1meYoCD8VmFsWEniNUettp1sHdz5600ojGi228e0NVsDFjhqSRD4awkZHoZXEV09p8_P_-VoWgrdw5xT0Cuj4H9dzKqCyjPCSNYAutakJOpBhK0-PABacfYtpbIOfRCBmTdW1DO2SjDmj51MJrvJh0YyHZp-V9CoGuorSCCn0qXbER_UoCHa6OU9GSLBSwUjPLQZsJb0_HHyhI3FzrBjDoqcTU6lXgYWKp9NNV8Q_k-dHdTCEAeHFEWmchaJeXmnsABPA95Dn3-Yt2eUvJ5asBXNXjuCuNBz4nRLjvSOHVADtq64uZz0W_k00L7lbVolbjEzHVBq2wsy_Qoq2xPpiotXMEyxTtIgEBfAG-HWbrvxP1c-e_DTYXmJXCElE_9zJoOUW3HG0agmLBqY0nGKGHDtB4RO-Lkq0XQtcldoXDBtrrzENOnEo7DDswPAyGhhApHWKYW1i9Q6tb-ilz6D4kikZtBjjMjTDoPa6piVs_E6tlDVPapIB_yniiW_b4lcAYrMCNf80nlcQHLG5b5Nyd-fsZJpYV2Okp3zoB3ZTh4ChfRYxOzPcAE_8Bx7LnPEfffjNwOYMl-Ydj6B5VMcbAfBwx32eE2GUyvkyAMq39OlKJ1YSlDC0sPBcL-9oWxI88DUgc74i4MSXxKOQI6yTj148xfKKgidWFt6Lh4lByWyQqyA_7MYnplymZA4BFirhc71j_5XoWODcAC5IbL_cBwCM4LidyvEvvfH6BG0Qw2zgjyH_yjgQ2SqBiBLOFizDky59RkPPcoH3nWbTdQDtDZ2AJPMETXZCrQoDFrrmVJXmdDvfY-vLlNPyUyc0t2ezZezuj2i8Ri4glXx35IgntoZvDzwTCs9LlzDmVB63ahFXBK949wv5b2FupggoAkUPW7FSNFUpGdEVV8EYuiy49UM8Y3GbXalu4Hg_tCYO1OUEdPhGD8_nPgR6lmgcx9Dk9PQn6G8nB8BKog3riEr1UqB0K_kykOTu-Z4ntDn2mWh_UeiD686i8Y3ntDp7TWOt4IZe_e7-aVWFE1qrNkl3f78xQ7ajgEvLkdzs5a-ZgruWltThFACsO1ht7seIbxtNF9kibm0SdRFKvvfWjPs3eKDH7rg-QgCpbLYWjMxKzNq5b-PDojWgWiTzHtwSj83Jl0kOZ9yxHxQz4hhRIbzPeNMtgIflLkdJMPjlHMoYzwBPCLG8RRWBjFEbomHauR5tNuNqiRVx0dwv-qb4Dm_Tw3BS0s_lYHCjqz8v0Q5pZn7XrNQ9SMFBnpmzJSCj_oBVaXJbn33ei7h5fDMPh2WWi4CaiiIXHbrjhnwV9afVdhbBvUEUbBW_qwvM9qISq5ucGQZoOlO8ZcbjwzEhng9bAqQwKU1LEEoIpd2HQpOJGm215D2ZohHgJpYIj61CpRxYsD5KboeLiX-OnF7Cqm5aXp9NQNqgTxHWUN26TH6NK7U6S_0eLCKRe0WFiOM0dAMNqKW4t5GsngfzNQL2aQ1BW1w_siXnbTujI75TdP79INhMC1tZrtrN_YzzyVQaxV_CjA7TUZobzEg3L5pmq-Y4_1MFMlT3XjYagzkuaV9SnEjRzjnLiSKz282LBpQWrtkcn80ooljulCC0Si-ZcxBAzfgBu8_aQ-57qM1g9KHflmnJXnqz812W3WryYsflFCYt4W_1t6wRsWbVV6HgaNsvLtl9dhcwNCnXBxH6tWC066GZGBMeOQqJTBCeaEZfU1rNfr7gevfeDI6puKeoEjTZSd3cpBvsMr9B1tNNyjvo_vOVj2A6oxBpOy2xBchE7sOKjjLyeLSdCg3vWIr3KTJjzfaZsnE4KZqAIG8jWSv8E4tpgKMIXsuaRwFbPSjF32DT78o04AURIW0XbyxZSddAqZXBFYcdJJavyIRHanbiIuyuhGgoUBO27Ed3aca-yvADMX86kIYXQj5I6QczhMWOqjfiljhRw6D322k2mduyXyks9LrEf2eXiv1NeIxir2pgCbacFEYOIah6YvlgOnrXkCyYnSURwDH1I6F3J5eWvwnNsHtDnEscNYW9Xapf2jat7UHcHsqNnhFf6aI81KrYUQiW0R6Mqu3C7pNfrZu-qZ_A1yoA1T0IqwRxfO4XQKICxkiUv_JyXhXgsuG4ev95yM0aMsm2VEWS0OhiwaIis5Qw_shh4aESP-ZkLUBb6Qc9gEWDElmeAkeytcIR9sP82xsmXpMkHliBcJDIaCgY8BF1xTs5I45UT8jkBtkZ_5c7dpnHfa0uGgeaYrhfkwNuJZYShbQ2T7SGsMCqPzK44y4jnYd_yJRworLTh1PCRtWIz_uax2rkObbc&cid=CAASFeRoOZ0sikO69vWCQFR15bdpVE-oXg&rfl=1%2Chttps%253A%252F%252Funimedia.info%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
sd
us-u.openx.net/w/1.0/ Frame AF40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECD1TdgjJtlHVFh7n1ExxoM&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECD1TdgjJtlHVFh7n1ExxoM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNW4vT6X-CKazmMHc-vU_LvnzF_x1lX8JUX566uFSai45x1hebwrmVMZztg71H38aaoe1ar1LETj8sjYLsDMKRTKUyTV-xypQqs4r0n6H8iy4FPhLfqkJWnNCxTFUppJeIQ-Z-VApJz5IIUQLKMqr2OY0HdqaYQIL5S3vnsWOPsDUkoHSXc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECD1TdgjJtlHVFh7n1ExxoM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF40
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODM4NmNlMDQtOWZiYS0yOGNjLWZlZDAtOWU3MDliNTU4NDQ2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODM4NmNlMDQtOWZiYS0yOGNjLWZlZDAtOWU3MDliNTU4NDQ2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNW4vT6X-CKazmMHc-vU_LvnzF_x1lX8JUX566uFSai45x1hebwrmVMZztg71H38aaoe1ar1LETj8sjYLsDMKRTKUyTV-xypQqs4r0n6H8iy4FPhLfqkJWnNCxTFUppJeIQ-Z-VApJz5IIUQLKMqr2OY0HdqaYQIL5S3vnsWOPsDUkoHSXc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODM4NmNlMDQtOWZiYS0yOGNjLWZlZDAtOWU3MDliNTU4NDQ2
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame AF40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEto-DNUQMzMZN9pQ5hP9AY&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEto-DNUQMzMZN9pQ5hP9AY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNW4vT6X-CKazmMHc-vU_LvnzF_x1lX8JUX566uFSai45x1hebwrmVMZztg71H38aaoe1ar1LETj8sjYLsDMKRTKUyTV-xypQqs4r0n6H8iy4FPhLfqkJWnNCxTFUppJeIQ-Z-VApJz5IIUQLKMqr2OY0HdqaYQIL5S3vnsWOPsDUkoHSXc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 23 Oct 2021 09:07:08 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEto-DNUQMzMZN9pQ5hP9AY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame AF40 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNW4vT6X-CKazmMHc-vU_LvnzF_x1lX8JUX566uFSai45x1hebwrmVMZztg71H38aaoe1ar1LETj8sjYLsDMKRTKUyTV-xypQqs4r0n6H8iy4FPhLfqkJWnNCxTFUppJeIQ-Z-VApJz5IIUQLKMqr2OY0HdqaYQIL5S3vnsWOPsDUkoHSXc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 23 Oct 2021 09:07:08 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 7443
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBU7lhv6biynT3vueMP-GnQ&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBU7lhv6biynT3vueMP-GnQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNVB5nJZSeBbIbFwiKMPHiRGsiJFZn5PalWrMlWdcNXaDHmvyQOqmCrsQoueso2007PyoWQbY2b6Uzs1881ceZEY-fq4ZEUzgAfWinmUS6vUuHJ1hNZvtvRC4LrZvh2tItqm3yt31ZVeV2Pi6kKPsDanRL3mpPN9ad2JpR-Ecz1j7IRd860
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:08 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
45
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBU7lhv6biynT3vueMP-GnQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7443
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTlkYmJlNDEtMzNlMC0xMWVjLWEyYmUtMTI1YjAxMzcwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTlkYmJlNDEtMzNlMC0xMWVjLWEyYmUtMTI1YjAxMzcwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNVB5nJZSeBbIbFwiKMPHiRGsiJFZn5PalWrMlWdcNXaDHmvyQOqmCrsQoueso2007PyoWQbY2b6Uzs1881ceZEY-fq4ZEUzgAfWinmUS6vUuHJ1hNZvtvRC4LrZvh2tItqm3yt31ZVeV2Pi6kKPsDanRL3mpPN9ad2JpR-Ecz1j7IRd860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTlkYmJlNDEtMzNlMC0xMWVjLWEyYmUtMTI1YjAxMzcwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
42
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 7443 		0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNVB5nJZSeBbIbFwiKMPHiRGsiJFZn5PalWrMlWdcNXaDHmvyQOqmCrsQoueso2007PyoWQbY2b6Uzs1881ceZEY-fq4ZEUzgAfWinmUS6vUuHJ1hNZvtvRC4LrZvh2tItqm3yt31ZVeV2Pi6kKPsDanRL3mpPN9ad2JpR-Ecz1j7IRd860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/55946/ Frame 26F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNXpyak69zJk0nVV39KDz1hq_DFNaXYt6NX1QudfKSOBmiYt_YfWIIhrpSwZkRaax4gGFMPLxLxUxj3-0AiEvdfHGCpER0e5LJYa4_MO3TOvJbCSC35RUzEKo88C7dKIvmuCMe1KHGZblTg5h1Yc7lo6wMJQ8cvGmKzAe-zJDKxFVorbmTE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
date
Sat, 23 Oct 2021 09:07:08 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 26F3
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5OWQxYjFlZS0zM2UwLTExZWMtYjI2MS0wMmJhZjc1ZTAwZjQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5OWQxYjFlZS0zM2UwLTExZWMtYjI2MS0wMmJhZjc1ZTAwZjQ%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNXpyak69zJk0nVV39KDz1hq_DFNaXYt6NX1QudfKSOBmiYt_YfWIIhrpSwZkRaax4gGFMPLxLxUxj3-0AiEvdfHGCpER0e5LJYa4_MO3TOvJbCSC35RUzEKo88C7dKIvmuCMe1KHGZblTg5h1Yc7lo6wMJQ8cvGmKzAe-zJDKxFVorbmTE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5OWQxYjFlZS0zM2UwLTExZWMtYjI2MS0wMmJhZjc1ZTAwZjQ%3D
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 26F3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS11OXNoQVpkRTJ1R1g3ZGx1MU9STTAuT1RuQkh2LkFFbX5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS11OXNoQVpkRTJ1R1g3ZGx1MU9STTAuT1RuQkh2LkFFbX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNXpyak69zJk0nVV39KDz1hq_DFNaXYt6NX1QudfKSOBmiYt_YfWIIhrpSwZkRaax4gGFMPLxLxUxj3-0AiEvdfHGCpER0e5LJYa4_MO3TOvJbCSC35RUzEKo88C7dKIvmuCMe1KHGZblTg5h1Yc7lo6wMJQ8cvGmKzAe-zJDKxFVorbmTE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 23 Oct 2021 09:07:08 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS11OXNoQVpkRTJ1R1g3ZGx1MU9STTAuT1RuQkh2LkFFbX5B
Connection
keep-alive
Content-Length
0
css
fonts.googleapis.com/ Frame 8E18 		4 KB
693 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&subset=cyrillic,cyrillic-ext,latin-ext
Requested by
Host: gemius.mgr.consensu.org
URL: https://gemius.mgr.consensu.org/cmp/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 08:49:24 GMT
server
ESF
date
Sat, 23 Oct 2021 09:07:08 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 09:07:08 GMT
bootstrap.min.css
gemius.mgr.consensu.org/cmp/ Frame 8E18 		89 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gemius.mgr.consensu.org/cmp/bootstrap.min.css
Requested by
Host: gemius.mgr.consensu.org
URL: https://gemius.mgr.consensu.org/cmp/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.21.22 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-146-59-21.eu
Software
GHC /
Resource Hash
442d3a3e50d3ba9ff07779c6f646b2af5d8ab545d1aa8287713d796c2ee84fbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 21:35:24 GMT
server
GHC
etag
"604D301C000162950B08C785"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
text/css
content-length
13646
expires
Sun, 24 Oct 2021 09:07:08 GMT
main.css
gemius.mgr.consensu.org/cmp/ Frame 8E18 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gemius.mgr.consensu.org/cmp/main.css
Requested by
Host: gemius.mgr.consensu.org
URL: https://gemius.mgr.consensu.org/cmp/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.21.22 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-146-59-21.eu
Software
GHC /
Resource Hash
e77ca398c3b17c3506b56ee871491f8822698bfce617cdfd8a78408a3375a07c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 21:35:24 GMT
server
GHC
etag
"604D301C000014852BABCE54"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
text/css
content-length
1646
expires
Sun, 24 Oct 2021 09:07:08 GMT
cmp_ui.js
gemius.mgr.consensu.org/cmp/ Frame 8E18 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gemius.mgr.consensu.org/cmp/cmp_ui.js
Requested by
Host: gemius.mgr.consensu.org
URL: https://gemius.mgr.consensu.org/cmp/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.21.22 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-146-59-21.eu
Software
GHC /
Resource Hash
44d0a23a590fd5365ca60ebc447433cbdeb8bab3e79fc517f501156660b83d30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 21:35:24 GMT
server
GHC
etag
"604D301C000139E4CE1E5835"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
24253
expires
Sun, 24 Oct 2021 09:07:08 GMT
sync
ups.analytics.yahoo.com/ups/55946/ Frame 1472
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNVpqYGkRreOv_E-A0xnupYEAwKHRmneukEfvTyZVHOeKQRTTOAvYYYPlC7r6IDUmeYom_j9pjEKRJPRTpTUB6ZfmcdxNG5BxjherNKVb745Wq6cyw3boXHNjkzou4kP3AIK3vKrnwVqsJfbuRIx-DzWUyhW6-FrKag1I8a88-hFgx-sB5c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED6reKsro9_L54IPS78VWC8&_origin=1&google_cver=1&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
date
Sat, 23 Oct 2021 09:07:08 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1472
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5OWQxYjFlZS0zM2UwLTExZWMtYjI2MS0wMmJhZjc1ZTAwZjQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5OWQxYjFlZS0zM2UwLTExZWMtYjI2MS0wMmJhZjc1ZTAwZjQ%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNVpqYGkRreOv_E-A0xnupYEAwKHRmneukEfvTyZVHOeKQRTTOAvYYYPlC7r6IDUmeYom_j9pjEKRJPRTpTUB6ZfmcdxNG5BxjherNKVb745Wq6cyw3boXHNjkzou4kP3AIK3vKrnwVqsJfbuRIx-DzWUyhW6-FrKag1I8a88-hFgx-sB5c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA5OWQxYjFlZS0zM2UwLTExZWMtYjI2MS0wMmJhZjc1ZTAwZjQ%3D
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1472
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS11OXNoQVpkRTJ1R1g3ZGx1MU9STTAuT1RuQkh2LkFFbX5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS11OXNoQVpkRTJ1R1g3ZGx1MU9STTAuT1RuQkh2LkFFbX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYq8_FlQEwAQ&v=APEucNVpqYGkRreOv_E-A0xnupYEAwKHRmneukEfvTyZVHOeKQRTTOAvYYYPlC7r6IDUmeYom_j9pjEKRJPRTpTUB6ZfmcdxNG5BxjherNKVb745Wq6cyw3boXHNjkzou4kP3AIK3vKrnwVqsJfbuRIx-DzWUyhW6-FrKag1I8a88-hFgx-sB5c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 23 Oct 2021 09:07:08 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS11OXNoQVpkRTJ1R1g3ZGx1MU9STTAuT1RuQkh2LkFFbX5B
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 56B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJSs3-clz2EQJB41XGGeBlU&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJSs3-clz2EQJB41XGGeBlU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNWM7lXZ0mdKqGwKf2o1AI2HfaaqvCNwnv9ww03XY5ACJ07m3LsQQQiMoFM80hF2SFNVCPTrfbg_HpyZlNcM1lCZc2PrAzjMZUZDamkq95VEg_qXMHlorg4kdw3ZWulJq4Lg-sbsHzN7uq46aj3O-B7txakhNlvKz3oXMbIfmMtBjKbthCc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJSs3-clz2EQJB41XGGeBlU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 56B8 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiz0Ki4ATAB&v=APEucNWM7lXZ0mdKqGwKf2o1AI2HfaaqvCNwnv9ww03XY5ACJ07m3LsQQQiMoFM80hF2SFNVCPTrfbg_HpyZlNcM1lCZc2PrAzjMZUZDamkq95VEg_qXMHlorg4kdw3ZWulJq4Lg-sbsHzN7uq46aj3O-B7txakhNlvKz3oXMbIfmMtBjKbthCc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:08 GMT
transfer-encoding
chunked
content-type
image/gif
truncated
/ Frame DB21 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94bc1ce7d5d171539522b0e463e968298731d20de48eaf3a7cbcd0a069808e17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5CEA 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d0bc602cca330cfa604600336f12b3631df01a23ed6fffeec9df5c85dcb4e07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 86DD 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0535da3a17085c3b4ba846bfc40d08bda9b8f15b4bbd22bcbd3a934f4d4d51f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
banner
ad13.adfarm1.adition.com/ Frame D79D 		569 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/banner?sid=4285696&adjsver=3&fvers=&iframe=1&ref=https%3A//unimedia.info/&ro=https%3A//98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/93.0.4577.63%20Safari/537.36&os=17&browser=11&userid=0&kid=2954778&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCabUIu9BzYY%5FUAf%2Dyx%5FAP37%2Da2A%2DvhYvOZK3DwJTkDvAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM%2DqAMBqgT0AU%5FQu5qZJTFbUP0SXjOLr1FA8MSi0ouf1AtSIOSszVqQWnDjUXXsW9Po9AYRXzMplvmyEYnNS3OL4b8ntJeoDIcEWNribciAnzu%5FgGRN9ikFlDqQ%2Dz4hdxJWtmL2Id2swhL8X0KWPlXxxGkQsL1%5FMMz7%2DyiruUcLbZpx4x0JzJOFJOPCIyeCwKlI%5FWmK6uB7mLeSWM13ONzLa4GpaFqm5uFccFVC7yNUYOFyQfrBbzhCW5Gh36AN%5FjacyOUNZQIYxA9if8RDswEWieQdtbQNzH0GyjwouvB6Vfy06tmNtWa%5FoRszsNIwtIQ%5FvPu2f1LM%5F8CA6PjABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB%5FDZG6gH8tkbqAeOzhuoB5PYG6gHugaoB%2D6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzc2NjAxNDM0NzQyMjcyNYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRobLptMq0O1nXld93VJzc1oduv%2DA%26sig%3DAOD64%5F1HtjHoLJJ2fcG1CvwZsOktKISQXA%26client%3Dca%2Dpub%2D7668309727589427%26dbm%5Fc%3DAKAmf%2DBrsKt4t6ng3GQXh%5FTxVpwbU1N3C%2DLgZXsoKnq%5Fm7g%2DtTppGompcs67h6FKd3srd%5F3TvCfgOEa242enM584jAujYbVJrNU9yXwX1ajaRe1r1d%2DcnS6WYiWX1EA98lwQfDvQCpl7tS5vOVCh4sRLRUYsUz9oWg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDM4QoLlR8WlHQMhdoHM90c5Ko7qOSUUnW%2DknVFFs0%5FzFXagvyYQuXYZ2JnMm3n0mXNjFeNPUSIhz5qSVFN4HnzQ50AVN7%2DdFts4DgZhe6gSlorWFfto%5FAsGl0guv%5FOlzJz2dc%5FL4FywmfWaMk9xmstMphYR1ePk4IQ6lxYHf3v9Xq5ErhLGPX9zi2MCCHTlfuwU1b9hHwPseOsT%5FoEZK%5FN42mY9NIl4igHFANGVW7sLjKiBN4lbGkjeKX9hnzcWT9AQL5RS8bPOq4WWGpgoz5gfEOccV8WY%2Dr9xFn1RQQGzkPcIkHyHYMvOOZlBBoPfyL%5FBp%2DGh8WNTe3kIQTQfcfEbj4Z9q8wjGV%2De7JZ5mPP7jDaqUCaDFyZuxT8%2DI6ESLEkEFeZA8gQpKb99JfqDo5kiVls2cfU0kqGTO8MiYDMsbYkJPtMPraJcWW5GD79WWLZgQje%26adurl%3D
Requested by
Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285696&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCabUIu9BzYY_UAf-yx_AP37-a2A-vhYvOZK3DwJTkDvAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgT0AU_Qu5qZJTFbUP0SXjOLr1FA8MSi0ouf1AtSIOSszVqQWnDjUXXsW9Po9AYRXzMplvmyEYnNS3OL4b8ntJeoDIcEWNribciAnzu_gGRN9ikFlDqQ-z4hdxJWtmL2Id2swhL8X0KWPlXxxGkQsL1_MMz7-yiruUcLbZpx4x0JzJOFJOPCIyeCwKlI_WmK6uB7mLeSWM13ONzLa4GpaFqm5uFccFVC7yNUYOFyQfrBbzhCW5Gh36AN_jacyOUNZQIYxA9if8RDswEWieQdtbQNzH0GyjwouvB6Vfy06tmNtWa_oRszsNIwtIQ_vPu2f1LM_8CA6PjABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzc2NjAxNDM0NzQyMjcyNYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRobLptMq0O1nXld93VJzc1oduv-A%26sig%3DAOD64_1HtjHoLJJ2fcG1CvwZsOktKISQXA%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-BrsKt4t6ng3GQXh_TxVpwbU1N3C-LgZXsoKnq_m7g-tTppGompcs67h6FKd3srd_3TvCfgOEa242enM584jAujYbVJrNU9yXwX1ajaRe1r1d-cnS6WYiWX1EA98lwQfDvQCpl7tS5vOVCh4sRLRUYsUz9oWg%26cry%3D1%26dbm_d%3DAKAmf-DM4QoLlR8WlHQMhdoHM90c5Ko7qOSUUnW-knVFFs0_zFXagvyYQuXYZ2JnMm3n0mXNjFeNPUSIhz5qSVFN4HnzQ50AVN7-dFts4DgZhe6gSlorWFfto_AsGl0guv_OlzJz2dc_L4FywmfWaMk9xmstMphYR1ePk4IQ6lxYHf3v9Xq5ErhLGPX9zi2MCCHTlfuwU1b9hHwPseOsT_oEZK_N42mY9NIl4igHFANGVW7sLjKiBN4lbGkjeKX9hnzcWT9AQL5RS8bPOq4WWGpgoz5gfEOccV8WY-r9xFn1RQQGzkPcIkHyHYMvOOZlBBoPfyL_Bp-Gh8WNTe3kIQTQfcfEbj4Z9q8wjGV-e7JZ5mPP7jDaqUCaDFyZuxT8-I6ESLEkEFeZA8gQpKb99JfqDo5kiVls2cfU0kqGTO8MiYDMsbYkJPtMPraJcWW5GD79WWLZgQje%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
4548a814aab9889f80fdc4b4969e22438b97b56ed1b340ad411530dd1ade5bb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 11:07:08 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame DB21 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 05:28:40 GMT
x-content-type-options
nosniff
age
185908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 05:28:40 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 86DD 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 05:28:40 GMT
x-content-type-options
nosniff
age
185908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 05:28:40 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 5CEA 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 05:28:40 GMT
x-content-type-options
nosniff
age
185908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 05:28:40 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0E2D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
79780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
z9erfcgupzvd
hal9000.redintelligence.net/zone/ Frame 83B5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/z9erfcgupzvd?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVzCqu9BzYZLUAf-yx_AP37-a2A-1zfmDV9zcuavlDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgSRAk_Q9ExBnr_DVTqWn0SZMO_dD_iOWnkjmFPpIsoh1YHOkQ5VUyu0gMVXJyWFF2hB2VXXhWSPKYuQ8buISNODAqDX0Xdyazs-jGZkCKBArf37CyR6SFhSK8ULdDjZffTBguK_3j3cSfM77YzYW5gA_50285y57NXGdnae4Db-un5JGU-PAETdef05WwAYtm1weJMgXvNpYNbzTvZCQ0BecMbDBpuc4jNhpXMDXxUnEJVmi--tDCD5lO7f-Bt2nU_Sl8MazwWFQA7XkP-cDYQoxYOEk6pufj8sm_XchA0lwy0uRbifW2QGzxi49J0sPY4buFUIox-AgCJ3VeRYg9szS7b0foMqB0QTyZNrnFTTb4SLUcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGAgTdaf2x9FbimiBPhd9qFmL_g%26sig%3DAOD64_0i3JgxmK93XyVezZFUPFjNjP0Sdg%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-DJ7V-NiUm-mhElTwOEKWntcse1-44lD2Wjq8OdbaxINHFzBOvpYDLpvtqqnO40NsTCsEREEXb8LnMQjHBtpK1PoIfpnahLbO_CGZcGHYqSaTUrOxgfjrtGsWhIn_Lvz0N9xVbVgodhVTx9u9TWyDIPWLVZLQ%26cry%3D1%26dbm_d%3DAKAmf-BJV9t0WbKkTmnDBOiLNaBOLFPUx14iiwK_bhOS3RNu41Ev9_ejQZQWjUkiv0_qW1oByFj6csf3BKcxLBsE6ZrmthW_weQZ4tYkygRG5-d8jyz1Hu7YnaJjE6bhISqKYEYfVz2lxy7hVd59_3Hoj0n64UEsCarYSE5L-BpqfEhFfJUQbN9Rtw1ljPxo4PYA8AYBNjM7KWx0yPHS2qJlFWw6vwrW7Y6Xx1nICZkFTrX8lMBFj3xCthqqeoaWHjtfM7958j7iyHUW_lW669BSDgsn0cBmyNchc2sOl6dS5FcKUL8ObY2gUjiqWR0_v_jVugTFlB5i5-mUonFT7iw1tkRi36JH52aPjhbJMEvS9eC_7MnDhN4DePG5eJyMg7bB1WTnk3vRTz923pFSd3pxXlgUitnLWGBwbMvWMTVgppQgtAGiVcamYzJvE6G_mmj5JcMUCsjJ%26adurl%3D
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a7dfe17427d5d91f0651c6338e778faa89a7f1eb5784141d6be14c23eaef4be9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3984
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
banner
ad13.adfarm1.adition.com/ Frame 60BD 		569 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/banner?sid=4285696&adjsver=3&fvers=&iframe=1&ref=https%3A//unimedia.info/&ro=https%3A//98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/93.0.4577.63%20Safari/537.36&os=17&browser=11&userid=0&kid=2954778&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrWn3u9BzYZPUAf%2Dyx%5FAP37%2Da2A%2DvhYvOZK3DwJTkDvAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM%2DqAMBqgT0AU%5FQHdlK%2Dy0SdUaaD6lUq0our03xUKu9mJccc3Mj%5FtDcyGnU0iquHktjdFlzh9%2DNHxWlDvaItZZZqM%2DfXU5pA67GhIy%2Dqhkyfmk0Z48JAc0HTzob5c4ABFdRfX2CcpYR%5FL26fLItas%2DToMHKgU5UtDco%5FOZpnjD4VgEBSLiiArKrIEgNCFt80DJHBYOQnu%5FRp1FwnUU8yG6FJx8cdp%5FqxmLfM%5F%5F5fyKnAbP3%5FSuC918sBX%2DBuhcWDP74dq8vp9JyldZLCaKas%5F%2DMREkgd37pEN4C8GrUaxTBKtgnRBKLnxqb0QLZRSX92iH4fdM4QVFP3s%2DFOCLABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB%5FDZG6gH8tkbqAeOzhuoB5PYG6gHugaoB%2D6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzc2NjAxNDM0NzQyMjcyNYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoBF6zFQUNtGyl%2DGTGVtzh4SxSZQ%26sig%3DAOD64%5F1WlyelH4XK1n6xt4SKAriWq5FNAA%26client%3Dca%2Dpub%2D7668309727589427%26dbm%5Fc%3DAKAmf%2DDJc1%2DZjoibY%2D8kiv3DALQDxn00fk6d9Uj5fBki97HtcsuJB8ZER6uevoBd06orHo2SB8Sbhwj8YCNCLK6uSU8kzQrGRf%5FuN7358IkBM06e1Y0FCGYFnt4vF3dUohMNfhCBjyhf4g0S32mJinNUKrYkCoLRQw%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA0DI9P8PsGZA8BmiYoHUA4Xc6qn57gayOah0Fh%2DMy5a4LL2CGOyR%5FRmfCOtTA16sOg%5FCD3PUlgPOlKjgWSeBEZSEf05mVU%5FcLKhDFBC5TNXMaydQNlN0Ds05y4LbMhO7uMvRlFjAPJC7FGjF2WieFlG239InuU%2DOTxiZ1jXQH1l20V0WeysnfTnEVFskzqQ4s5ZLjtCBNrE2U%2DQ7FR89ZQTEgCpkXbQacNdaKIr7HVFacKqvArj7IEa0mZswyIVYC22wARBC6punjojqgqd8HMTVgTgdBDT6Fjq0Ll%2DyEjv30CBlyF%2DmBE7Gic0dBv4Pb0EGwNPE4n2N%5FPj65m1ilbWWia4%2D2mfowZmJoX4raMN1j50n5UQryuy%2DMe0YcPaKjvFPClOi%2DHye6rcNBdllhr%2DJTr4s26Y229G2Ux1%2Dl7B29rfjk9%5F5jWs0h0dPLsIhPzeaXS%26adurl%3D
Requested by
Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285696&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCrWn3u9BzYZPUAf-yx_AP37-a2A-vhYvOZK3DwJTkDvAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgT0AU_QHdlK-y0SdUaaD6lUq0our03xUKu9mJccc3Mj_tDcyGnU0iquHktjdFlzh9-NHxWlDvaItZZZqM-fXU5pA67GhIy-qhkyfmk0Z48JAc0HTzob5c4ABFdRfX2CcpYR_L26fLItas-ToMHKgU5UtDco_OZpnjD4VgEBSLiiArKrIEgNCFt80DJHBYOQnu_Rp1FwnUU8yG6FJx8cdp_qxmLfM__5fyKnAbP3_SuC918sBX-BuhcWDP74dq8vp9JyldZLCaKas_-MREkgd37pEN4C8GrUaxTBKtgnRBKLnxqb0QLZRSX92iH4fdM4QVFP3s-FOCLABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzc2NjAxNDM0NzQyMjcyNYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoBF6zFQUNtGyl-GTGVtzh4SxSZQ%26sig%3DAOD64_1WlyelH4XK1n6xt4SKAriWq5FNAA%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-DJc1-ZjoibY-8kiv3DALQDxn00fk6d9Uj5fBki97HtcsuJB8ZER6uevoBd06orHo2SB8Sbhwj8YCNCLK6uSU8kzQrGRf_uN7358IkBM06e1Y0FCGYFnt4vF3dUohMNfhCBjyhf4g0S32mJinNUKrYkCoLRQw%26cry%3D1%26dbm_d%3DAKAmf-A0DI9P8PsGZA8BmiYoHUA4Xc6qn57gayOah0Fh-My5a4LL2CGOyR_RmfCOtTA16sOg_CD3PUlgPOlKjgWSeBEZSEf05mVU_cLKhDFBC5TNXMaydQNlN0Ds05y4LbMhO7uMvRlFjAPJC7FGjF2WieFlG239InuU-OTxiZ1jXQH1l20V0WeysnfTnEVFskzqQ4s5ZLjtCBNrE2U-Q7FR89ZQTEgCpkXbQacNdaKIr7HVFacKqvArj7IEa0mZswyIVYC22wARBC6punjojqgqd8HMTVgTgdBDT6Fjq0Ll-yEjv30CBlyF-mBE7Gic0dBv4Pb0EGwNPE4n2N_Pj65m1ilbWWia4-2mfowZmJoX4raMN1j50n5UQryuy-Me0YcPaKjvFPClOi-Hye6rcNBdllhr-JTr4s26Y229G2Ux1-l7B29rfjk9_5jWs0h0dPLsIhPzeaXS%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
4548a814aab9889f80fdc4b4969e22438b97b56ed1b340ad411530dd1ade5bb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 11:07:09 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C92A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
79781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
tci5pvsmwjd1
hal9000.redintelligence.net/zone/ Frame 3D25 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/tci5pvsmwjd1?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbTA4u9BzYZfUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QOI7e8KZSE5hXPvImgO_ZQC90u69PQuQddgMGTCZtKdS_UAx8PaS3OVISUB0Q-f0BZeAQY0F6MUkImcSJgnwdiys4guEFcNf-2LQ7oxh5mmJRTlTotgVQqQjM2MjKH1ELA1YmuXo5vSxhyOE3FfnBTaL_7NjCWJp27i2n8XUtBk0qZtG-kFmPyzGliEek05-FMfCXRp6smyqtvB1lG_yaWJekKFhYTrhN5nIcMOeA8WZJdZbwx0OVuNvKYi0Nnu5UIUbz9--7ESn8QxeFwzeX8L874SyboRPRVHNssSuCkDj1lt1GKbn_81Ya-j3nqLD2n8AEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoT8O19kwXo97v8XS1GK7wHqBqQA%26sig%3DAOD64_1u4bG4wggBW-Q0Drwa1beuXC7jbQ%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AShxRssTMGD8J_OTbP8i_-bUbhaZenMaWHJavi0-wTCiXjA_j0LQFTsBMCC9IgluyjqjkbZT_MmB8dvpbqTxrD0Ua19IoCS9WQqhFVkNNMeO7ne_SAAdZ4NgY8RU1vYcEn5_f0bLS_wDwY_luQLRutFlPX5g%26cry%3D1%26dbm_d%3DAKAmf-BmUGdx1mjr1ugHOVNSpK00l3tX5zy2PrHtgwWYSONSoi2XDmaOZM_4hLj_HlkHewyEsvAppir1ZZlDM53iy4AlOWqAwIIWGN_NOKRE7yPSbj-xk-g1ER1hFaqW6P5ZozkoOzcyJQGYi-M0wbrWX-IHbTt0NF93VaQkMwUm9RYq4LD-veqgnpr0eZnWsMG2YaZ0M5_s7zoy83OhuosEN0Ud_uprM2CHjzhfiT0A8ngADamt0YXRSF-9Pc-YnJnAcM1LYMexhdcWDzZdaca4iT_s3khbC84FWVO7nbSc6L0FWjWV5yfH0lVKfvY5ymZuYrJpZ5DamPkTjqLFHcaEvB_QUSe5vh5hzH80wjD2RZRkYq6IEVreRfLYbFiB7VOGGhhcJ91XcM5bIAlGlwce23fgJE1uQaLPRV87WM3LImmOErGkN2kYCepy7tsap1KLvJpcQmfg%26adurl%3D
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9596d870d9f3e46f4e1820365d383a1cb113d294193fb85c79efeef8d898e8df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3947
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
tci5pvsmwjd1
hal9000.redintelligence.net/zone/ Frame 1185 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/tci5pvsmwjd1?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHFqmu9BzYZbUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QjhzmxoJlWygA_kC97XxKQexT4Nw00vUIlWWGhjO8UYNfJMzHJD6snmi9uT67MYS6YQmXvxuRJQmVKQOotEgxlgIWFLzOdYQk5IXopMLOXOkfH5CGyIr4no7Os11FolhrlSKAVGj0y3cO_OjrOu-H-YuVY_xk0M8IIzTNVP97gwKm0AxXYPuXk2yLkVgl3DO5-hPBhd0Kj_60irQuCNbGuwZ1WQQqPUxMZAaWy8faepcwDA2_Y1y5wbV2ww44Ywttmgxvi6BwzRrx5qOqy6Bq8EeV0ZSqm0NUdJv6A_oCW_6gQ3P7JOOJZQf04Gp-QAR-QsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaQvfxYpWD9PSbRhLMyPRA5FkYg%26sig%3DAOD64_3KHE7mRTY_yBpSJSwtg8fyO0tORw%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AE1cBJK2PGdKP-_eYgh3az_kNqx-ImjUM6CNmtNwHOkfhfj-DvDlKxF2EjvH8f5APk5lxkoMkHLKEs7ZGuVALfpGPysrOwxJyGm-AawmYOlxQtxO95uoSUsrvVI9vrm6rjSaUgvraz2QrB5XaTe6M86VuDZw%26cry%3D1%26dbm_d%3DAKAmf-AG-H26x37iWOIl8toL8mRrkZtinXCn4t4Xc1czTdKbtdDPrrf8s6XxwrNniG0OUzKP5dOotyBqRBnQKSJjq8nD1mXXJgAPnNlWFPM0NxhcnAxYzidPrylPiAe5kTMIMt2tG-xnl5ugMPOat3WE3JpswlGtJ-K22eoGQu0LBymf4kHVAyrVQ5WGtouwNGYDN-8nF2xyvHHgwdU_SgKwYk7WG77hJiTykewe3Ahn6b0wLFDotcjJFNuMvDgLBW0N2E-pbDFdH7wDsUdczVf2RqKxIJcTBm0cZ2Ar9LQ9ZHNhUt6Ptf3okqfcX2ViIzuwIxZm0W46ARRKmnQzaEsrvtr1E7MKeiew4Dxz8d7h6ZepLI8V15Qib7IDw4_RR3CzgjM651uajlMt_sVAevTGR9mr6wfIe0O9fyzu7Edv-PykJO01fdXigf5E15pR-UxrlPOjkS8i%26adurl%3D
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b334208c2c07a36200a7733e478954455fcb1183e4952df04d8bd177e3010cc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3946
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5A0E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
79781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
banner
ad13.adfarm1.adition.com/ Frame 7EF8 		569 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/banner?sid=4285696&adjsver=3&fvers=&iframe=1&ref=https%3A//unimedia.info/&ro=https%3A//98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/93.0.4577.63%20Safari/537.36&os=17&browser=11&userid=7022185749888042216&kid=2954778&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkLWWu9BzYZjUAf%2Dyx%5FAP37%2Da2A%2DvhYvOZK3DwJTkDvAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM%2DqAMBqgT0AU%5FQURb3ZxVikSN%5Fgyn7lQPi6rC7yMWo%5FgMCXEPAhLH7fSqCLQ3n2B9qB9Xe0CeB2awyPAU9uEuLHhplSTwgpK%5F%2D7KMYObZIS6ukPbT%5F9Z0mLVElRCNLUlp45gQltFSszO1DxD1IJXBmkHH1LKW0F754guGfay3TDIj7epkOFqv80shMKQR%2DNQmCY31lIRz%5FP2B7v4Fa7e4gQdSNCl5Tl2%2DbKhYCeiDCDrf7QJsujel%5F%2DY607KTYQa5XUMF9pot6RYjAddXMQTugiJcu%2DJPAVe0qTXXdPjEoBWBr8YZNVSLFLT%5FPPw91dhd3U8d5RnNGLN53v17ABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB%5FDZG6gH8tkbqAeOzhuoB5PYG6gHugaoB%2D6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzc2NjAxNDM0NzQyMjcyNYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOZ0sikO69vWCQFR15bdpVE%2DoXg%26sig%3DAOD64%5F08MY9Wjxsp6DbP%2DqVdFegdZ2QDVg%26client%3Dca%2Dpub%2D7668309727589427%26dbm%5Fc%3DAKAmf%2DBUV0ZrQZowvkU6wOslafxTvRA22UhVwaRGZbjmTIzHjH%2D%5F0R1XItvcU7ct1evl8tl7774jeLgN44qNBkpRZNqy1iMdD56cI7lcqanm6NP7KAiUBmK4ZB0M0ApFya0djC6X1B%2DDMqYiP53IPWm5DidHeZY6LQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAALI0WxZVZlJZ1tt4WLBrlhoI7nd1%2DFeqB1SGNxXwIDfQUYjGqwbzay%5F2lyrIWGxS%2Dd2Ez8DP%2D%2DJdw53bgJie2%2DtkZKXIWvCWToHrvX%5FdP1zHvLgNwAWK9JvK1y0ddA%5FG16y0%2Df%5FtBqUNsdiqi4P55Rgkk5Hx4vG70SBXxwx7fcFQIhb2ZkImtZAXHWcE272fyCpYSKcus3IMMf%5F5%2DLw5iCrdFdxBhOUWgMUGeAqEpvKft7yBeoPHInbNJ1O7x6TysxXHN2YP3Pw9P3z7fMRSahogUzyKCHP4hK5D5l5%5FHrCyjPzotVUnGMIi%5F59yRlgexNO1lAfYPSEjTlZBU5png3wDAQoEeQoxufNCjPs%2DV3amZVF%2D1vOElyrDA%5F2FlouwBcB5AxP2KjbP1fhPqegy5eYDG%5FLpKldSeAIHvyAb8yRh9PWpWSv1BebIAZEnLxmTo5zA3%26adurl%3D
Requested by
Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285696&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCkLWWu9BzYZjUAf-yx_AP37-a2A-vhYvOZK3DwJTkDvAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgT0AU_QURb3ZxVikSN_gyn7lQPi6rC7yMWo_gMCXEPAhLH7fSqCLQ3n2B9qB9Xe0CeB2awyPAU9uEuLHhplSTwgpK_-7KMYObZIS6ukPbT_9Z0mLVElRCNLUlp45gQltFSszO1DxD1IJXBmkHH1LKW0F754guGfay3TDIj7epkOFqv80shMKQR-NQmCY31lIRz_P2B7v4Fa7e4gQdSNCl5Tl2-bKhYCeiDCDrf7QJsujel_-Y607KTYQa5XUMF9pot6RYjAddXMQTugiJcu-JPAVe0qTXXdPjEoBWBr8YZNVSLFLT_PPw91dhd3U8d5RnNGLN53v17ABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzc2NjAxNDM0NzQyMjcyNYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOZ0sikO69vWCQFR15bdpVE-oXg%26sig%3DAOD64_08MY9Wjxsp6DbP-qVdFegdZ2QDVg%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-BUV0ZrQZowvkU6wOslafxTvRA22UhVwaRGZbjmTIzHjH-_0R1XItvcU7ct1evl8tl7774jeLgN44qNBkpRZNqy1iMdD56cI7lcqanm6NP7KAiUBmK4ZB0M0ApFya0djC6X1B-DMqYiP53IPWm5DidHeZY6LQ%26cry%3D1%26dbm_d%3DAKAmf-AALI0WxZVZlJZ1tt4WLBrlhoI7nd1-FeqB1SGNxXwIDfQUYjGqwbzay_2lyrIWGxS-d2Ez8DP--Jdw53bgJie2-tkZKXIWvCWToHrvX_dP1zHvLgNwAWK9JvK1y0ddA_G16y0-f_tBqUNsdiqi4P55Rgkk5Hx4vG70SBXxwx7fcFQIhb2ZkImtZAXHWcE272fyCpYSKcus3IMMf_5-Lw5iCrdFdxBhOUWgMUGeAqEpvKft7yBeoPHInbNJ1O7x6TysxXHN2YP3Pw9P3z7fMRSahogUzyKCHP4hK5D5l5_HrCyjPzotVUnGMIi_59yRlgexNO1lAfYPSEjTlZBU5png3wDAQoEeQoxufNCjPs-V3amZVF-1vOElyrDA_2FlouwBcB5AxP2KjbP1fhPqegy5eYDG_LpKldSeAIHvyAb8yRh9PWpWSv1BebIAZEnLxmTo5zA3%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
4548a814aab9889f80fdc4b4969e22438b97b56ed1b340ad411530dd1ade5bb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 11:07:09 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
eab72a3e-f5ed-495e-a6de-44454348c605
https://unimedia.info/ Frame 8E18 		170 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://unimedia.info/eab72a3e-f5ed-495e-a6de-44454348c605
Requested by
Host: gemius.mgr.consensu.org
URL: https://gemius.mgr.consensu.org/cmp/cmp_ui.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36fb2dca0a62a8159bad5ed46aaa1ddbfcaac2a681ef4724166f9a82fb6d15a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
170
Content-Type
text/css
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8E18 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://unimedia.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
232528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:31:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8E18 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://unimedia.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:55:14 GMT
x-content-type-options
nosniff
age
112315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 01:55:14 GMT
icomoon.woff
gemius.mgr.consensu.org/cmp/ Frame 8E18 		2 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gemius.mgr.consensu.org/cmp/icomoon.woff?d4l514
Requested by
Host: gemius.mgr.consensu.org
URL: https://gemius.mgr.consensu.org/cmp/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.21.22 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-146-59-21.eu
Software
GHC /
Resource Hash
37bb0d26265bb2b4fabd21ac0940267ed8e3e7f188c5fe391e3862165b8ea5b1

Request headers

Referer
https://gemius.mgr.consensu.org/cmp/main.css
Origin
https://unimedia.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:09 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 21:35:24 GMT
server
GHC
etag
"604D301C00000688E33CA478"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin
https://unimedia.info
cache-control
public, max-age=86400
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
979
expires
Sun, 24 Oct 2021 09:07:09 GMT
jbmsh4a7sm5y
ad.ad-srv.net/zone/ Frame D79D 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/zone/jbmsh4a7sm5y?subid=&redirectClick=
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
961a5fac24390f152e2b3c5beb06ab1ac051587e53d7e5c1e23fd30ee6728b66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2658
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 06BF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
79781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0C07 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
79781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 61AD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
79781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
jbmsh4a7sm5y
ad.ad-srv.net/zone/ Frame 60BD 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/zone/jbmsh4a7sm5y?subid=&redirectClick=
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3c5d40223ce89f3ad30eaed53951e9db38cfc84781255abb1373fc60d47e970f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2658
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal90004.redintelligence.net/ Frame 83B5
Redirect Chain
  • https://hal90004.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=066588df6d&subid=&uid=b02af2ae0a705f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90004.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=066588df6d&subid=&uid=b02af2ae0a705f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=066588df6d&subid=&uid=b02af2ae0a705f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVzCqu9BzYZLUAf-yx_AP37-a2A-1zfmDV9zcuavlDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgSRAk_Q9ExBnr_DVTqWn0SZMO_dD_iOWnkjmFPpIsoh1YHOkQ5VUyu0gMVXJyWFF2hB2VXXhWSPKYuQ8buISNODAqDX0Xdyazs-jGZkCKBArf37CyR6SFhSK8ULdDjZffTBguK_3j3cSfM77YzYW5gA_50285y57NXGdnae4Db-un5JGU-PAETdef05WwAYtm1weJMgXvNpYNbzTvZCQ0BecMbDBpuc4jNhpXMDXxUnEJVmi--tDCD5lO7f-Bt2nU_Sl8MazwWFQA7XkP-cDYQoxYOEk6pufj8sm_XchA0lwy0uRbifW2QGzxi49J0sPY4buFUIox-AgCJ3VeRYg9szS7b0foMqB0QTyZNrnFTTb4SLUcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGAgTdaf2x9FbimiBPhd9qFmL_g%26sig%3DAOD64_0i3JgxmK93XyVezZFUPFjNjP0Sdg%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-DJ7V-NiUm-mhElTwOEKWntcse1-44lD2Wjq8OdbaxINHFzBOvpYDLpvtqqnO40NsTCsEREEXb8LnMQjHBtpK1PoIfpnahLbO_CGZcGHYqSaTUrOxgfjrtGsWhIn_Lvz0N9xVbVgodhVTx9u9TWyDIPWLVZLQ%26cry%3D1%26dbm_d%3DAKAmf-BJV9t0WbKkTmnDBOiLNaBOLFPUx14iiwK_bhOS3RNu41Ev9_ejQZQWjUkiv0_qW1oByFj6csf3BKcxLBsE6ZrmthW_weQZ4tYkygRG5-d8jyz1Hu7YnaJjE6bhISqKYEYfVz2lxy7hVd59_3Hoj0n64UEsCarYSE5L-BpqfEhFfJUQbN9Rtw1ljPxo4PYA8AYBNjM7KWx0yPHS2qJlFWw6vwrW7Y6Xx1nICZkFTrX8lMBFj3xCthqqeoaWHjtfM7958j7iyHUW_lW669BSDgsn0cBmyNchc2sOl6dS5FcKUL8ObY2gUjiqWR0_v_jVugTFlB5i5-mUonFT7iw1tkRi36JH52aPjhbJMEvS9eC_7MnDhN4DePG5eJyMg7bB1WTnk3vRTz923pFSd3pxXlgUitnLWGBwbMvWMTVgppQgtAGiVcamYzJvE6G_mmj5JcMUCsjJ%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=276268514023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ed878f6d9451207af1d62d958005786eda1319efae95948a99bbd09711991561

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
71774900049484600710618011756004
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
893
Expires
Sat, 23 Oct 2021 10:07:09 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=066588df6d&subid=&uid=b02af2ae0a705f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVzCqu9BzYZLUAf-yx_AP37-a2A-1zfmDV9zcuavlDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgSRAk_Q9ExBnr_DVTqWn0SZMO_dD_iOWnkjmFPpIsoh1YHOkQ5VUyu0gMVXJyWFF2hB2VXXhWSPKYuQ8buISNODAqDX0Xdyazs-jGZkCKBArf37CyR6SFhSK8ULdDjZffTBguK_3j3cSfM77YzYW5gA_50285y57NXGdnae4Db-un5JGU-PAETdef05WwAYtm1weJMgXvNpYNbzTvZCQ0BecMbDBpuc4jNhpXMDXxUnEJVmi--tDCD5lO7f-Bt2nU_Sl8MazwWFQA7XkP-cDYQoxYOEk6pufj8sm_XchA0lwy0uRbifW2QGzxi49J0sPY4buFUIox-AgCJ3VeRYg9szS7b0foMqB0QTyZNrnFTTb4SLUcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGAgTdaf2x9FbimiBPhd9qFmL_g%26sig%3DAOD64_0i3JgxmK93XyVezZFUPFjNjP0Sdg%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-DJ7V-NiUm-mhElTwOEKWntcse1-44lD2Wjq8OdbaxINHFzBOvpYDLpvtqqnO40NsTCsEREEXb8LnMQjHBtpK1PoIfpnahLbO_CGZcGHYqSaTUrOxgfjrtGsWhIn_Lvz0N9xVbVgodhVTx9u9TWyDIPWLVZLQ%26cry%3D1%26dbm_d%3DAKAmf-BJV9t0WbKkTmnDBOiLNaBOLFPUx14iiwK_bhOS3RNu41Ev9_ejQZQWjUkiv0_qW1oByFj6csf3BKcxLBsE6ZrmthW_weQZ4tYkygRG5-d8jyz1Hu7YnaJjE6bhISqKYEYfVz2lxy7hVd59_3Hoj0n64UEsCarYSE5L-BpqfEhFfJUQbN9Rtw1ljPxo4PYA8AYBNjM7KWx0yPHS2qJlFWw6vwrW7Y6Xx1nICZkFTrX8lMBFj3xCthqqeoaWHjtfM7958j7iyHUW_lW669BSDgsn0cBmyNchc2sOl6dS5FcKUL8ObY2gUjiqWR0_v_jVugTFlB5i5-mUonFT7iw1tkRi36JH52aPjhbJMEvS9eC_7MnDhN4DePG5eJyMg7bB1WTnk3vRTz923pFSd3pxXlgUitnLWGBwbMvWMTVgppQgtAGiVcamYzJvE6G_mmj5JcMUCsjJ%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=276268514023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
jbmsh4a7sm5y
ad.ad-srv.net/zone/ Frame 7EF8 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/zone/jbmsh4a7sm5y?subid=&redirectClick=
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
66a700616e3f6b00f32297d784bffe811065de7806f2b92251eca1cc4867e7ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2658
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal900030.redintelligence.net/ Frame 1185
Redirect Chain
  • https://hal900030.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=c0abe3fb0f&subid=&uid=074284f2ba4e9c79&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900030.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=c0abe3fb0f&subid=&uid=074284f2ba4e9c79&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900030.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=c0abe3fb0f&subid=&uid=074284f2ba4e9c79&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHFqmu9BzYZbUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QjhzmxoJlWygA_kC97XxKQexT4Nw00vUIlWWGhjO8UYNfJMzHJD6snmi9uT67MYS6YQmXvxuRJQmVKQOotEgxlgIWFLzOdYQk5IXopMLOXOkfH5CGyIr4no7Os11FolhrlSKAVGj0y3cO_OjrOu-H-YuVY_xk0M8IIzTNVP97gwKm0AxXYPuXk2yLkVgl3DO5-hPBhd0Kj_60irQuCNbGuwZ1WQQqPUxMZAaWy8faepcwDA2_Y1y5wbV2ww44Ywttmgxvi6BwzRrx5qOqy6Bq8EeV0ZSqm0NUdJv6A_oCW_6gQ3P7JOOJZQf04Gp-QAR-QsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaQvfxYpWD9PSbRhLMyPRA5FkYg%26sig%3DAOD64_3KHE7mRTY_yBpSJSwtg8fyO0tORw%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AE1cBJK2PGdKP-_eYgh3az_kNqx-ImjUM6CNmtNwHOkfhfj-DvDlKxF2EjvH8f5APk5lxkoMkHLKEs7ZGuVALfpGPysrOwxJyGm-AawmYOlxQtxO95uoSUsrvVI9vrm6rjSaUgvraz2QrB5XaTe6M86VuDZw%26cry%3D1%26dbm_d%3DAKAmf-AG-H26x37iWOIl8toL8mRrkZtinXCn4t4Xc1czTdKbtdDPrrf8s6XxwrNniG0OUzKP5dOotyBqRBnQKSJjq8nD1mXXJgAPnNlWFPM0NxhcnAxYzidPrylPiAe5kTMIMt2tG-xnl5ugMPOat3WE3JpswlGtJ-K22eoGQu0LBymf4kHVAyrVQ5WGtouwNGYDN-8nF2xyvHHgwdU_SgKwYk7WG77hJiTykewe3Ahn6b0wLFDotcjJFNuMvDgLBW0N2E-pbDFdH7wDsUdczVf2RqKxIJcTBm0cZ2Ar9LQ9ZHNhUt6Ptf3okqfcX2ViIzuwIxZm0W46ARRKmnQzaEsrvtr1E7MKeiew4Dxz8d7h6ZepLI8V15Qib7IDw4_RR3CzgjM651uajlMt_sVAevTGR9mr6wfIe0O9fyzu7Edv-PykJO01fdXigf5E15pR-UxrlPOjkS8i%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2145718163421&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
aba2d34f8ee7f4391060947f0adb24843cc72bb1fcc9af1b794a55571ee9d15e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
52064900045090200710586011756030
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
893
Expires
Sat, 23 Oct 2021 10:07:09 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=c0abe3fb0f&subid=&uid=074284f2ba4e9c79&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHFqmu9BzYZbUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QjhzmxoJlWygA_kC97XxKQexT4Nw00vUIlWWGhjO8UYNfJMzHJD6snmi9uT67MYS6YQmXvxuRJQmVKQOotEgxlgIWFLzOdYQk5IXopMLOXOkfH5CGyIr4no7Os11FolhrlSKAVGj0y3cO_OjrOu-H-YuVY_xk0M8IIzTNVP97gwKm0AxXYPuXk2yLkVgl3DO5-hPBhd0Kj_60irQuCNbGuwZ1WQQqPUxMZAaWy8faepcwDA2_Y1y5wbV2ww44Ywttmgxvi6BwzRrx5qOqy6Bq8EeV0ZSqm0NUdJv6A_oCW_6gQ3P7JOOJZQf04Gp-QAR-QsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaQvfxYpWD9PSbRhLMyPRA5FkYg%26sig%3DAOD64_3KHE7mRTY_yBpSJSwtg8fyO0tORw%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AE1cBJK2PGdKP-_eYgh3az_kNqx-ImjUM6CNmtNwHOkfhfj-DvDlKxF2EjvH8f5APk5lxkoMkHLKEs7ZGuVALfpGPysrOwxJyGm-AawmYOlxQtxO95uoSUsrvVI9vrm6rjSaUgvraz2QrB5XaTe6M86VuDZw%26cry%3D1%26dbm_d%3DAKAmf-AG-H26x37iWOIl8toL8mRrkZtinXCn4t4Xc1czTdKbtdDPrrf8s6XxwrNniG0OUzKP5dOotyBqRBnQKSJjq8nD1mXXJgAPnNlWFPM0NxhcnAxYzidPrylPiAe5kTMIMt2tG-xnl5ugMPOat3WE3JpswlGtJ-K22eoGQu0LBymf4kHVAyrVQ5WGtouwNGYDN-8nF2xyvHHgwdU_SgKwYk7WG77hJiTykewe3Ahn6b0wLFDotcjJFNuMvDgLBW0N2E-pbDFdH7wDsUdczVf2RqKxIJcTBm0cZ2Ar9LQ9ZHNhUt6Ptf3okqfcX2ViIzuwIxZm0W46ARRKmnQzaEsrvtr1E7MKeiew4Dxz8d7h6ZepLI8V15Qib7IDw4_RR3CzgjM651uajlMt_sVAevTGR9mr6wfIe0O9fyzu7Edv-PykJO01fdXigf5E15pR-UxrlPOjkS8i%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2145718163421&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
request.php
hal90008.redintelligence.net/ Frame 3D25
Redirect Chain
  • https://hal90008.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=1790267bd8&subid=&uid=c507d8e166e53dac&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90008.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=1790267bd8&subid=&uid=c507d8e166e53dac&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=1790267bd8&subid=&uid=c507d8e166e53dac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbTA4u9BzYZfUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QOI7e8KZSE5hXPvImgO_ZQC90u69PQuQddgMGTCZtKdS_UAx8PaS3OVISUB0Q-f0BZeAQY0F6MUkImcSJgnwdiys4guEFcNf-2LQ7oxh5mmJRTlTotgVQqQjM2MjKH1ELA1YmuXo5vSxhyOE3FfnBTaL_7NjCWJp27i2n8XUtBk0qZtG-kFmPyzGliEek05-FMfCXRp6smyqtvB1lG_yaWJekKFhYTrhN5nIcMOeA8WZJdZbwx0OVuNvKYi0Nnu5UIUbz9--7ESn8QxeFwzeX8L874SyboRPRVHNssSuCkDj1lt1GKbn_81Ya-j3nqLD2n8AEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoT8O19kwXo97v8XS1GK7wHqBqQA%26sig%3DAOD64_1u4bG4wggBW-Q0Drwa1beuXC7jbQ%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AShxRssTMGD8J_OTbP8i_-bUbhaZenMaWHJavi0-wTCiXjA_j0LQFTsBMCC9IgluyjqjkbZT_MmB8dvpbqTxrD0Ua19IoCS9WQqhFVkNNMeO7ne_SAAdZ4NgY8RU1vYcEn5_f0bLS_wDwY_luQLRutFlPX5g%26cry%3D1%26dbm_d%3DAKAmf-BmUGdx1mjr1ugHOVNSpK00l3tX5zy2PrHtgwWYSONSoi2XDmaOZM_4hLj_HlkHewyEsvAppir1ZZlDM53iy4AlOWqAwIIWGN_NOKRE7yPSbj-xk-g1ER1hFaqW6P5ZozkoOzcyJQGYi-M0wbrWX-IHbTt0NF93VaQkMwUm9RYq4LD-veqgnpr0eZnWsMG2YaZ0M5_s7zoy83OhuosEN0Ud_uprM2CHjzhfiT0A8ngADamt0YXRSF-9Pc-YnJnAcM1LYMexhdcWDzZdaca4iT_s3khbC84FWVO7nbSc6L0FWjWV5yfH0lVKfvY5ymZuYrJpZ5DamPkTjqLFHcaEvB_QUSe5vh5hzH80wjD2RZRkYq6IEVreRfLYbFiB7VOGGhhcJ91XcM5bIAlGlwce23fgJE1uQaLPRV87WM3LImmOErGkN2kYCepy7tsap1KLvJpcQmfg%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=3150166527217&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e68cb3ddf5ec12a184f9983423edcd6810bc848e06b22a058755a0f189335376

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
29298500047020000710586011756008
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
895
Expires
Sat, 23 Oct 2021 10:07:09 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=1790267bd8&subid=&uid=c507d8e166e53dac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbTA4u9BzYZfUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QOI7e8KZSE5hXPvImgO_ZQC90u69PQuQddgMGTCZtKdS_UAx8PaS3OVISUB0Q-f0BZeAQY0F6MUkImcSJgnwdiys4guEFcNf-2LQ7oxh5mmJRTlTotgVQqQjM2MjKH1ELA1YmuXo5vSxhyOE3FfnBTaL_7NjCWJp27i2n8XUtBk0qZtG-kFmPyzGliEek05-FMfCXRp6smyqtvB1lG_yaWJekKFhYTrhN5nIcMOeA8WZJdZbwx0OVuNvKYi0Nnu5UIUbz9--7ESn8QxeFwzeX8L874SyboRPRVHNssSuCkDj1lt1GKbn_81Ya-j3nqLD2n8AEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoT8O19kwXo97v8XS1GK7wHqBqQA%26sig%3DAOD64_1u4bG4wggBW-Q0Drwa1beuXC7jbQ%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AShxRssTMGD8J_OTbP8i_-bUbhaZenMaWHJavi0-wTCiXjA_j0LQFTsBMCC9IgluyjqjkbZT_MmB8dvpbqTxrD0Ua19IoCS9WQqhFVkNNMeO7ne_SAAdZ4NgY8RU1vYcEn5_f0bLS_wDwY_luQLRutFlPX5g%26cry%3D1%26dbm_d%3DAKAmf-BmUGdx1mjr1ugHOVNSpK00l3tX5zy2PrHtgwWYSONSoi2XDmaOZM_4hLj_HlkHewyEsvAppir1ZZlDM53iy4AlOWqAwIIWGN_NOKRE7yPSbj-xk-g1ER1hFaqW6P5ZozkoOzcyJQGYi-M0wbrWX-IHbTt0NF93VaQkMwUm9RYq4LD-veqgnpr0eZnWsMG2YaZ0M5_s7zoy83OhuosEN0Ud_uprM2CHjzhfiT0A8ngADamt0YXRSF-9Pc-YnJnAcM1LYMexhdcWDzZdaca4iT_s3khbC84FWVO7nbSc6L0FWjWV5yfH0lVKfvY5ymZuYrJpZ5DamPkTjqLFHcaEvB_QUSe5vh5hzH80wjD2RZRkYq6IEVreRfLYbFiB7VOGGhhcJ91XcM5bIAlGlwce23fgJE1uQaLPRV87WM3LImmOErGkN2kYCepy7tsap1KLvJpcQmfg%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=3150166527217&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
request.php
ad20.ad-srv.net/ Frame D79D
Redirect Chain
  • https://ad20.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=118929cba0&subid=&uid=2e7caf7dde4525d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...
  • https://ad20.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=118929cba0&subid=&uid=2e7caf7dde4525d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad20.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=118929cba0&subid=&uid=2e7caf7dde4525d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=7711467202980&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
6d1e740094e4a3976656e113ae2cc4388d1318ea0779e16ca5bc5b0b247d88b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
30456700051313300383830011756020
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
733
Expires
Sat, 23 Oct 2021 10:07:09 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=118929cba0&subid=&uid=2e7caf7dde4525d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=7711467202980&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
request.php
ad9.ad-srv.net/ Frame 60BD
Redirect Chain
  • https://ad9.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=afd152f535&subid=&uid=19749eb90eed3f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60...
  • https://ad9.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=afd152f535&subid=&uid=19749eb90eed3f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad9.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=afd152f535&subid=&uid=19749eb90eed3f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2120648489351&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1fad29314732e7d4170eca79edb9e6b47f9cfd19d2a99819c2d5e2001aef6e59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
67107700042231300383830011756009
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
759
Expires
Sat, 23 Oct 2021 10:07:09 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=afd152f535&subid=&uid=19749eb90eed3f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2120648489351&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
request.php
ad26.ad-srv.net/ Frame 7EF8
Redirect Chain
  • https://ad26.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=8d204b26dd&subid=&uid=04435d73c2cb42c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...
  • https://ad26.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=8d204b26dd&subid=&uid=04435d73c2cb42c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad26.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=8d204b26dd&subid=&uid=04435d73c2cb42c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=6976127533840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
30d246a551cc995d513976a2ff452cd42d0913979aaa2b615076eb376e9b3460

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
87197800043783900383830011756026
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
734
Expires
Sat, 23 Oct 2021 10:07:09 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=8d204b26dd&subid=&uid=04435d73c2cb42c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=6976127533840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 0E2D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
129072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 21:15:57 GMT
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame C92A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
129072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 21:15:57 GMT
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 5A0E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
129072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 21:15:57 GMT
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 06BF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
129072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 21:15:57 GMT
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 0C07 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
129072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 21:15:57 GMT
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 61AD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
129072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 21:15:57 GMT
activityi;dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624
5994599.fls.doubleclick.net/ Frame 3320
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624?
392 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624?
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
59f2c4aa9affe036a6eb18e56920aa2b283c062132ca78d516d9b0e1aeb91d8b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Oct 2021 09:07:09 GMT
expires
Sat, 23 Oct 2021 09:07:09 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
324
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Oct 2021 09:07:09 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
request_content.php
hal900030.redintelligence.net/ Frame A13A 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900030.redintelligence.net/request_content.php?s=52064900045090200710586011756030&a=cbae9ef7
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=c0abe3fb0f&subid=&uid=074284f2ba4e9c79&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHFqmu9BzYZbUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QjhzmxoJlWygA_kC97XxKQexT4Nw00vUIlWWGhjO8UYNfJMzHJD6snmi9uT67MYS6YQmXvxuRJQmVKQOotEgxlgIWFLzOdYQk5IXopMLOXOkfH5CGyIr4no7Os11FolhrlSKAVGj0y3cO_OjrOu-H-YuVY_xk0M8IIzTNVP97gwKm0AxXYPuXk2yLkVgl3DO5-hPBhd0Kj_60irQuCNbGuwZ1WQQqPUxMZAaWy8faepcwDA2_Y1y5wbV2ww44Ywttmgxvi6BwzRrx5qOqy6Bq8EeV0ZSqm0NUdJv6A_oCW_6gQ3P7JOOJZQf04Gp-QAR-QsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoaQvfxYpWD9PSbRhLMyPRA5FkYg%26sig%3DAOD64_3KHE7mRTY_yBpSJSwtg8fyO0tORw%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AE1cBJK2PGdKP-_eYgh3az_kNqx-ImjUM6CNmtNwHOkfhfj-DvDlKxF2EjvH8f5APk5lxkoMkHLKEs7ZGuVALfpGPysrOwxJyGm-AawmYOlxQtxO95uoSUsrvVI9vrm6rjSaUgvraz2QrB5XaTe6M86VuDZw%26cry%3D1%26dbm_d%3DAKAmf-AG-H26x37iWOIl8toL8mRrkZtinXCn4t4Xc1czTdKbtdDPrrf8s6XxwrNniG0OUzKP5dOotyBqRBnQKSJjq8nD1mXXJgAPnNlWFPM0NxhcnAxYzidPrylPiAe5kTMIMt2tG-xnl5ugMPOat3WE3JpswlGtJ-K22eoGQu0LBymf4kHVAyrVQ5WGtouwNGYDN-8nF2xyvHHgwdU_SgKwYk7WG77hJiTykewe3Ahn6b0wLFDotcjJFNuMvDgLBW0N2E-pbDFdH7wDsUdczVf2RqKxIJcTBm0cZ2Ar9LQ9ZHNhUt6Ptf3okqfcX2ViIzuwIxZm0W46ARRKmnQzaEsrvtr1E7MKeiew4Dxz8d7h6ZepLI8V15Qib7IDw4_RR3CzgjM651uajlMt_sVAevTGR9mr6wfIe0O9fyzu7Edv-PykJO01fdXigf5E15pR-UxrlPOjkS8i%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2145718163421&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
742021605a688f0aecc6069c388189c63b5b732a7c6445a83e17a565025ba9b5

Request headers

Host
hal900030.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=43fe239c775bfb65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2334
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 1185 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b41f593701391fc21f1003f28ada2f94fb0d9aa0db9096ae9075f6334b246e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
activityi;dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831
5994599.fls.doubleclick.net/ Frame 3138
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831?
390 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831?
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
9686db9aaea4a39b7dd1bd668de63ebe9d0fb5e3fc8efdcf5c5f405ef219d0c2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Oct 2021 09:07:09 GMT
expires
Sat, 23 Oct 2021 09:07:09 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Oct 2021 09:07:09 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
request_content.php
hal90004.redintelligence.net/ Frame 4ACA 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request_content.php?s=71774900049484600710618011756004&a=5251b442
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=066588df6d&subid=&uid=b02af2ae0a705f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVzCqu9BzYZLUAf-yx_AP37-a2A-1zfmDV9zcuavlDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgSRAk_Q9ExBnr_DVTqWn0SZMO_dD_iOWnkjmFPpIsoh1YHOkQ5VUyu0gMVXJyWFF2hB2VXXhWSPKYuQ8buISNODAqDX0Xdyazs-jGZkCKBArf37CyR6SFhSK8ULdDjZffTBguK_3j3cSfM77YzYW5gA_50285y57NXGdnae4Db-un5JGU-PAETdef05WwAYtm1weJMgXvNpYNbzTvZCQ0BecMbDBpuc4jNhpXMDXxUnEJVmi--tDCD5lO7f-Bt2nU_Sl8MazwWFQA7XkP-cDYQoxYOEk6pufj8sm_XchA0lwy0uRbifW2QGzxi49J0sPY4buFUIox-AgCJ3VeRYg9szS7b0foMqB0QTyZNrnFTTb4SLUcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGAgTdaf2x9FbimiBPhd9qFmL_g%26sig%3DAOD64_0i3JgxmK93XyVezZFUPFjNjP0Sdg%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-DJ7V-NiUm-mhElTwOEKWntcse1-44lD2Wjq8OdbaxINHFzBOvpYDLpvtqqnO40NsTCsEREEXb8LnMQjHBtpK1PoIfpnahLbO_CGZcGHYqSaTUrOxgfjrtGsWhIn_Lvz0N9xVbVgodhVTx9u9TWyDIPWLVZLQ%26cry%3D1%26dbm_d%3DAKAmf-BJV9t0WbKkTmnDBOiLNaBOLFPUx14iiwK_bhOS3RNu41Ev9_ejQZQWjUkiv0_qW1oByFj6csf3BKcxLBsE6ZrmthW_weQZ4tYkygRG5-d8jyz1Hu7YnaJjE6bhISqKYEYfVz2lxy7hVd59_3Hoj0n64UEsCarYSE5L-BpqfEhFfJUQbN9Rtw1ljPxo4PYA8AYBNjM7KWx0yPHS2qJlFWw6vwrW7Y6Xx1nICZkFTrX8lMBFj3xCthqqeoaWHjtfM7958j7iyHUW_lW669BSDgsn0cBmyNchc2sOl6dS5FcKUL8ObY2gUjiqWR0_v_jVugTFlB5i5-mUonFT7iw1tkRi36JH52aPjhbJMEvS9eC_7MnDhN4DePG5eJyMg7bB1WTnk3vRTz923pFSd3pxXlgUitnLWGBwbMvWMTVgppQgtAGiVcamYzJvE6G_mmj5JcMUCsjJ%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=276268514023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
116f15401f1668792e29d3c8b146f3e7036be9e8214199841b96346acd7bf04e

Request headers

Host
hal90004.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=43fe239c775bfb65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2332
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 83B5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba713a952f4435dceb23059e8f07a47c8906f786ff312540d9228b3035467a87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
activityi;dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868
5994599.fls.doubleclick.net/ Frame 5961
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868?
391 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868?
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
f85de7b4c14137129a8dfdb9e5d8c5d708231a644d8b0599ee290f61986898de
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Oct 2021 09:07:09 GMT
expires
Sat, 23 Oct 2021 09:07:09 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Oct 2021 09:07:09 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
request_content.php
hal90008.redintelligence.net/ Frame 1882 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=29298500047020000710586011756008&a=2272884f
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=tci5pvsmwjd1&nw=20&renderingType=javascript&namespace=1790267bd8&subid=&uid=c507d8e166e53dac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbTA4u9BzYZfUAf-yx_AP37-a2A-P4PiGU5W0i6TKDPAuEAEgktr5fGCV4pCCoAfIAQmpAtzYDnC1ibM-qAMBqgTzAU_QOI7e8KZSE5hXPvImgO_ZQC90u69PQuQddgMGTCZtKdS_UAx8PaS3OVISUB0Q-f0BZeAQY0F6MUkImcSJgnwdiys4guEFcNf-2LQ7oxh5mmJRTlTotgVQqQjM2MjKH1ELA1YmuXo5vSxhyOE3FfnBTaL_7NjCWJp27i2n8XUtBk0qZtG-kFmPyzGliEek05-FMfCXRp6smyqtvB1lG_yaWJekKFhYTrhN5nIcMOeA8WZJdZbwx0OVuNvKYi0Nnu5UIUbz9--7ESn8QxeFwzeX8L874SyboRPRVHNssSuCkDj1lt1GKbn_81Ya-j3nqLD2n8AEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc3NjYwMTQzNDc0MjI3MjWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoT8O19kwXo97v8XS1GK7wHqBqQA%26sig%3DAOD64_1u4bG4wggBW-Q0Drwa1beuXC7jbQ%26client%3Dca-pub-7668309727589427%26dbm_c%3DAKAmf-AShxRssTMGD8J_OTbP8i_-bUbhaZenMaWHJavi0-wTCiXjA_j0LQFTsBMCC9IgluyjqjkbZT_MmB8dvpbqTxrD0Ua19IoCS9WQqhFVkNNMeO7ne_SAAdZ4NgY8RU1vYcEn5_f0bLS_wDwY_luQLRutFlPX5g%26cry%3D1%26dbm_d%3DAKAmf-BmUGdx1mjr1ugHOVNSpK00l3tX5zy2PrHtgwWYSONSoi2XDmaOZM_4hLj_HlkHewyEsvAppir1ZZlDM53iy4AlOWqAwIIWGN_NOKRE7yPSbj-xk-g1ER1hFaqW6P5ZozkoOzcyJQGYi-M0wbrWX-IHbTt0NF93VaQkMwUm9RYq4LD-veqgnpr0eZnWsMG2YaZ0M5_s7zoy83OhuosEN0Ud_uprM2CHjzhfiT0A8ngADamt0YXRSF-9Pc-YnJnAcM1LYMexhdcWDzZdaca4iT_s3khbC84FWVO7nbSc6L0FWjWV5yfH0lVKfvY5ymZuYrJpZ5DamPkTjqLFHcaEvB_QUSe5vh5hzH80wjD2RZRkYq6IEVreRfLYbFiB7VOGGhhcJ91XcM5bIAlGlwce23fgJE1uQaLPRV87WM3LImmOErGkN2kYCepy7tsap1KLvJpcQmfg%26adurl%3D&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=3150166527217&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6d5d1dc3e9f8e928081f7a1d836d61f0508966593eccfc083d6c29fdc2415fce

Request headers

Host
hal90008.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=43fe239c775bfb65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1537
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 3D25 		222 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
669cce144b63aad58effc9739fae3ab42ac60de37afacd2f6b2f433a51d14b74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 323D 		42 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssro0xMMdeokcWjKfjn7n3iQG4w8jmIsHuyYqlJcQm-abs5dTreAnEUjqlq0umrsxZMLNLgLZ9zFYAFzUSZsFTXj2OeNTCXZryQOW_ozqhkeYP9peZSCg&sai=AMfl-YQqBIXdu61zO59JrX2LyRenUu8J6x2RfOYPBWALvD0oGwcpgz56RShvx7ON6hg-fu1QfwCN4cdXosMnd1akym_3EMd578zBbLMy_gWpC14BbGFDQ7bLR_ZyX_C34iA&sig=Cg0ArKJSzB9Uu_lJKHW6EAE&id=lidar2&mcvt=1144&p=277,1108,527,1408&mtos=1144,1144,1144,1144,1144&tos=1144,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=884896561&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634980027828&rpt=818&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ztpv.php
www.conrad.de/ Frame AD27
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&viewref=67107700042231300383830011756009
  • https://www.zenaps.com/cshow.php?pvr=9a84fb60-33e0-11ec-bb42-2234d33d3970&v=11354&r=473322&q=371931&s=2470208&viewref=67107700042231300383830011756009&pv=1
  • https://www.conrad.de/ztpv.php?awc=11354_473322_1634980029_9a84fb60-33e0-11ec-bb42-2234d33d3970&insert=AW
0
710 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.conrad.de/ztpv.php?awc=11354_473322_1634980029_9a84fb60-33e0-11ec-bb42-2234d33d3970&insert=AW
Requested by
Host: ad9.ad-srv.net
URL: https://ad9.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=afd152f535&subid=&uid=19749eb90eed3f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2120648489351&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
www.conrad.de
:scheme
https
:path
/ztpv.php?awc=11354_473322_1634980029_9a84fb60-33e0-11ec-bb42-2234d33d3970&insert=AW
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

date
Sat, 23 Oct 2021 09:07:10 GMT
content-type
text/html; charset=UTF-8
server-timing
intid;desc=1381cc9c3ae2d249 intid;desc=27980643d7b0eb67
cache-control
no-cache
expires
-1
set-cookie
HTLP_timestamp=1634980030; expires=Thu, 28-Oct-2021 09:07:10 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=YD; expires=Thu, 28-Oct-2021 09:07:10 GMT; Max-Age=432000; path=/; secure; SameSite=None __cf_bm=JAyzIWAIxFT4i4tlSmLnjP3d7rN2KBsT31tubAh7wiU-1634980030-0-AVSvEktxn4+6ujaujckVx5X3ywibFZGpXxgkge1Ye2Q4X4zlExtNmPDoq8uE6Ip/srXdt9MYjEuuHEDwG1Sz/Ko=; path=/; expires=Sat, 23-Oct-21 09:37:10 GMT; domain=.www.conrad.de; HttpOnly; Secure; SameSite=None
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
age
0
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a29d0447f2b599b-MXP
content-encoding
br

Redirect headers

Content-Length
0
Location
https://www.conrad.de/ztpv.php?awc=11354_473322_1634980029_9a84fb60-33e0-11ec-bb42-2234d33d3970&insert=AW
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Sat, 23 Oct 2021 09:07:10 GMT
Connection
keep-alive
Set-Cookie
awpv11354=473322|1634980029|9a84fb60-33e0-11ec-bb42-2234d33d3970;domain=.zenaps.com;path=/;expires=Tuesday, 26-Oct-2021 09:07:09 UTC;Secure;SameSite=None AWSESS=377134:2470208;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
/
htlp.emp.de/ Frame 9C86
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2481850&v=14172&q=372911&r=473322&pv=1&pref1=67107700042231300383830011756009
  • https://htlp.emp.de/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://htlp.emp.de/
Requested by
Host: ad9.ad-srv.net
URL: https://ad9.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=afd152f535&subid=&uid=19749eb90eed3f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2120648489351&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4600:c:6264:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bb77d20dd85b4bfae78affeef6ee91869bffa0ef53ed9c8ab9c2a526d0180c5

Request headers

:method
GET
:authority
htlp.emp.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

content-type
text/html
content-length
2647
last-modified
Wed, 08 Jul 2020 09:51:56 GMT
x-amz-version-id
Za5k1aCF3b8ugAP1.Dh5UJVd_ViDWDOf
accept-ranges
bytes
server
AmazonS3
date
Sat, 23 Oct 2021 09:07:05 GMT
cache-control
max-age=10
etag
"81767a046d18dbeec7092a1dbdc70325"
x-cache
Hit from cloudfront
via
1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
-4Jvf0S5NoFMQfBh8JgjweyxE10cbVmnNRA9HTFDrGpEJmuZWOmoDg==
age
5

Redirect headers

Content-Length
0
Location
https://htlp.emp.de/
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Sat, 23 Oct 2021 09:07:10 GMT
Connection
keep-alive
Set-Cookie
awpv14172=473322|1634980029|9a874550-33e0-11ec-bb42-2234d33d3970;domain=.awin1.com;path=/;expires=Sunday, 24-Oct-2021 09:07:09 UTC;Secure;SameSite=None AWSESS=372911:2481850;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
request_content.php
ad9.ad-srv.net/ Frame 0CD5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad9.ad-srv.net/request_content.php?s=67107700042231300383830011756009&a=dfa24774
Requested by
Host: ad9.ad-srv.net
URL: https://ad9.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=afd152f535&subid=&uid=19749eb90eed3f2f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=2120648489351&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
49aedf0d2ed7e26cb2d902508957b34027d563437f56b7a7305fd4d5fa59a44c

Request headers

Host
ad9.ad-srv.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
pwzdy6wsn8n7_uid=cab608e478d1e61a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1409
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 60BD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
974f8c100339d732875a896873a1593208d9c2f6faf30f3a17a7027cfe527f56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
onepixel.gif
tracking.mlsat02.de/ Frame 71B2
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=30456700051313300383830011756020&gdpr=&gdpr_consent=
  • https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1634980030_&cachebuster=1634980030&awv=11430_473322_1634980030_9a8b15e0-33e0-11ec-bab...
  • https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NDkzNzQ0MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzQ5ODAwMzBfOWE4YjE1ZTAtMzNlMC0xMWVjLWJhYjMtMjI2NWExNm...
  • https://tracking.mlsat02.de/onepixel.gif
43 B
130 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.mlsat02.de/onepixel.gif
Requested by
Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=118929cba0&subid=&uid=2e7caf7dde4525d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=7711467202980&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.178.130.209 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3169999.ip-51-178-130.eu
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

:method
GET
:authority
tracking.mlsat02.de
:scheme
https
:path
/onepixel.gif
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 09:07:10 GMT
content-type
image/gif
content-length
43
last-modified
Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubdomains;
P3P
CP="NOI CUR OUR STP"
Location
https://tracking.mlsat02.de/onepixel.gif
Content-Encoding
gzip
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Content-Length
20
Content-Type
text/html; charset=utf-8
Set-Cookie
viewvpnr=MetaPeople|pv-NDkzNzQ0MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzQ5ODAwMzBfOWE4YjE1ZTAtMzNlMC0xMWVjLWJhYjMtMjI2NWExNmYyYTI2Ow..|VB1049|59814|59814|1-1105148698||4001780; Expires=Tue, 26 Oct 2021 09:07:10 GMT; Path=/; Domain=.telekom.de; Secure; SameSite=None
Keep-Alive
timeout=3, max=100
Connection
Keep-Alive
request_content.php
ad20.ad-srv.net/ Frame 7A09 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad20.ad-srv.net/request_content.php?s=30456700051313300383830011756020&a=5cdd9d69
Requested by
Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=118929cba0&subid=&uid=2e7caf7dde4525d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=7711467202980&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
28b57430d45601b0b108648d15b4b604363b0ccf0007579af85e3e3365b41ab6

Request headers

Host
ad20.ad-srv.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
pwzdy6wsn8n7_uid=cab608e478d1e61a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

Date
Sat, 23 Oct 2021 09:07:09 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 23 Oct 2021 10:07:09 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1213
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame D79D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cbc081946e08345ee5c1be02ec05b9315f6ef5f601a8b8b6810ff70ad94bafa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
onepixel.gif
tracking.mlsat02.de/ Frame 519E
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=87197800043783900383830011756026&gdpr=&gdpr_consent=
  • https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1634980030_&cachebuster=1634980030&awv=11430_473322_1634980030_9a8d5fd0-33e0-11ec-bb4...
  • https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NDkzNzQ0MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzQ5ODAwMzBfOWE4ZDVmZDAtMzNlMC0xMWVjLWJiNDItMjIzNGQzM2...
  • https://tracking.mlsat02.de/onepixel.gif
43 B
129 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.mlsat02.de/onepixel.gif
Requested by
Host: ad26.ad-srv.net
URL: https://ad26.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=8d204b26dd&subid=&uid=04435d73c2cb42c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=6976127533840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.178.130.209 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3169999.ip-51-178-130.eu
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

:method
GET
:authority
tracking.mlsat02.de
:scheme
https
:path
/onepixel.gif
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 09:07:10 GMT
content-type
image/gif
content-length
43
last-modified
Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubdomains;
P3P
CP="NOI CUR OUR STP"
Location
https://tracking.mlsat02.de/onepixel.gif
Content-Encoding
gzip
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Content-Length
20
Content-Type
text/html; charset=utf-8
Set-Cookie
viewvpnr=MetaPeople|pv-NDkzNzQ0MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzQ5ODAwMzBfOWE4ZDVmZDAtMzNlMC0xMWVjLWJiNDItMjIzNGQzM2QzOTcwOw..|VB1049|59814|59814|1-1105148698||4001780; Expires=Tue, 26 Oct 2021 09:07:10 GMT; Path=/; Domain=.telekom.de; Secure; SameSite=None
Keep-Alive
timeout=3, max=100
Connection
Keep-Alive
request_content.php
ad26.ad-srv.net/ Frame 5025 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad26.ad-srv.net/request_content.php?s=87197800043783900383830011756026&a=2fe72ffb
Requested by
Host: ad26.ad-srv.net
URL: https://ad26.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=8d204b26dd&subid=&uid=04435d73c2cb42c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Funimedia.info%2F&ancestorOrigins=https%3A%2F%2Funimedia.info&random=6976127533840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1dd77de27040f07a1ed22418b04b01cba4e45b957f58cce1ef04e02d3b2d77e5

Request headers

Host
ad26.ad-srv.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
pwzdy6wsn8n7_uid=cab608e478d1e61a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 23 Oct 2021 10:07:10 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1213
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 7EF8 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cdb176b6ea197e55e4c6eca305f99acf081c4a88186e0c3d99f3e05ccb4f6e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ Frame 09F4 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=867719186706401&ev=Microdata&dl=https%3A%2F%2Fwww.privesc.eu%2FWidget%2Fembeded%2F%25C3%258Enregistrare%2FMoldova%2CParlament%2CGuvern%2CConferinte%2COfflineuri%2CEmisiuni%2CRIA%2CConcerte%2CRetransmisiuni%2CSport%2CMonden%2CAltele%2C&rl=https%3A%2F%2Funimedia.info%2F&if=true&ts=1634980030062&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hackathon%20%E2%80%9ESolu%C8%9Bii%20TECH%20pentru%20mediu%E2%80%9D%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&it=1634980027863&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.privesc.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 23 Oct 2021 09:07:10 GMT
50509831
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/50509831?wmode=0&wv-part=1&wv-hit=669207884&page-url=https%3A%2F%2Funimedia.info%2F&rn=568910920&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634980030%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A2021010230907010%3Au%3A1634980028802397076%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634980030&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
last-modified
Sat, 23-Oct-2021 09:07:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://unimedia.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 23-Oct-2021 09:07:11 GMT
50509831
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/50509831?wmode=0&wv-part=2&wv-hit=669207884&page-url=https%3A%2F%2Funimedia.info%2F&rn=860564014&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634980030%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A2021010230907010%3Au%3A1634980028802397076%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634980030&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
last-modified
Sat, 23-Oct-2021 09:07:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://unimedia.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 23-Oct-2021 09:07:11 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame A13A 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=52064900045090200710586011756030&a=cbae9ef7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900030.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 22 Oct 2022 13:09:50 GMT
160x600-MSSTORE-Office2016-Launch%20(2)%20(1).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame A13A 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/160x600-MSSTORE-Office2016-Launch%20(2)%20(1).jpg
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=52064900045090200710586011756030&a=cbae9ef7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
a6d1867d43b9fbb0217e51b5dc3ddd0a4292f937bfa66696f3eba26d1e64d0f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900030.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Last-Modified
Mon, 20 Jun 2016 09:24:22 GMT
Server
nginx
ETag
"5767b646-ba9e"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
47774
dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624
adservice.google.com/ddm/fls/z/ Frame 3320 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIX6h5-X4PMCFY_HUQodU0IPew;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1777560372980.4624?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 4ACA 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=71774900049484600710618011756004&a=5251b442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 22 Oct 2022 13:09:50 GMT
160x600-MSSTORE-Office2016-Launch%20(2)%20(1).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 4ACA 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/160x600-MSSTORE-Office2016-Launch%20(2)%20(1).jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=71774900049484600710618011756004&a=5251b442
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
a6d1867d43b9fbb0217e51b5dc3ddd0a4292f937bfa66696f3eba26d1e64d0f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Last-Modified
Mon, 20 Jun 2016 09:24:22 GMT
Server
nginx
ETag
"5767b646-ba9e"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
47774
dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831
adservice.google.com/ddm/fls/z/ Frame 3138 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPWLip-X4PMCFZqK1Qodk4APkA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=800075221864.831?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
160x600-MSSTORE-Office2016-Launch%20(2)%20(1).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 1882 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/160x600-MSSTORE-Office2016-Launch%20(2)%20(1).jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=29298500047020000710586011756008&a=2272884f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
a6d1867d43b9fbb0217e51b5dc3ddd0a4292f937bfa66696f3eba26d1e64d0f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Last-Modified
Mon, 20 Jun 2016 09:24:22 GMT
Server
nginx
ETag
"5767b646-ba9e"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
47774
viewability
hal90008.redintelligence.net/ Frame 1882 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=29298500047020000710586011756008&a=2ef2b59e&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=29298500047020000710586011756008&a=2272884f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=29298500047020000710586011756008&a=2272884f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 1882 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868
adservice.google.com/ddm/fls/z/ Frame 5961 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNCkjJ-X4PMCFcSc1QodEC4PmA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8618720724819.868?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
69250fcfc588cf5d7fc2147a4a4327c3
pv.medialead.de/trck/epv/ Frame 0CD5
Redirect Chain
  • https://pv.medialead.de/trck/epv/69250fcfc588cf5d7fc2147a4a4327c3&subid=67107700042231300383830011756009&ctrack=https%3A%2F%2Fad9.ad-srv.net%2Fc%2Fc2a54j76pi2k4og%3Ftprde%3D
  • https://pv.medialead.de/trck/epv/69250fcfc588cf5d7fc2147a4a4327c3?subid=67107700042231300383830011756009&ctrack=https%3A%2F%2Fad9.ad-srv.net%2Fc%2Fc2a54j76pi2k4og%3Ftprde%3D
698 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/69250fcfc588cf5d7fc2147a4a4327c3?subid=67107700042231300383830011756009&ctrack=https%3A%2F%2Fad9.ad-srv.net%2Fc%2Fc2a54j76pi2k4og%3Ftprde%3D
Requested by
Host: ad9.ad-srv.net
URL: https://ad9.ad-srv.net/request_content.php?s=67107700042231300383830011756009&a=dfa24774
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.19.7 / PHP/7.2.34
Resource Hash
6c01ac8caef5dd9a8ee7a13b94115e1a792556f65355456f2b2bc4e1d64be8c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains;preload, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad9.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
B9E817B5:45E7_91EFC182:01BB_6173D0BE_DA6FA:2A265
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40028
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-control
private
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive
timeout=20

Redirect headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
B9E817B5:45E7_91EFC182:01BB_6173D0BE_DA6F1:2A265
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
/trck/epv/69250fcfc588cf5d7fc2147a4a4327c3?subid=67107700042231300383830011756009&ctrack=https%3A%2F%2Fad9.ad-srv.net%2Fc%2Fc2a54j76pi2k4og%3Ftprde%3D
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
Haussicherheit_140x180
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame 0CD5
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470206&v=11354&q=371931&r=473322&pref1=67107700042231300383830011756009
  • https://www.zenaps.com/cshow.php?pvr=9ad58c60-33e0-11ec-bab3-2265a16f2a26&v=11354&r=473322&q=371931&s=2470206&viewref=67107700042231300383830011756009
  • https://asset.conrad.com/media10/isa/160267/c1/-/de/Haussicherheit_140x180?format=gif
37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.conrad.com/media10/isa/160267/c1/-/de/Haussicherheit_140x180?format=gif
Requested by
Host: ad9.ad-srv.net
URL: https://ad9.ad-srv.net/request_content.php?s=67107700042231300383830011756009&a=dfa24774
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.245 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-245.fra.llnw.net
Software
Cliplister GmbH /
Resource Hash
c94258c7e298951722d9fa11a848d1efcd13f4c07119dc453570f844c3f1ac96
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad9.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
etag
"615aa36d-9468"
last-modified
Mon, 04 Oct 2021 06:47:09 GMT
server
Cliplister GmbH
age
165841
date
Sat, 23 Oct 2021 09:07:10 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=172800
x-server
c11
reporting
eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjc0amVNdWNpQ3lkT185dWhsU0FiQkhxQVQiLCJ1dWlkIjoiYWIyOTU5YTUzZDBiNTRkNWRhODJlNThhNjc1NzU5OTNmIiwiYXNzZXR0eXBlIjoicGljdHVyZSJ9
x-llid
9a5da5e31f327da0b3ff2ea3eb364693
content-length
37992
accept-ranges
bytes
expires
Sat, 23 Oct 2021 11:03:09 GMT

Redirect headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://asset.conrad.com/media10/isa/160267/c1/-/de/Haussicherheit_140x180?format=gif
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
140x180.png
media.acfrg.com/banner/Affilinet/Logo/EMP/ Frame 0CD5
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2481855&v=14172&q=372905&r=473322&pref1=67107700042231300383830011756009
  • https://media.acfrg.com/banner/Affilinet/Logo/EMP/140x180.png
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.acfrg.com/banner/Affilinet/Logo/EMP/140x180.png
Requested by
Host: ad9.ad-srv.net
URL: https://ad9.ad-srv.net/request_content.php?s=67107700042231300383830011756009&a=dfa24774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:f800:13:99a2:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f50a9e6bc3e6b495d323fd384ca126c33f0e11c68edc8dc43939408c0404da6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad9.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 01:10:03 GMT
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
etag
"5c7d2f4c-2f61"
last-modified
Mon, 04 Mar 2019 13:59:40 GMT
server
nginx
age
28627
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
12129
x-amz-cf-id
4aN9YdbkQnpzS7sA4Ld692yPvmrABJe_-FCIqkRgbGTp94C6__WVTw==

Redirect headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://media.acfrg.com/banner/Affilinet/Logo/EMP/140x180.png
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
viewability
ad9.ad-srv.net/ Frame 0CD5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad9.ad-srv.net/viewability?s=67107700042231300383830011756009&a=a46e8b32&vb=m
Requested by
Host: ad9.ad-srv.net
URL: https://ad9.ad-srv.net/request_content.php?s=67107700042231300383830011756009&a=dfa24774
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad9.ad-srv.net/request_content.php?s=67107700042231300383830011756009&a=dfa24774
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
track.adform.net/adfscript/ Frame 7A09
Redirect Chain
  • https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556888&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950...
  • https://track.adform.net/adfscript/?bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fcbfv62j13jvyg0z%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
Requested by
Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=30456700051313300383830011756020&a=5cdd9d69
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f1fb34c5f53e9746bce63352305852f80bab5ade4d88a95406083ec0b816ba29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
825
expires
-1

Redirect headers

location
https://track.adform.net/adfscript/?bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fcbfv62j13jvyg0z%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
pragma
no-cache
date
Sat, 23 Oct 2021 09:07:10 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx
content-type
text/html; charset=UTF-8
expires
Sat, 26 Jul 1997 05:00:00 GMT
cshow.php
www.awin1.com/ Frame 7A09 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2950362&v=11430&q=361931&r=473322&pref1=30456700051313300383830011756020&gdpr=&gdpr_consent=
Requested by
Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=30456700051313300383830011756020&a=5cdd9d69
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
viewability
ad20.ad-srv.net/ Frame 7A09 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad20.ad-srv.net/viewability?s=30456700051313300383830011756020&a=8d6de6c1&vb=m
Requested by
Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=30456700051313300383830011756020&a=5cdd9d69
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/request_content.php?s=30456700051313300383830011756020&a=5cdd9d69
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
track.adform.net/adfscript/ Frame 5025
Redirect Chain
  • https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556888&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950...
  • https://track.adform.net/adfscript/?bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad26.ad-srv.net%2Fc%2Fcy9zgeyqa9fvy1d%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
Requested by
Host: ad26.ad-srv.net
URL: https://ad26.ad-srv.net/request_content.php?s=87197800043783900383830011756026&a=2fe72ffb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8b60230c130eeab6f96bbb62f9e59f831dafa0d8a4eb7e9b71311633fa25cbc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
822
expires
-1

Redirect headers

location
https://track.adform.net/adfscript/?bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad26.ad-srv.net%2Fc%2Fcy9zgeyqa9fvy1d%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
pragma
no-cache
date
Sat, 23 Oct 2021 09:07:10 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx
content-type
text/html; charset=UTF-8
expires
Sat, 26 Jul 1997 05:00:00 GMT
cshow.php
www.awin1.com/ Frame 5025 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2950362&v=11430&q=361931&r=473322&pref1=87197800043783900383830011756026&gdpr=&gdpr_consent=
Requested by
Host: ad26.ad-srv.net
URL: https://ad26.ad-srv.net/request_content.php?s=87197800043783900383830011756026&a=2fe72ffb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
viewability
ad26.ad-srv.net/ Frame 5025 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad26.ad-srv.net/viewability?s=87197800043783900383830011756026&a=525ca098&vb=m
Requested by
Host: ad26.ad-srv.net
URL: https://ad26.ad-srv.net/request_content.php?s=87197800043783900383830011756026&a=2fe72ffb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/request_content.php?s=87197800043783900383830011756026&a=2fe72ffb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
160x600_bg_27062011.gif
cdn.contentspread.net/kupona/creatives/ Frame 0CD5 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/kupona/creatives/160x600_bg_27062011.gif
Requested by
Host: ad9.ad-srv.net
URL: https://ad9.ad-srv.net/request_content.php?s=67107700042231300383830011756009&a=dfa24774
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
1cbf38da8d5e1d59a0fde805fa77444183bde3c24a29447cce14f8a2b56247a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad9.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Last-Modified
Wed, 29 Jun 2011 06:54:11 GMT
Server
nginx
ETag
"4e0acc13-4d9c"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
19868
view.aspx
pb.media01.eu/ Frame DBE3 		0
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=67107700042231300383830011756009&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/69250fcfc588cf5d7fc2147a4a4327c3&subid=67107700042231300383830011756009&ctrack=https%3A%2F%2Fad9.ad-srv.net%2Fc%2Fc2a54j76pi2k4og%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pb.media01.eu
:scheme
https
:path
/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=67107700042231300383830011756009&actionid=879111&produktid=ratenkredit&dt_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad9.ad-srv.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad9.ad-srv.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sat, 23 Oct 2021 11:07:10 GMT
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=ij4v0gomuigaijwrslnf2dbz; path=/; secure; HttpOnly; SameSite=None DTU=29F0FA31E3420C3F813274ABC1617497; expires=Mon, 23-Oct-2023 09:07:10 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sat, 23 Oct 2021 09:07:10 GMT
content-length
0
pb_ratenkredit_140x180.gif
ad-server.eu/wm/pb/rate/aktion/ Frame 0CD5 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_140x180.gif
Requested by
Host: ad9.ad-srv.net
URL: https://ad9.ad-srv.net/request_content.php?s=67107700042231300383830011756009&a=dfa24774
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
c70f82338a8faff742498b7a1dbfd44838a249aae369c4cf391786e899b579e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad9.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:11:03 GMT
Last-Modified
Mon, 11 Oct 2021 10:10:15 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"61640d87-57f7"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22519
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 7A09 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: tracking.mlsat02.de
URL: https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556888&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fcbfv62j13jvyg0z%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
347a0d49b43a9bec4b16456f0d191c5686424ec23842eb071f15894852296641

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:10 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 10:26:27 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 24 Oct 2021 12:42:42 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 5025 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: tracking.mlsat02.de
URL: https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556888&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad26.ad-srv.net%2Fc%2Fcy9zgeyqa9fvy1d%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
347a0d49b43a9bec4b16456f0d191c5686424ec23842eb071f15894852296641

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:10 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 10:26:27 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 24 Oct 2021 12:42:42 GMT
viewability
hal90004.redintelligence.net/ Frame 4ACA 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=71774900049484600710618011756004&a=28c34caa&vb=m
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=71774900049484600710618011756004&a=5251b442
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/request_content.php?s=71774900049484600710618011756004&a=5251b442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 4ACA 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
viewability
hal900030.redintelligence.net/ Frame A13A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900030.redintelligence.net/viewability?s=52064900045090200710586011756030&a=802a420e&vb=m
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=52064900045090200710586011756030&a=cbae9ef7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900030.redintelligence.net/request_content.php?s=52064900045090200710586011756030&a=cbae9ef7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:10 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame A13A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
/
track.adform.net/adfserve/ Frame 7A09 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fcbfv62j13jvyg0z%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__;js=1;adfxid=1x;8372;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Funimedia.info
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c2fee8ec6bbde4cf69247e003b0e9d53a3abeba37be8a9406e2b614b86780bf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2573
expires
-1
/
track.adform.net/adfserve/ Frame 5025 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=49556888;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950362&p=https%3A%2F%2Fad26.ad-srv.net%2Fc%2Fcy9zgeyqa9fvy1d%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__;js=1;adfxid=1x;3039;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Funimedia.info
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
26cd0b7a7b69efe09ad8d895ff9256f2792817184463faacfe618c14034372b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2581
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame C92A 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGGjTvNBzYdXgGdWt3gOmw4SoDwAAAAA4AeAEAg&bg=!VFelVxPNAAbUs_yW1LM7ACkAdvg8WlwfokN7CAI8gnrkpTK4QLa3G5sSbzivM3JrM1o02gnXT_JNaAIAAAVZUgAAAFhoAQcKAH4R_XGW9aFWlqOoBWM6x3Mm8zAqGtFan3fRZ8yjyIIqcR2OkjCAoGV1tU0kxyaSvwXbEz04caOALXA2D4_T6CU5q5CuO1agj9fsprcNRG5oQP0o_IeIx3pBaCFSBnut-Y-e-D8-vsXSTblq_PYouKaW7rmYCjqPjD7v2kpMaZuZAwoaoThFy0MHo5-UH79Tbb_o9YrNVIC84pv1lXreg_AB-sJeOH6QJiQuSf-NAVEGa8SXF_5BLPzpRoEXplXQPu2KAp2dEymfiGIHwrA2h7q-ARaHLHrhHZHgUoDDz7ibIHfQBOjo0v4BoEK7Y7mH3Vmw0mt9R0m621D8ASBqMipeAPTspma_YztkoQW2pWaKUdFG6aQ2_Cmqq6d1FREtQAexToNRmeDigYmhfNfVr_YfxnOOFzhL5J1It_94p11cunU0n359ZR1TML95wePjXZikceVayjFwuX1VwnltE59BR-Xmh3d-ySZUO5BtqCyD4Iu9UtlRsF9EoT0MLu-LuFwpy5637Czqb7MhmbappSfwjUhkkVuHiNygq3rR9zoh-Ne-gHEY3ULyZSE2gsaf8B86Bd7wVMII9s_O-l-PI_xAsTcQzmEDeALPC34uIGL-uYENYRTCm16i6M_BHl5pVlC5938BapXXgPqPWBSvOXdd3QecXLcp8iixWD6mSI5pE1gHp0J5Cbf8-Orz0E_gscQ0e3d8_qJ2unKuhLjdPB2-P1-sPEYc_8uUK6EciwvTu_3He5OGjXrS_4z1xU0PPKlWz8N8OvPl-ANck1eHalUTnEqboDLNqrxhW4JRGBemLNwf5iPITY2Ndrq1Xzz4Aq31JHvfDbV_gD5ooe3xWMqzmE7VC1PllCKY6SpsVCMykLIa7XR76D2qlJ_7AWcAvKSl16J1nWE782x2jFDl9oYyWHrEVVGuP935NpXApk59ptmpzqVKDoWzl3WqPHMB_sN1gC7DoM-X3yip1MDAM4lv-S1UtVj_GtwcQm4Sm6ZF3dCdieyP5NJf9t0W-3u8YtE3_QUzEvgnaH5h1dNtQfMFaxpc_sjnt9HDI-1TwKnejoK8rfn_Xbtlj25Lf8Nez_b35ImlwmkNlRF4pXG72iGM10KCJOJ9pAtel9V1hVx8z05bXdTZ0x-pCzUqAuPTNttpj01v5H0Pxayqj2iYJR1_PJt5gGKwzYi8Uq1tedDlaNHB66GGaBKAkqIB
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 06BF 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZQzVvNBzYf_FHsT53gPX86GoBwAAAAA4AeAEAg&bg=!NDelN3PNAAbUs_yW1LM7ACkAdvg8WrH4XgbJtdG4sqmDWXisYX6CjZ0aaJqLbLYlH0BTW6oIO2cj1gIAAAU5UgAAAEpoAQeZAyZ0unt1OuyQ25k_wUdJhfqrtvM-ZkozajIz3JcMX_YQEpAM2H3ybXlNqbg5AGdFFHiVruCY14JtZH8eB3tJSkdoo3jytQY2js3yv7ADqYaFq2XRyjeSKVsQyThC415KTDSTjxkQSH6ZyBXPfOcSn1IwQr5h7lWw2LCn6nFADhhV2MOG2XGlI5nB0qjcxcoa4sLgtZjpwOakblP6pk8MuihDy5m7DUJZjkNlKIx13A049en0YiDyNiJZUuahRA42uotv6E1WF-mM-TxI-LuCwgLAHqphIjyZsactE7iHaVnjwqKjVxoCAGPawACPjd-4RG7AbgmTWl2uF7-ICjkN1sgU8UGiO7fwaObuSG5caQRHcqXUop6O07R3S7j7AW-lpI2vcd5Yzm-8WQDXnqkpnJFg39X7Q0iyppiBbfzB9lFHKln1WpmSoyp3zzQ_XIidgJB9PxDHoVCdjnKorAOkfdpo4tSDxFyVFlgPiRkv--ezweni2--aCwvfqD74whkjGRChkhtVjtROYM-7Mxk3S_v2vyQySy8b_BZ0MsdXz0nen9yH8EZgJ6DQZ_r_hPHh4d2zF3QT8R9IDHg48usnve_jQgDLsaHVmRa9a04yZJvIo_TI74nfOWfyBWloJmhdpDZ094z_X3GSdnjyZcmI4j-wqvLZ-QhJYWAJUCwgiSxBdP7Sfa1L8-CkHb6k9qqm-RSvuGISsnvPBGS5cvekY0OTsC1REW1p46tMb0QXmpS0GDSNhkPLU54vowDcsudKVGDXErnyu0auoLO5Um0A61mptRVf1DtYtA0ExqOx3atO0bF1LbcXkkOffMdUvO4F_SVwYLN3uLjZ9Uo3dOGwFnXgQqpAl-pfnwABNZsHdfO4-h5Au4fku1WK6ush1f4qyvBInYVCosGNmRilCH9E1I9KidZFhQN_tHUnpH5pPRXHHP977_miWSzQrihBNiIELovL7tx7Vdju2iBfxGtniHYz2d8IABcDzE0-CrMcJhsPLgUm4A9QN_kBKPZRHbhCM9B16hsk2sEtNlJxF9KprdxLu-J-Rl4pCf83mqSAc_CFzgTfvNp8Ig
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C07 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BETQ6vNBzYdrbHqqYrATAuoKABwAAAAA4AeAEAg&bg=!U1ClUBTNAAbUs_yW1LM7ACkAdvg8Wpx_HU1evMHvulLV0_qWSWm3-BwxKbq9U-hjsj_OOu_jo9nXEAIAAAUsUgAAAEdoAQeZAwWLdNcyL1nzEL1LZmAUqWwPsNrEHwxRafz3TY9k6QZYPHwkVuf7gmsgyblSi-XgNXuVranL_ity_p_FqrUf7vwe9ZScd_r3O8JpK5kSSq-oIOj85QW4HY69neJzS1-_HqPzFIcKiX0onhwJqWqZM6Ujz4GPXmYOKSyFWbKKlIEv6fAYpg1OiOlb_qz-wwP6URuAf7RMPSfcLQz0h5033PD-qiWm--IxsqM-wCw7M-9VLVQ8sARaNzSbhHqu3vtOcX1NcGwPP_WgBryODbA1reStqQpMdkCCyfoz-WpeTR2Ano14Vo2f8Pfi90Zfu7kROMfGGcfNYm6qzBdvkg8nOR_mFx2YiTXraiRdgd-9FWsCApB6eSEEbp3EmI5TjJxOu4PGZDZUU9V9gOPv1hMskvR70dEolZ46WQVPH-UfpY9exKjpk93PpCGFQvQHQphtnYgIcs8ctuPQECRgsLyaCWNZowsDt3JzliOBdZ_z6ul5zyRJWVyo-lhbwFkOfkMLFWr1IxXit2W6mHcbhuKKqiCLlXwwxWnzOtsvs3pKSN_mw-LnTX36-n1EpKtEBr7KhAIs6rTuGWg8dtWrvYrOPPp_AoIDdYRxdsi0UIQ9pCKwJiMMQqXaIgGqttWeq9w6UdWU1Aq11JmsMq2FtqPwlAFy5mqL0h6GDb9mjNcpQ6AIsDOWeoHWI3RpV0hQwl7hvusxvW_-hlFgZUuzJ7bl90xho0tlT8xeSZsHATra5Q_EhC6_XDGhtURNQizbTY3O_Rc6vzONuosr0TjncedisYbTui26eERfl7pp3t7ZWxBTNKwaDI7jzRvWspAutYQKBg67S_RCeJEQj9qT70uaP8-VsVM2r2pOeHdxphUrc8YMKP7TvzFD1NizuMCtNgT8boeTph8xyOFW52ObgbuQOb2EARmbVG1em9Gsvnx3GKwjitPuXxKUemiTAQC1Fd6dOVBx9V7b78qh74BUoP2JMWfK1ZnRduCcRBABWX83dblxiBbCMnivTc6Lgx1luxV9eEfc8qq_2Q
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame 7A09 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=45031318&tg=fnmzbbxx&ckurl=1
Requested by
Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=30456700051313300383830011756020&a=5cdd9d69
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:11 GMT
Server
nginx
X-IPLB-Request-ID
B9E817B5:B827_334475B6:01BB_6173D0BF_540FA7D:1CADA
X-IPLB-Instance
36560
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-control
private
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive
timeout=20
908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame 5025 		43 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=48216095&tg=tvmtmtxx&ckurl=1
Requested by
Host: ad26.ad-srv.net
URL: https://ad26.ad-srv.net/request_content.php?s=87197800043783900383830011756026&a=2fe72ffb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:11 GMT
Server
nginx
X-IPLB-Request-ID
B9E817B5:B825_334475B6:01BB_6173D0BF_54103C6:1CADB
X-IPLB-Instance
36560
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-control
private
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive
timeout=20
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E2D 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bb49nvNBzYdDrFuWE3gO8pL3oCgAAAAA4AeAEAg&bg=!GxilGFzNAAbUs_yW1LM7ACkAdvg8Wrv-BG9Kqtrta7VXjotsiruRCmDLFqkCCLtC8Osr0qo3ePKeYAIAAAWmUgAAAEZoAQeZAvdFYTeWcJOWITs-7hGTRK6M2WRZVepeYSagOKpAokyC7MQdZGxl5DKj58eAEpOomZLZGYGqMqWHxwrCMPwkdsV7io9QzY3YRnNN34WuV07XSCwI2AI4I7iOIM-yX_6RMD0MdHYYB-OdB3Cb9Y9ozr4rBcaRx_CCeUC4XW2B2BG9FEvv8EpNpx5_RMhhJp4uMLKo-oWdFO-U_-iSLSXmAZwPDLLsKOuHrcVVlLyxV3XCEkTocLMEntcOQW2EykxwcWLtiDswWYvOCFWmlT-1cC3C8m6R18jz51HiVJhYy1ocnUGzxBGjrGFKO30v--XnXacT2YRzQdjDH0HtTujwrk7zllKeieCwTk2VjkY7h1EAR5he_h7GqZlpU4CgyyeXVtTj1gRsqd2hAJDfh8t5_7SUlOx2Bn7BtqBppq05XW4Iz4FWVZ4CqH8qD7rdICaheXLRy61se5og8IT24tQ4qZvV78c9ECpWNSpr9jaFRXLnd2IacLJW_r_2Lb9vNY31prFo-Uo5PGNO-YR_K_GSDWmbbjvFqoA4dV_IUGqm-7SmiXYeih8lpSRz-5DvleRWh3F00kaGy3-olFWoJXuJEQeTXS-w0Y8V3gwlMTZSP6zClnaQQ3JnaMehBWZs7Sm95GsAuSw5ubTMNAzDp0b8nHreKuJyxfPjpRgGHEWPRrTJwphCTVkwfGfKKh2WaUXJ0Hh_ngUmNHpVflBti-EJ8SU12TbwnWfoCc2MKPf-mS3sjCNOP3tH0AjNlIClj9In7V2EVd-wE3DWMbCSkyqkTHCvSxuE5fIglutWCEMAV6OECVHz4MrRoyIa81xGOdjSqmVA7ssnMvfq6qtVdOqAGFWLgZAgSfKw5iwB5q-eQH0Y5ZiEM22MdBTrtpSr9Ou9ORZK7lNsNqeoYvhAa1N_x1K6Ru4B6b0w-4M0tbtFljVyg9_m2zZ5fx133oGfzh2LWeAPa98V6pgrnB-uLmDbzz4V_j1YyDEQsIP3kUKb86OZ-K3HcS-EGDA
Requested by
Host: 98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
URL: https://98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A0E 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGgH3vNBzYf_wGsbw7gOu34y4CQAAAAA4AeAEAg&bg=!PT6lPnrNAAbUs_yW1LM7ACkAdvg8WtRv0ymNyktRwdufZCJ0xsUqS-4-xQEPG15jn1n_IolMdIshuwIAAAWvUgAAADBoAQeZAwQm81iLjTzr7tamC1HaekL7uEs6najcwYtdYI5rfs0-L2W-elxijyUraO6QET_hM_Cfyar-gdO2dP5MB5hVJDoYrY-1KpBsYs4s1I8zUWdCaHJwDMCYoGwdk_wKVhS3uglY8CaXWqPrj2qEzf8HUTICeGHQgbZa9An-zuVqs-BRefFencPxfd6lJ5wuH7tcpmGHOvHh-8Y0SdIAhjBrymrSGIajP2w5MRctPBqavJbF-qEX34xzwTroFjK8S4WaRThgKHQDdQydaFNq1eQpswX9iFM__LsQFOxnfTjRYHuZPuTBOiYxNn1GAYNMWARWAqjNIvT1Kx9Z36YD9RaG0fQqhQ9J0koFIHuoGwHCLchz2QvNGTuivZnQe_y4SWCZeIRvokQaMDFsswbfs2-xLIlHeabVEPO-iTH4IHwS4tMbanNQe7-A3FX22Zsx0qFPaoOlzQpqVDM1BcoNCFRj6ZD82u5le-kiedJfPxl_qwXYVWeD9BFj0foab_gUzOlKXI63jRZBezM7DF5iRxj6w_0uWmJieyNXzgC_jp47HGiththbSMr5oE2L27zllQ8NnlPmgpqTWZGymwBOjXrBpqXnnrclPOK3eAdypr7V-e-cZxAT8NjRJ0PNT2dRtraS-K-uC1xVRGxk7-Kx6yLCzdaNM7iDwh8z_nwnkq2xi3SStUPa3gb9qWsl7Zgaf0Di4dsHUw5mCCyEQQ5_nEsKi8irYSq77171JWKrNYyHXUPuxmL1Xud-9anK5W9CsInQBq2Hk6DTlHZAYz_knqxZcCMrf0AXOaDUm4LovCzewrOPv7U66V-YQsH6xBlrZarD-6cc5cqxN4-79MIP4h1x63HBg5GxIyQ7nZaPeVuxHsFOkMkq8Ll8k7msa5DlkfMAv1o8MOPk00DXaDlXuCxsI93ERd6rab9kJB4X6Pa2DMVXhFT4DNQhaBqV0rRD7IQENnOqcfWWP2CRfsrdtuFFjJp1FCTgRQGHyXuKq0233sVnJwg2ZjIeylW3c-_lH9o0lI4SWiWm
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61AD 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSsNcvNBzYeOyHpHH7_UPtcqBkAkAAAAAOAHgBAI&bg=!bW6lbirNAAbUs_yW1LM7ACkAdvg8WpbFssAjJmMan-OeklWCiDJfHhbctcd6Jf5m5hm7fyy2XQ3E7AIAAAS3UgAAAA5oAQcKAFh9LUGjX3CDSrXDrd0v7MQCswQ814B4cfnf6VfQsK80ZI6D2KpJBhroyESLLgPvYjLwZJ0SCwD2KBI42W6b_C7B15tU533S4dghKvDt4T-h2tp-bOChsHbZmQMkSPvyKAzYhlrWzUDYskHeJuvjIYOzmsOXHArpUJRHIhoFsTQ02TOCb-9VyOmmdLOSmDEPrD-xaeWKaUinozus0d77w_ait2fqTFhtx3PcpsYVxRV6bIZlU0kFgzr-uywmnTIlfza0USlj-HjoOeDMVlOchuJmEVPfPv8Bcw0uS_kePenJ6172o_C9xry913GE49Yx6ZciuzdD2fFZmn0zStjroEaaduJezFX-ET6Xuj7UAiG4caNeuF-_IN18hm_V0VTtrrRTrX79xfQScHqyDqwngyRSgTWYbCBzIsphwCBGIm9h5ArQH13nCX-OibBOWJvgSZoWqA6XguSToVsNkmK1F7Wcv0ZJJKpSB6QEEkP_3WIqTNMAgs43gEDRa9X0gqzUn7QIZc3xxfFWOref5mmB90WPMcUC8Y6RlDoNjCnrt6FTzHjWba5941zUnl4NM5Wxgg9PlPhV2WrVKXpDSHjze1ynW7D8UyFN-9Yl0tgPe4Sr_X2qOOzEusp4YleMJFAhK40nDA3BYHoBWHG37S20rU-I72hfr80PT5dBU4YahY_sbwixfFVmH-cuKPi0S0QAxtVxemM6YBeGlruY4UEjlD4qzdgVuArWBNbzUVAidQ65X2aHff7yWFO0q7B1Do9QUrsupzsMjpB3DinkOmSr07u_3u5R_XaI4o6LSU4wSfklh-40VV1p6MNO42esEfmZcz9yQxvf3lzJFx8GMyHwkOU0l9vdZiGWXH25Qko1H21HImPvo6K_BiZ6YQlNzQ5XNeXy-hYJQi03XKSEmLbAYOIKWMSmHhob801_83wX4TNI5ZOEwqb0mOl_en1HNl8AZ0G40eLxA0sFC4LC9A0w1OgC0JxKnFjYHRK24VgRdNsWn7oeFOln6Kz3KG-UJMaKSVpIVb82vyKuSQZ4NEAtIEQQ6-YqvrtRAgZaqnePb071OUnjGZCY_7KxBbgU9ANv0st5yzVZVx8P9F1Byl_sn0I6nboBou91_PEpRxDEoDD5gqUYf8ToG3YdktwSok6ey9BqB_LAaMjcgCQJeI6vCObY-ISDknRhpoB3BgDAylk8
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 7A09 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
77c2368bf2ffc631d283449cff14c6b7c49670827e659bbe04aaf6b65ac13f57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:10 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 10:26:27 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 24 Oct 2021 12:42:43 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 5025 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
77c2368bf2ffc631d283449cff14c6b7c49670827e659bbe04aaf6b65ac13f57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:10 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 10:26:27 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 24 Oct 2021 12:42:43 GMT
/
track.adform.net/csimpr/ Frame 7A09 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=49556888&csi=uT_dSVMBzZxUyym81A-_r7NuoEHxrTyVWbSfOePB9crrygPkIxxfk8WmopTeuozUQBl33pxM294NKgmvZP5rZ96vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ad20.ad-srv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ad20.ad-srv.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
9645720.js
s1.adform.net/Banners/Elements/Files/2068258/9645720/ Frame CEEE 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2068258/9645720/9645720.js?ADFassetID=9645720&bv=514
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d6913a8a5db6be38f85cb71d69b13d60d4848fdea569c31ab1a76363f2810ce0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 14:12:28 GMT
server
nginx
etag
W/"6093f94c-6f17"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
/
track.adform.net/csimpr/ Frame 5025 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=49556888&csi=B68y09KJ_ReErI3usPcwsGqB1Ga-CAwXLpEs8ECgqBLrygPkIxxfk9P_pDREH-e1KYxcSM8ATOhmQ_KEr1_ctN6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ad26.ad-srv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ad26.ad-srv.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
10268334.js
s1.adform.net/Banners/Elements/Files/2068258/10268334/ Frame 86F9 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2068258/10268334/10268334.js?ADFassetID=10268334&bv=514
Requested by
Host: unimedia.info
URL: https://unimedia.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
253e4002f4a73fd6f7c80e5757922a9f7ab32cf17b3d57ad0faa377e2522d01e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 07:37:14 GMT
server
nginx
etag
W/"61498baa-77a5"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame CEEE 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:21 GMT
server
nginx
etag
W/"609e6e89-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
tacho_ani_120x600_2.gif
s1.adform.net/Banners/Elements/Files/2068258/9645720/bvpath_514/ Frame CEEE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2068258/9645720/bvpath_514/tacho_ani_120x600_2.gif
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80a0157b331e845d92c0ebf229e94640e65fabb70284db205af3a01ef554af6d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
last-modified
Thu, 06 May 2021 14:12:28 GMT
server
nginx
etag
"6093f94c-1ec6"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
7878
tacho_ani_120x600_3.gif
s1.adform.net/Banners/Elements/Files/2068258/9645720/bvpath_514/ Frame CEEE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2068258/9645720/bvpath_514/tacho_ani_120x600_3.gif
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a8f61d72f18eb9cfca2502ee701ff32067913379c62538874c6df0503700ebf4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
last-modified
Thu, 06 May 2021 14:12:26 GMT
server
nginx
etag
"6093f94a-2062"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
8290
tacho_ani_120x600_4.gif
s1.adform.net/Banners/Elements/Files/2068258/9645720/bvpath_514/ Frame CEEE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2068258/9645720/bvpath_514/tacho_ani_120x600_4.gif
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
26e6a1330fc901a2078bc942b9797c51bb3e2f9f6846cc1c8e57ddadc38dc8a2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
last-modified
Thu, 06 May 2021 14:12:28 GMT
server
nginx
etag
"6093f94c-2031"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
8241
tacho_ani_120x600_5.gif
s1.adform.net/Banners/Elements/Files/2068258/9645720/bvpath_514/ Frame CEEE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2068258/9645720/bvpath_514/tacho_ani_120x600_5.gif
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
beadb8d748d2f35cbae00e4e6ee55f4acb44a13c8cf626c918b9eabf62ebfbe5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad20.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
last-modified
Thu, 06 May 2021 14:12:28 GMT
server
nginx
etag
"6093f94c-2060"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
8288
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 86F9 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:21 GMT
server
nginx
etag
W/"609e6e89-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
receiver.png
s1.adform.net/Banners/Elements/Files/2068258/10268334/bvpath_514/ Frame 86F9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2068258/10268334/bvpath_514/receiver.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
34cfd6050edc69991e2c4b39e966a35820ea1b87e7da4caf8a66913ce3a5fb7a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
last-modified
Tue, 21 Sep 2021 07:37:14 GMT
server
nginx
etag
"61498baa-162c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5676
tv.png
s1.adform.net/Banners/Elements/Files/2068258/10268334/bvpath_514/ Frame 86F9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2068258/10268334/bvpath_514/tv.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.210/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9ca81351f574dd50ffd83818a79ffc125f9cb74eda01a7c9e62d6d7efdbd1575
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad26.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
last-modified
Tue, 21 Sep 2021 07:37:14 GMT
server
nginx
etag
"61498baa-548c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
21644
TeleNeoWeb-ExtraBold.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame CEEE 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-ExtraBold.woff
Requested by
Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=30456700051313300383830011756020&a=5cdd9d69
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.24.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9

Request headers

Referer
https://ad20.ad-srv.net/
Origin
https://ad20.ad-srv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:12 GMT
Last-Modified
Thu, 18 Jun 2020 07:55:49 GMT
Server
AmazonS3
x-amz-request-id
S07KVDB4KSKB0YAF
ETag
"d7f0b1ef39025154e8517b4aa705d0bc"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
43544
x-amz-id-2
zOFWRpI+UEGvmByLmYe48pZWsl8Fooe1pArYgrWNqooonFEaXyfRa5fVYPQ00MjnGItb7MHRAlY=
TeleNeoWeb-Regular.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame CEEE 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-Regular.woff
Requested by
Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=30456700051313300383830011756020&a=5cdd9d69
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.24.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03

Request headers

Referer
https://ad20.ad-srv.net/
Origin
https://ad20.ad-srv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:12 GMT
Last-Modified
Thu, 18 Jun 2020 07:55:53 GMT
Server
AmazonS3
x-amz-request-id
S07X59E1A19J20V4
ETag
"41b43bece8523c4d26acc3b30d11019f"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
43468
x-amz-id-2
8idciaEUxKGJoBrH9LGDTMJfCbLaeuiby6cFXOHOPq5WAefDW19tRIPS/Jk2Yrwx36IPLZ3gm+w=
TeleNeoWeb-ExtraBold.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 86F9 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-ExtraBold.woff
Requested by
Host: ad26.ad-srv.net
URL: https://ad26.ad-srv.net/request_content.php?s=87197800043783900383830011756026&a=2fe72ffb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.24.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9

Request headers

Referer
https://ad26.ad-srv.net/
Origin
https://ad26.ad-srv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:12 GMT
Last-Modified
Thu, 18 Jun 2020 07:55:49 GMT
Server
AmazonS3
x-amz-request-id
S07K4RX7D50MDPCM
ETag
"d7f0b1ef39025154e8517b4aa705d0bc"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
43544
x-amz-id-2
ZUUEiv/jnyCsZ3fNH+sg7v2SgLbnyRMD53+ra3f6SV8c6wzTmRKMsd4wWeZ4cLsuIXjDft6jD1o=
TeleNeoWeb-Regular.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 86F9 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-Regular.woff
Requested by
Host: ad26.ad-srv.net
URL: https://ad26.ad-srv.net/request_content.php?s=87197800043783900383830011756026&a=2fe72ffb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.24.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03

Request headers

Referer
https://ad26.ad-srv.net/
Origin
https://ad26.ad-srv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 09:07:12 GMT
Last-Modified
Thu, 18 Jun 2020 07:55:53 GMT
Server
AmazonS3
x-amz-request-id
S07JFJZX5EZTGA5C
ETag
"41b43bece8523c4d26acc3b30d11019f"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
43468
x-amz-id-2
lh5GJdMiKF/Ounq4JZWOcpwMr7aoxFN3IXeHWGSy+aTZRZOb6YkEBISLBIE8sOWvm+g90I+qC4w=
50509831
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/50509831?wmode=0&wv-part=1&wv-hit=669207884&page-url=https%3A%2F%2Funimedia.info%2F&rn=518642969&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1634980031%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A202101023090711%3Au%3A1634980028802397076%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634980031&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:11 GMT
last-modified
Sat, 23-Oct-2021 09:07:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://unimedia.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 23-Oct-2021 09:07:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4099920091210488&plah=unimedia.info&bust=31063229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c16a3a9853b294c6806fc60d949d39bf7dba19f4748e3548ec1cecf7c4b6e978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 09:07:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8392
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4099920091210488&plah=unimedia.info&bust=31063229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:07:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 23 Oct 2021 09:07:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5F8F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 23 Oct 2021 01:01:47 GMT
expires
Sun, 23 Oct 2022 01:01:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 0B9A 		783 B
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8ba299ee1e3affd666d307674fcf6a33e835ac4fa013f89ab81a12a90886d043
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wjTo2W6ftUksBhBbvj8T4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://unimedia.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 23 Oct 2021 09:07:11 GMT
date
Sat, 23 Oct 2021 09:07:11 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-wjTo2W6ftUksBhBbvj8T4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 5F8F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
129074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 21:15:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0B9A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=3655010383876501&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=3655010383876501&bg=!aWqlai7NAAbUs_yW1LM7ACkAdvg8WtCvPvwOXjIa8GBKTk4HIBle1IUvGWyvCvZ4xZ05smx3M4CTrwIAAACIUgAAAApoAQcKAHcnWyc3QAOM3HTTYEfUPcyqvC2xO3iRmBDKLQJSNofy53x5UiuCPF90jz-Qz1fk0kmc4jW4qRcZNoyzMg_q76kttKNVf5Q0nkEG1PT2CGjVu1RXOv56hIWmyvVymOLz_cfhsbzc7WsovrbQw_D4nkKWvuRRdfoobpkCr7g_20lNBiUHYQs6h7hUgMIZVFzxfuRpMTnC6jBGJlRmvjuXk614wa85KKLXEAQ7J1iEvgzkaUZToMYBFSo4PejRTelhm2zgsAU_S25w9wM-JxdjSk6z9CGftwy9bRvAyOslhxuYMPJkAMzaT9OuI6QeijgxiywYf_eZn_Ar2gEsugAanu7G5dNFpObR5wjwsmBiqek54qyC-7Dh7ilhUKvY9UljbZHNoLYF6zvhDSPJxlrT9VYBezXlw05UspyDZ1vdeD4Y9z6pQyPnHKakultNokr2NRgqc7_BizOxt1r6gM6ZVA5PSA2Ymtv13iCrEW7k5G14wLOQbVhUxs38oWfuKaqI9WbbvEb6t1Heii0Lw1CWGy5EcjY3TNBDccy0Fj1HcLS5gNh2ga2MwTfY6ppJCzIx5Y6KSG4VScnfqdeoWKODJjw7R_rTHkWiyYLmBTj_fZsdq07BdYUDoYULQMBpUp1Bv7tyrlpzJQ04xOsFDZ3LY4ZjZSkIfeA8v5TrsSrEEeM0EzltWAPumpSsQFJ-VV3tRB4cSTwwfrNE4DFRinfay90AvmFmsbm_adIbRsPTulhF_Z3wp38TU3ufwINtSKYL5s-Kb91BkqvQXhV9b8m_ol-1y0KkyT7FeH-3l4ZnkI8bBp4Jl9N0c0oh8tNoA6u2-XvLr12KDAoCMJH87C9BDN3d5hCLx0qx5tX7KrzJOq322OXRe3bhDz6odMe02AQ-9RyqTYsydt_wo4S6oc7BnTm83Ke6MfUt_DmagWh_8My10_qmAx-pHDuY9Wmsn9g73X__hRl7sKqP_TcEKp2zYVhDIhtOjI0-rwbQM-B67iIyLDROdgwjVOYkF4ZLyq6KH0L0hC3DYkLUTqkO_PrdfafDPcjKkrpdHyC968ZC9fuVKkP1TnNObni43Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://unimedia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
50509831
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/50509831?wmode=0&wv-part=3&wv-hit=669207884&page-url=https%3A%2F%2Funimedia.info%2F&rn=449310338&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634980032%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A202101023090712%3Au%3A1634980028802397076%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634980032&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://unimedia.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 09:07:12 GMT
last-modified
Sat, 23-Oct-2021 09:07:12 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://unimedia.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 23-Oct-2021 09:07:12 GMT

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect boolean| originAgentCluster object| mrf object| googletag string| pp_gemius_identifier boolean| gemius_use_cmp function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| __cmpConfig object| dataLayer function| gtag function| OneSignal function| promptAndSubscribeUser function| fbq function| _fbq function| __cmp object| MRGtag object| ggeac object| google_js_reporting_queue object| google_tag_manager object| FB number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| mailru_ad1634980026786 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| googleToken object| googleIMState function| processGoogleToken object| gaGlobal number| __oneSignalSdkLoadCount function| __jp0 function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData function| io function| chunkArray function| $ function| jQuery function| EvEmitter function| imagesLoaded function| ResizeSensor function| moment function| ClipboardJS object| lscache function| Cookies object| toastr function| Odometer function| dragula function| hoverAlegeri function| unhoverAlegeri object| __gcse object| Ya object| yaCounter50509831 object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| closure_lm_824459 object| __ao_TMP_1 object| GoogleGcLKhOms

57 Cookies

Domain/Path Name / Value
.consensu.org/ Name: T
Value: 0.7849248875147945
.unimedia.info/ Name: _fbp
Value: fb.1.1634980027045.1749882494
.facebook.com/ Name: fr
Value: 09kws5sUrKuTLAfdD..Bhc9C7...1.0.Bhc9C7.
.unimedia.info/ Name: _ga
Value: GA1.2.1973445823.1634980027
.unimedia.info/ Name: _gid
Value: GA1.2.1894446631.1634980027
.unimedia.info/ Name: _gat_gtag_UA_58543088_1
Value: 1
api.unimedia.info/ Name: io
Value: GIhZUX-PiUsJMoUUABfg
.unimedia.info/ Name: _ym_uid
Value: 1634980028802397076
.unimedia.info/ Name: _ym_d
Value: 1634980028
.unimedia.info/ Name: __gads
Value: ID=22d76e10e4f7acc9-22692b88feca0056:T=1634980026:S=ALNI_MYtFpFAU_LaIByr-mL-WyqIyeUqxQ
.vk.com/ Name: remixlang
Value: 6
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1184817432fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1552813883fake
.unimedia.info/ Name: _ym_isad
Value: 2
.doubleclick.net/ Name: IDE
Value: AHWqTUn1TGcf-_lyKIg0wAzXCwC6XwKsR1KF3yn1fxe3uHid4Ri7dO55hzSNQU_C1h8
.yandex.com/ Name: yandexuid
Value: 3429073941634980028
.yandex.com/ Name: yuidss
Value: 3429073941634980028
mc.yandex.com/ Name: yabs-sid
Value: 2496491471634980028
.yandex.com/ Name: i
Value: TwmKSBYrKrcAgEiqX2da7/D4wnRwqAfjuByI5x7/8f/bZ4rGUhIdlJVFtidSJOKEPVKnVbwxO0gim00FJ+xD/GO6+18=
.yandex.com/ Name: ymex
Value: 1666516028.yrts.1634980028#1666516028.yrtsi.1634980028
.adfarm1.adition.com/ Name: UserID1
Value: 7022185749888042216
.unimedia.info/ Name: _ym_visorc
Value: w
.casalemedia.com/ Name: CMID
Value: YXPQvM2S.731FgYPEViskgAA
.casalemedia.com/ Name: CMPS
Value: 5203
.openx.net/ Name: i
Value: 7c452297-ff4a-499f-b1e6-0c21359079db|1634980028
.advertising.com/ Name: APID
Value: UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
.casalemedia.com/ Name: CMPRO
Value: 1173
.yahoo.com/ Name: A3
Value: d=AQABBLzQc2ECEMLxsfgrj69CnVTvQRIJhnQFEgEBAQEidWF9YQAAAAAA_eMAAA&S=AQAAAu0poMnM-PteU0woVovka-o
.adnxs.com/ Name: uuid2
Value: 2942315332824418073
.spotxchange.com/ Name: audience
Value: 99dbbe41-33e0-11ec-a2be-125b01370506
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In4i*NY-!]tbPl1M>e)ZlrFUfJ+tGXxoe^a0DM8y7m=aT(-PDt0UwDFxl!aaSjopMbGr*bpRz*qF1`*b_gr*--EX
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~2149:1762~2149"
.yahoo.com/ Name: APID
Value: UP99d1b1ee-33e0-11ec-b261-02baf75e00f4
.yahoo.com/ Name: APIDTS
Value: 1634980029
.casalemedia.com/ Name: CMST
Value: YXPQvGFz0L0A
.casalemedia.com/ Name: CMRUM3
Value: 2d6173d0bd2760CAESEEfYAYasgxZ1VVoDUr--FoM
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 43fe239c775bfb65
.ad-srv.net/ Name: pwzdy6wsn8n7_uid
Value: cab608e478d1e61a
.creative.mlsat02.de/ Name: trs
Value: 49374430%3B908cbadb724971cc9012ced767276cc8%3B11430_473322_1634980030_9a8b15e0-33e0-11ec-bab3-2265a16f2a26%3B
.telekom.de/ Name: viewvpnr
Value: MetaPeople|pv-NDkzNzQ0MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzQ5ODAwMzBfOWE4ZDVmZDAtMzNlMC0xMWVjLWJiNDItMjIzNGQzM2QzOTcwOw..|VB1049|59814|59814|1-1105148698||4001780
www.conrad.de/ Name: HTLP_timestamp
Value: 1634980030
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: JAyzIWAIxFT4i4tlSmLnjP3d7rN2KBsT31tubAh7wiU-1634980030-0-AVSvEktxn4+6ujaujckVx5X3ywibFZGpXxgkge1Ye2Q4X4zlExtNmPDoq8uE6Ip/srXdt9MYjEuuHEDwG1Sz/Ko=
.awin1.com/ Name: awpv11354
Value: 473322|1634980030|9ad58c60-33e0-11ec-bab3-2265a16f2a26
.awin1.com/ Name: awpv14172
Value: 473322|1634980030|9ad82470-33e0-11ec-bb42-2234d33d3970
.awin1.com/ Name: AWSESS
Value: 361931:2950362
.awin1.com/ Name: awpv11430
Value: 473322|1634980030|9add5490-33e0-11ec-bab3-2265a16f2a26
.medialead.de/ Name: trscj
Value: MTYzNDk4MDAzMHxMM1J5WTJzdlpYQjJMelk1TWpVd1ptTm1ZelU0T0dObU5XUTNabU15TVRRM1lUUmhORE15TjJNelAzTjFZbWxrUFRZM01UQTNOekF3TURReU1qTXhNekF3TXpnek9ETXdNREV4TnpVMk1EQTVKbU4wY21GamF6MW9kSFJ3Y3lVelFTVXlSaVV5Um1Ga09TNWhaQzF6Y25ZdWJtVjBKVEpHWXlVeVJtTXlZVFUwYWpjMmNHa3lhelJ2WnlVelJuUndjbVJsSlRORXxhSFIwY0hNNkx5OWhaRGt1WVdRdGMzSjJMbTVsZEM4PQ%3D%3D
.emp.de/ Name: HtLpTx
Value: Awin
.zenaps.com/ Name: awpv11354
Value: 473322|1634980030|9ad58c60-33e0-11ec-bab3-2265a16f2a26
.zenaps.com/ Name: AWSESS
Value: 377134:2470206
.adform.net/ Name: C
Value: 1
pb.media01.eu/ Name: ASP.NET_SessionId
Value: ij4v0gomuigaijwrslnf2dbz
pb.media01.eu/ Name: DTU
Value: 29F0FA31E3420C3F813274ABC1617497
.adform.net/ Name: uid
Value: 3571394256440242600
.adform.net/ Name: TPC
Value: 1634980030971
.aaa.artefact.com/ Name: trscj
Value: MTYzNDk4MDAzMXxMM1J5WTJzdlpYWnBaWGN2T1RBNFkySmhaR0kzTWpRNU56RmpZemt3TVRKalpXUTNOamN5Tnpaall6Zy9aWGgwWDNCMVlteHBjMmhsY2w5cFpEMDBOek16TWpJbVlqMHhKbTV2UFRFbVkzUnBaRDAwT0RJeE5qQTVOU1owWnoxMGRtMTBiWFI0ZUNaamEzVnliRDB4fGFIUjBjSE02THk5aFpESTJMbUZrTFhOeWRpNXVaWFF2

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9435.cZzVVQNIcI31pWuaRXm-STRfTN037ydlXLlB34LpE2xWP_ybdoO8OBzen9Iu42en8K7vEgMBxBNCTqVot5NxpA%2C%2C.QvRAz-nnE1l9bFG-Q3Mi1dPbJbE%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
98832fd1553083a30fdba005fdf6948e.safeframe.googlesyndication.com
aaa.artefact.com
ad-server.eu
ad.ad-srv.net
ad.mail.ru
ad13.adfarm1.adition.com
ad20.ad-srv.net
ad26.ad-srv.net
ad9.ad-srv.net
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.unimedia.info
asset.conrad.com
b.marfeelcache.com
cdn.contentspread.net
cdn.digita.media
cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
creative.mlsat02.de
cse.google.com
do.privesc.eu
dsum-sec.casalemedia.com
ebs08.telekom.de
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gamd.hit.gemius.pl
gemius.mgr.consensu.org
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900030.redintelligence.net
hal90004.redintelligence.net
hal90008.redintelligence.net
htlp.emp.de
ib.adnxs.com
imagesrv.adition.com
login.vk.com
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
media.acfrg.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.advertising.com
pv.medialead.de
rechtstexte.s3.amazonaws.com
rtb-csync.smartadserver.com
s1.adform.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
storage.privesc.eu
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
track.adform.net
tracking.mlsat02.de
unimedia.info
ups.analytics.yahoo.com
us-u.openx.net
vk.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.privesc.eu
www.zenaps.com
104.111.239.217
128.140.224.228
136.243.149.243
138.201.220.30
138.201.63.116
138.201.63.149
138.201.63.150
138.201.84.244
138.201.84.252
142.250.184.194
142.250.185.162
142.250.186.166
145.239.193.130
146.59.21.22
151.101.130.207
151.101.2.207
178.63.52.121
178.79.242.245
18.156.0.31
18.159.140.98
184.31.88.106
185.33.220.244
185.59.220.199
185.94.180.125
199.187.193.185
2.18.234.21
217.79.188.54
217.79.188.59
2600:9000:223e:f800:13:99a2:1280:93a1
2600:9000:2240:4600:c:6264:8240:93a1
2606:4700:20::681a:5b1
2606:4700:3037::ac43:a702
2606:4700::6810:125e
2606:4700::6810:5814
2606:4700::6812:7e05
2606:4700::6812:bcf
2606:4700::6812:e134
2a00:1148:db00::17
2a00:1288:80:800::7000
2a00:1450:4001:800::2001
2a00:1450:4001:802::2003
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9c
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.244.159.8
37.157.6.235
37.157.6.246
37.187.155.55
40.118.27.163
51.178.130.209
51.68.117.182
52.218.24.218
54.76.176.197
80.158.66.20
85.114.131.234
87.240.129.135
87.240.190.78
88.198.250.30
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e7157ec5f2b09ad67d01bdded4a13f814e4877604fec9d707975d9eae07a2e
013d43a47cf3e2ec94a1b371359fba2b05b07af1bdfe253b9900bcfc8e0355ad
02ea6b540d2af79f9a065d4153169bf4260e87cb7e17fcabdbdaaca57851235d
052da9c9a8554b47e7d2a8dc64d3fb94c850ba86ce3bc29d9c9a0be67302e709
09a0d1a37800890df987ab23c07b26bf54198753a228f936e403b3b565fd4643
0a8254eea33b32dfd7c9dc5d76a26d0d8f6d81f371802d08ae1843c6331f822d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bbcb1b76a28ccfe4228d8b5ed74a416e35d6fe07e1b4d02a18270923f114a6d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
107b86ba4b1f737a39413c841f4b9303251a3ee03e27472ae57d40a1ab31024e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab
116f15401f1668792e29d3c8b146f3e7036be9e8214199841b96346acd7bf04e
117324cc283b17f0dc78516c498ffb9941decae7f79b78c77e6c232e74b3eff8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135819102cc1e4e89a9f2d6f23b04e9bb08121edcaf96d750815738c0afeb4a9
13dce2f23a3a3c8deb72f23132de35091e1df9a38ef62a1ea8f5e4f87d35bd81
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
1a12cf1055f367cf679687b42b23a119237b4b9050a84c7b1b9ce88b2fd99480
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1b7f590079dee506b09faf3c757c2b958cc5593cc5735a100eae86149f22850d
1c9050e08bed3893c685966b1379346a26c30e79dfd1704fbf02d45ebc20f7f0
1cbf38da8d5e1d59a0fde805fa77444183bde3c24a29447cce14f8a2b56247a0
1cd91b9dd3e258ce4421181a85cde15a2b860fa0adc0580c7c4534a37cde69ba
1cf2118833e90b880a9f88b179a46f63a47e36013048a1602d166f7ec14ac9d4
1dd77de27040f07a1ed22418b04b01cba4e45b957f58cce1ef04e02d3b2d77e5
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
1f8328f516ed29272759cb3a2d18a6240c43083db8876ef7037f415e684cdfff
1fad29314732e7d4170eca79edb9e6b47f9cfd19d2a99819c2d5e2001aef6e59
221bc7b9e2118cc9a49d10e0e405ac7c371516f9ef07fdc5eca11597c90516a4
2324bf2d71d44a6b50355dda5dcd3dc72bf4eb43e1db40987e5c669d7bf1cc30
253e4002f4a73fd6f7c80e5757922a9f7ab32cf17b3d57ad0faa377e2522d01e
25810d62bde26ba3691477644329012a3fb52496dfc4822d02d81e0213839ee0
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
26933812336db12f2db1b8d3c7d2dd5dec8ff419365b33183ccbc0cb7dda8553
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
26cd0b7a7b69efe09ad8d895ff9256f2792817184463faacfe618c14034372b0
26e6a1330fc901a2078bc942b9797c51bb3e2f9f6846cc1c8e57ddadc38dc8a2
287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9
28b57430d45601b0b108648d15b4b604363b0ccf0007579af85e3e3365b41ab6
2963eb258e4369b50dabb2479c1a5f35f880d57845a91d7551ff3c07ffa4cdc6
2a736d0eb1e415b2d66513c1acfd9a5f8f17d4f6a0a286986da3308dc9600b8e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677
2cddb4a4636e16f0207a542a15ef889781c2ab5c027cd95f819e6e5e90574dc5
2e46e580c2926505edd4176d139a99baa8480a5bbb64b1734c56f6a1da23c1ad
2e818cf57dc5dab70b4f8a2b4da51415dac691f3abfd3c570e2f0fb1767e615c
2ea372f83972324ae71535f918ab009a1099d1277deb7ba731010ec29fd0d7dd
2eaf1e0ef1a5ee6e1820d6ec43b66c7dfcbe340ad5e8204b3b773d6a57443420
30d246a551cc995d513976a2ff452cd42d0913979aaa2b615076eb376e9b3460
30f54b58683aee10f3323c2ea04efb0958692e636b197c9f7ced8bf036f82d54
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
347a0d49b43a9bec4b16456f0d191c5686424ec23842eb071f15894852296641
34cfd6050edc69991e2c4b39e966a35820ea1b87e7da4caf8a66913ce3a5fb7a
365aaf3330db6ad6f1251e2cad6eb186ee94660162c17d7c4d9974bdf4a26f05
36fb2dca0a62a8159bad5ed46aaa1ddbfcaac2a681ef4724166f9a82fb6d15a7
37bb0d26265bb2b4fabd21ac0940267ed8e3e7f188c5fe391e3862165b8ea5b1
39ca438c83a6227b317a943b4f5e656fa45b5acaf4d02b4d06a3590daa82ce26
3a489b1804f74d7cf081da2c1a063f19f0566c5cd3a73a49744647b427bc0a22
3a71f2ad3ad8e19589bfb17c9df1bec36ec55b6931498b7af4a1ef31351640cc
3b41f593701391fc21f1003f28ada2f94fb0d9aa0db9096ae9075f6334b246e5
3b663b1b247417a97674d7430ac96eb74edca5908e23f5f6b936179af6df472d
3c5d40223ce89f3ad30eaed53951e9db38cfc84781255abb1373fc60d47e970f
3cdb176b6ea197e55e4c6eca305f99acf081c4a88186e0c3d99f3e05ccb4f6e1
4021bee45d3321807039f5374aeee6401c2f3ba5840c6d0dcba3743e523004a0
42b0eed28ef65b2e42fb1c0c4f1722917d68077596e5fc537d19857bccc84cf4
43c1f9906209f38e1938d62cd09d7107aa1247676c15e96493217032462efb9d
442d3a3e50d3ba9ff07779c6f646b2af5d8ab545d1aa8287713d796c2ee84fbb
44d0a23a590fd5365ca60ebc447433cbdeb8bab3e79fc517f501156660b83d30
4548a814aab9889f80fdc4b4969e22438b97b56ed1b340ad411530dd1ade5bb4
466e66305bb8a4ed93c2fe283049ca159058e58438d9320b60580e62604fc9b3
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47ce56571fabe73132aae37451b08997d3e2f40ab2b21367325a0dba95acda0e
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
492765265f9c7b0072536c2d6e2eeef8263e22a68bbeff128365a7811114756a
49aedf0d2ed7e26cb2d902508957b34027d563437f56b7a7305fd4d5fa59a44c
4b121afbdfd084f945157304440e635e3bf82f07e2f632062f109f2a6679ee2c
4b4128d845ffb59d9a8d7e6b859e08317ff9a32b07c818936fef997c71678a1c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4d0bc602cca330cfa604600336f12b3631df01a23ed6fffeec9df5c85dcb4e07
4de4c266fc72a15597e7c0e283c0c2122b7acfc966ef89ae9605b0ac1d3998dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ece419428fe25508fd524e2f7380afd37254c50c014cf70aed585ec37070d5d
4f38cefdd4e24bb48ee5cfbcf7b91eca99bec4c4ef56645a3c65ecef6cc7ad5b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513156ad2577e26f744cd1d9bac907071df064e6f3982b1d36e718d17859578d
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
5284dc14b9091e9973359dd951669723afee02cf3413c77c6f96994f79bdee19
535f3f130f0e258dad5f3fd8e2c1659da0fb9603ff4deaaef3ee10c4a8e4ec4b
53d5a0e5d8c7bf5cc24c0d3aaec83d6f666373bb1a7916c021443446c18bb4b8
53fe6532577bd151cae046adbae3765bc84835bb4ea3a74dd8414fed8d305afe
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549fe1213a41a6f0371bcc4039405f6aeb48195a2dff612fab29ab7f5b5f5a3b
55464748e5683a0a74c307761554484848be496a692a6dce22cd75c9b688880a
55786f200b526ed22322742d71a77126b24f1e35ba8c19468e3807e98c41baa2
55a771688beae44fc2524ef969e89a63893d6f79bea53c9a869ba6771ea76f48
5739624bd3388c383bab35c5a12fe4f57d12222b5bffc63c57ede33c63c8e7cf
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
59f2c4aa9affe036a6eb18e56920aa2b283c062132ca78d516d9b0e1aeb91d8b
5c05453933e9aef66ad2a3fe220a77852062eab0be8574cf70e9ffc05b16a4c4
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
5dd48eb7d99a62cfe8618a7e18859d2c4e9d0e32d5806bfa19d442f8d86aaced
6053e6ccdb9e1eec28c606665bff4052277acdc8d44c33913ad5dd157b321103
6071d5e9f2418bb4bad72f3cf46e4c74912192aa240bc81a4577e8133b423728
62bc8c679490b864992963563169f563770bdc0540f7834c872bbc27f4507a96
63efe7467fa4b9d99c8f3fd0340930f88e5f91802de89024c4b9817b52ddb35a
64a500598b9d6a4221545ec8c3187ce7ded76bfebe57febbbbca94203ab8df88
64a7f4cb9e8856b1b4f9b786dfd40b2b96f3f45deba71497d6b4985f8f2e06ee
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
654759a47eb269bc88ac9baf5cc398815588a1f6e76584d390ce3e946a11e716
669cce144b63aad58effc9739fae3ab42ac60de37afacd2f6b2f433a51d14b74
66a700616e3f6b00f32297d784bffe811065de7806f2b92251eca1cc4867e7ef
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
69ac306f07a2be73b52b646f165798edc0111ffae728b5c7bca29cb8be57cb88
69c6598b916d1cf5f32eca4c4d977823bfc198749a54f3f735c3c1f39ac9a6a9
6b90ad92dda62436c36f9815f78a948c8f956cadb61c37f9df633f95e31a8d14
6bb77d20dd85b4bfae78affeef6ee91869bffa0ef53ed9c8ab9c2a526d0180c5
6c01ac8caef5dd9a8ee7a13b94115e1a792556f65355456f2b2bc4e1d64be8c6
6c84dc8c8d56cde5f0ae593073b35c218cffae88ca7029d42a7e23d2219c3d36
6cbc081946e08345ee5c1be02ec05b9315f6ef5f601a8b8b6810ff70ad94bafa
6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa
6d1e740094e4a3976656e113ae2cc4388d1318ea0779e16ca5bc5b0b247d88b1
6d5d1dc3e9f8e928081f7a1d836d61f0508966593eccfc083d6c29fdc2415fce
6e5d46854df65271515f62477fae7b7327fffd4367fd1b167b5a6dada5be7d1a
6ed2d08fa4659315cae1c83a5c79e083739580f7620f742591a60c65a7029a90
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
742021605a688f0aecc6069c388189c63b5b732a7c6445a83e17a565025ba9b5
74c2529fe3d033f9401769ef022638cd5b1196d0074f3b2ff167fcb5fb979e71
75e5f2c53ad60226ae129939d789e62627a5bf22e0bf63d761c791a36cb9a2e9
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77c2368bf2ffc631d283449cff14c6b7c49670827e659bbe04aaf6b65ac13f57
7884d32a0699f7b116ab78fa064fa00f3cd3e3b7387281178635929f07f51c58
7b8836c09b9c059191c85fd81ab3e285896b990d4e709107343a3add63c7d8f3
7d33325b73d8e04a4436eea64af5bd43137c6cfda9d274482eec71f4e77bf8a6
7f2f082645022819ed1c5fedd4a414461c5f5470e03a87b4824d9372d55ce23e
80a0157b331e845d92c0ebf229e94640e65fabb70284db205af3a01ef554af6d
816c9a39c1113149fe64c94769c8756b2f4e16eb4d962ee179f1354ced3e3fd0
818b9a59fd065989c1aaff8465663fcbb495200dd441d154f76e7a61ca16d223
82633d4c1a0d0fdfcf4eda01904c8ee000a7bfeed8da7e5dcb21469b458b7cc6
8282386344065cc7ea94619270b955f6833335d6015e720db348cc085d1610bb
8303bbaa6c2efcd0795ce07fa81f26e86d212f23c453161971f544552b1301a3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834ec7dc1104fa5267ca4c88bc4958c7520cd01c00f3258dbf44053827ba2d08
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863080594533d2214e72ce5fd5bcf20a5793a022f052fc4ec0d2c9291070f283
86c79ea484d60305cc766396aff57f0ec0e4f4052ccb91dec4518184b88298b8
8713f2e451f6cc224c8d470f475cc9f1c6a5c03dc9d1e7f7ec57bb55b974abd0
88ce2cff7cadf7ed6722812f63ac65e50ff734c975218f675dd4c62d3c6a86f4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a279b7e70995476593416afd7ffdeab844eda52fbc1b1e53cf037ebc715a4a2
8a2e338c0e4d74ed0914826d29406f82aa905a79b5e9abc75b201bbb0f672f6a
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b60230c130eeab6f96bbb62f9e59f831dafa0d8a4eb7e9b71311633fa25cbc8
8ba299ee1e3affd666d307674fcf6a33e835ac4fa013f89ab81a12a90886d043
8cc09c67f50e94a4f90f27752e23166003bfa974fdecc5832314bbca170d4813
8e0c525542a8a2abcc8e3f17bc8a10b3c279b50f5d18786a497bc601d562b02e
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8ee50b212149e7babe7612a075658800e8b3ddc71a12080f9cd6859d21f75e61
900c76d8526b80de598eaa0f717ec9e63f0e9b8a95fd854f8ea9200124113e14
901423308767e9b6022a291e22e0dbf07cc54cd31c73a7c5fd901bafbe031819
90325bda04a8eb2b47aff2f6a0f8146625885d4ea6a3454963a6f081426add38
928a2c6b7d75e3ab9c96b0cd78a17ca7a98635932a282a0ebca9c937582286aa
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
94bc1ce7d5d171539522b0e463e968298731d20de48eaf3a7cbcd0a069808e17
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde
95738cebf0175a455b2119bfc27c5be1f845181cf9d2f1ed537ae0057c3fcd72
9596d870d9f3e46f4e1820365d383a1cb113d294193fb85c79efeef8d898e8df
961a5fac24390f152e2b3c5beb06ab1ac051587e53d7e5c1e23fd30ee6728b66
9686db9aaea4a39b7dd1bd668de63ebe9d0fb5e3fc8efdcf5c5f405ef219d0c2
974f8c100339d732875a896873a1593208d9c2f6faf30f3a17a7027cfe527f56
98225277db4486565a276456d64e3e613bf7ca3613b88f0371d6d1abb5bc6cfd
9892fc6c4c587a6b8b6eecf9f33e1bb009b6351e567800594ed16fcc2738b294
98fa72cd26344975358ea322dcfbce5eae09a8b5bd0af6fc474fd87c1a22a463
9ca81351f574dd50ffd83818a79ffc125f9cb74eda01a7c9e62d6d7efdbd1575
9ede6ef6b8391593386c05f6a8bdfcbe1ea6184d0d0d3f1a8bed91a98e73efb8
9eed0383e85e3cbbdce0dbb0ee972a727efe279aa104d5419a33a0a0792c357d
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
9f2f57919bf8840558eaf4e0c39ee737777b6112891d6d0f172cad5066aae593
9f83795bc6437b7fc74fa8fe0a4a1f71a68df7d32409366f23cb8fd74635f12b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c18a0b7773464b84eb4619c8808c44d2cbaea2c0a571187b978776026748ff
a5871748207e1582fdf418cd563884744426e80f8338543032cce47245590d57
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a653534bf2bcfcab8790e9751fe0c88aa6956f3cd788669e4aa78ac8cca34019
a6d1867d43b9fbb0217e51b5dc3ddd0a4292f937bfa66696f3eba26d1e64d0f6
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7dfe17427d5d91f0651c6338e778faa89a7f1eb5784141d6be14c23eaef4be9
a8f61d72f18eb9cfca2502ee701ff32067913379c62538874c6df0503700ebf4
a9846d073b571c1c29dbecba64decc88fdac0ad2b65ec77a4fbd38842052e493
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aa6d86059c0717e660ea16a429335b5c6c2523b530cc6809780c3c96efba29b4
aba2d34f8ee7f4391060947f0adb24843cc72bb1fcc9af1b794a55571ee9d15e
ac4164bf2a8709a3e2b2d3725de8d702c54ea5a284ce0c4a2c672fd06486e107
acf85ba009558e5268aa0d4d7a4fb003d163ab98473be7c7fa9bde8a9c47ca04
ad31142d429592917a0beacf573a98974aec6acdd251b9a882708ea5eb76ab86
aded105c66131e04d268e88c347a9f8db4f895effd6f3fc6b46c574f12bbf75f
adef5011910058f22cddead36db1a69d47eba464a46151247a34c0f4205a0a40
aec7b8e8ac8a04b2e75d30b436e1a809719db2c8727c4769cf72fcd260fd644a
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af2cea48117493215942acee595ed4099e26e27f9bc0506c1cb431dcd527c4fb
af4f2d06c5401e610906be31c29c0eec9f5b6237a8ab6b91cccc2d12c0dfc9be
af5501267e17cb95f650940c5f20656bc896e2db850db0ae05236b3d811c097b
afc672ca263cf8787af8987aa3aca761cc56fb4b00b9c71af4a91a0f3c729b31
b082bb883d565625cc5d0c2b895e0391a51a111546b471cceb7ac533ebc6733d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2711a8cb3d7c5cbdfa50225aa1bb418794dc76a8a0254c6a8997c7cb5deb240
b2df9effb91681a4b87c3b47b3cf33290c5c926eb376a81fe885ee822ee5f816
b3220b947e9875ed59a319e13c6c49f6bf2a025f394b81a0596a8d84c67ab58d
b334208c2c07a36200a7733e478954455fcb1183e4952df04d8bd177e3010cc1
b3ed9c9bc861fa868a53b26af8333f99a2e88080796109b11da39496c43d58bd
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b64c2691351dd9f71e3aec3dfc2f6d4cabd8c83aef76d8fe36eb9f6c65373718
b6abb20eb5bfb087d4f2561081c1089242c3e56bff64e7e6450ae1e432fcee3c
b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92
b9dab26d1b24b9619e9ef617bf85606076097f110b2a71636d3928ee0878626d
ba0e1b1dfa871408f6079304491c5b2dddd1df0755310cee83628766a1449852
ba713a952f4435dceb23059e8f07a47c8906f786ff312540d9228b3035467a87
ba9e8408671a6d861a901910b9265ae166a37d5bd441525efaa167edd83eb021
bd65e9a9a6ebad9aac196b030da5f569efb0112393d064dcb781e1b077b6cfb1
be787b59752a62314c0e9ed486be7c3d5417031ef2c23de1775aff3c2c5c9064
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
beadb8d748d2f35cbae00e4e6ee55f4acb44a13c8cf626c918b9eabf62ebfbe5
bf98b15403d5325587bbd804a259eb4d0fc037cf8b587d02b4dac22209286603
c0535da3a17085c3b4ba846bfc40d08bda9b8f15b4bbd22bcbd3a934f4d4d51f
c05c05e9759dea58482bbd059e5270eb586bdd58ddfa525856e516a5aa0848d8
c16a3a9853b294c6806fc60d949d39bf7dba19f4748e3548ec1cecf7c4b6e978
c2fee8ec6bbde4cf69247e003b0e9d53a3abeba37be8a9406e2b614b86780bf8
c5c4367d01ab9a9673b35c5330f27ea9b110aa58b8ef56056ca70de36b3e3875
c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b
c70f82338a8faff742498b7a1dbfd44838a249aae369c4cf391786e899b579e0
c8a7bbd86b9b825943b9013ec352315e0d70e47de05d4721f9a3d859cc617622
c94258c7e298951722d9fa11a848d1efcd13f4c07119dc453570f844c3f1ac96
c98fc17942027b5989e1c80ef8983d6450764e4214333d3ec6931edaa0957b6a
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397
ca31c56a9819db75a456259d5bfae5989675461c8e2b055b9311a49a9d36dfd3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce78bfc576d042fb0a93c81a33249aa2807dd57772f37b2ec92900e22c9b6bca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf850f4ecded897ed197b5cf4657f60f2f63b17949316ecf3425c0f0c8d00749
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d6913a8a5db6be38f85cb71d69b13d60d4848fdea569c31ab1a76363f2810ce0
d701eec2f13cc6cc769e8af437373660d4ffc203d5e08b9ebafe56af72bcadda
d80378d08a022a789c2b928dd537f131c27d29a123fbda38b96a72db3d066cfc
daa80f6e1e685555f40440b4a724867532d81e37619171aa956fb473dc2d4b5b
db9bc0a6b956749302c088d189e29cf4997521862784042fed8eabc9935fadd5
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd7f4cbce5e43e84cd795f8496ed9868c7ae1942d77f06c5360df44addac14ba
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
defd9732525ca015e49d59c241aa34e28d732982bcda5d8a053a31d54e134ae9
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
e072fb8ff1d96ae0296a5df02b0f450916fc9575453856447204a8fe0b7048ef
e2a08f88a6ef467f055abb1a50c4631a591102f342cf541b8d32403df7dc000b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e68cb3ddf5ec12a184f9983423edcd6810bc848e06b22a058755a0f189335376
e77ca398c3b17c3506b56ee871491f8822698bfce617cdfd8a78408a3375a07c
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e96f7492f58ba3db871312de45a3ddbc055cf065faecf47caf06407465d4737f
ea0013e70ae9cd0e87229ac4f9a7a369c302d13be103a8191ee1a430208aac62
eaec0d2124e354ff97cb87f92cc0f6919e9a038897c2c91e2c503be87111bfad
ebfd6cbce5b4d76d823edf54ce16bc751bd747934345bf3f97970f9e633e0ddd
ec8d9e2471937736a8d3e6c7b814558d8a136c7c127c1495812a327d1b91b2cd
ece5a61b12b7d03834cf02ed9a76d0c2c4e9db164c3b91dc272e9fc2c969665d
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82
ed878f6d9451207af1d62d958005786eda1319efae95948a99bbd09711991561
ee8a65e9d964b374f9386614655e58d4d91984d80b4cf3aec05408291a607d45
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3004d07768a71ac1bb621f50a60dd2210ea44bae35aadf776cc5f407146c36
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f0b196c85a9afd258c9fef511c8917155f0c6bd269fe7d5a1882e296f35600a6
f1833c5c9fd22e606bea834a35f58324f323c282d4aa341a4e8eae69f02e8943
f1fb34c5f53e9746bce63352305852f80bab5ade4d88a95406083ec0b816ba29
f2a3fa8d0e8a02a691cce709d9af848ed7a2cdb08d03cf0877d01274279d779e
f3d5853c604dadb42362f3bce4018cc70aa19f48c623f0cea6795d63ae807077
f50a9e6bc3e6b495d323fd384ca126c33f0e11c68edc8dc43939408c0404da6e
f56e2bf827ddc3141ef6d516d992913fc1a3cc8ebefeda47fc06e4b783527de0
f62da9fa67a86fc30d576a01706e20a58fbe41ff7b9ac45671746fb2ac766d39
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
f7d6e393c17ed9eb81231061fc106f45ca01abb4895ca98badbfde2bcbf6a5fc
f85de7b4c14137129a8dfdb9e5d8c5d708231a644d8b0599ee290f61986898de
faded22a4d79b933c41a64e0e15d3322f80c33f098a8171fd8e25d3201a8349c
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fc7d63341923056461dc7106dc496f34ec1520d33cd6d077a268a53f6d11b29b
fc9fc1139b95456b8d7d3eea1986793a3a55df913bc5b587805c132cab22c89d
ff3c916c0c93a8633b1bb9c8c033f4dc8fe814a7d780574fbe1087dbea46edcf
ff4033d575dd4a6637c97c97069e99ad72821eb6fb3b04f5a9d36715da914ad8
ff5d58f871051d01cc1168df489bba296a3f3b8d68e0c06e7f83a715ad8c8728
fffa34a270f4a6053b94def871100aaf7b0e1f3fd505dba3bf40b504f441c697