urlscan.io logo urlscan.io
SecurityTrails logo

ua.korrespondent.net Open in urlscan Pro
2606:4700::6812:1fb6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://193.29.200.154/
Effective URL: https://ua.korrespondent.net/
Submission: On January 05 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 114 IPs in 16 countries across 93 domains to perform 492 HTTP transactions. The main IP is 2606:4700::6812:1fb6, located in United States and belongs to CLOUDFLARENET, US. The main domain is ua.korrespondent.net. The Cisco Umbrella rank of the primary domain is 308801.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 9th 2022. Valid for: a year.
This is the only time ua.korrespondent.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 193.29.200.154 197203 (UMHAS)
2 11 2606:4700::68... 13335 (CLOUDFLAR...)
29 193.29.200.151 197203 (UMHAS)
2 2a00:1450:400... 15169 (GOOGLE)
1 91.198.36.26 43405 (DIGITAL-V...)
44 193.29.200.157 197203 (UMHAS)
1 193.29.200.140 197203 (UMHAS)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
1 104.18.2.81 13335 (CLOUDFLAR...)
20 78.159.118.240 28753 (LEASEWEB-...)
3 2a00:1450:400... 15169 (GOOGLE)
2 45.133.44.4 39572 (ADVANCEDH...)
2 2a00:1450:402... 15169 (GOOGLE)
8 212.8.250.83 49981 (WORLDSTREAM)
1 212.32.253.229 60781 (LEASEWEB-...)
1 4 51.83.200.186 16276 (OVH)
4 91.198.36.35 43405 (DIGITAL-V...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a0c:5c81:514... 55081 (24SHELLS)
17 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
20 2a00:1450:400... 15169 (GOOGLE)
2 167.71.9.19 14061 (DIGITALOC...)
1 1 80.77.87.162 46636 (NATCOWEB)
3 62.149.1.122 15497 (COLOCALL ...)
1 1 54.38.197.123 16276 (OVH)
2 216.52.2.48 30282 (AS-INAPCD...)
1 146.59.30.100 16276 (OVH)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 37.157.5.141 198622 (ADFORM)
2 2602:803:c003... 26667 (RUBICONPR...)
3 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 185.172.90.252 49981 (WORLDSTREAM)
4 185.64.189.112 62713 (AS-PUBMATIC)
2 185.184.8.90 204995 (RTB-HOUSE...)
3 51.89.9.253 16276 (OVH)
1 10 185.89.210.244 29990 (ASN-APPNEX)
1 7 35.244.159.8 15169 (GOOGLE)
1 147.75.85.234 54825 (PACKET)
2 81.17.55.98 60781 (LEASEWEB-...)
5 2400:52e0:1e0... 200325 (BUNNYCDN)
4 138.199.37.230 60068 (CDN77 ^_^)
8 2606:4700::68... 13335 (CLOUDFLAR...)
3 146.0.227.110 20773 (GODADDY)
2 91.218.215.4 42352 (QOS)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
12 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a02:2638:1::8 44788 (ASN-CRITE...)
2 2a02:2638:1::17 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 9 104.96.145.246 16625 (AKAMAI-AS)
1 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
1 178.250.2.148 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 3.122.189.188 16509 (AMAZON-02)
7 17 142.250.180.226 15169 (GOOGLE)
4 4 85.114.159.93 24961 (MYLOC-AS ...)
6 6 52.29.52.153 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
2 4 76.223.111.18 16509 (AMAZON-02)
4 4 3.126.56.137 16509 (AMAZON-02)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
2 5 69.173.144.138 26667 (RUBICONPR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 5 185.29.132.246 30419 (MEDIAMATH...)
1 2602:803:c004... 26667 (RUBICONPR...)
4 5 69.173.144.139 26667 (RUBICONPR...)
1 81.17.55.161 60781 (LEASEWEB-...)
2 4 67.220.226.233 16509 (AMAZON-02)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
2 3 52.46.130.91 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
6 15.197.193.217 16509 (AMAZON-02)
1 78.46.23.46 24940 (HETZNER-AS)
1 92.123.37.164 16625 (AKAMAI-AS)
1 5 138.201.63.149 24940 (HETZNER-AS)
2 18.185.180.247 16509 (AMAZON-02)
2 52.28.67.171 16509 (AMAZON-02)
18 37.157.2.249 198622 (ADFORM)
1 54.36.108.3 16276 (OVH)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 185.86.138.121 201081 (SMARTADSE...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 67.202.105.33 32748 (STEADFAST)
3 151.101.65.108 54113 (FASTLY)
5 23.35.236.201 16625 (AKAMAI-AS)
2 2 35.214.223.115 15169 (GOOGLE)
2 162.19.138.117 16276 (OVH)
3 6 185.86.139.57 201081 (SMARTADSE...)
2 2 178.250.2.151 44788 (ASN-CRITE...)
1 141.95.98.65 16276 (OVH)
1 5 198.47.127.19 62713 (AS-PUBMATIC)
3 3 185.29.134.244 30419 (MEDIAMATH...)
3 3 2620:116:800d... 16509 (AMAZON-02)
2 3 37.157.6.253 198622 (ADFORM)
25 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.167 1299 (TWELVE99 ...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 52.50.45.218 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
6 185.64.190.81 62713 (AS-PUBMATIC)
2 2 34.193.201.64 14618 (AMAZON-AES)
9 9 52.30.188.40 16509 (AMAZON-02)
2 2 198.148.27.139 19189 (PULSEPOINT)
2 4 54.80.38.94 14618 (AMAZON-AES)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.229 62713 (AS-PUBMATIC)
3 3 51.222.80.231 16276 (OVH)
1 1 52.29.237.148 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 98.98.134.242 21859 (ZEN-ECN)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 34.254.143.3 16509 (AMAZON-02)
2 2 52.209.54.253 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 213.19.147.44 26120 (RHYTHMONE)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.54.172 213230 (HETZNER-C...)
1 72.251.241.206 32475 (SINGLEHOP...)
1 1 141.94.240.141 16276 (OVH)
1 1 141.94.171.215 16276 (OVH)
1 35.186.193.173 15169 (GOOGLE)
1 1 52.220.229.2 16509 (AMAZON-02)
1 1 159.65.194.197 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 185.89.211.12 29990 (ASN-APPNEX)
492 114
1    193.29.200.154 (Ukraine)

ASN197203 (UMHAS, UA)
193.29.200.154
11    2606:4700::6812:1fb6 (United States)

ASN13335 (CLOUDFLARENET, US)
korrespondent.net
ua.korrespondent.net
29    193.29.200.151 (Ukraine)

ASN197203 (UMHAS, UA)
csskor.ill.in.ua
jskor.ill.in.ua
id.korrespondent.net
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua
i.holder.com.ua
44    193.29.200.157 (Ukraine)

ASN197203 (UMHAS, UA)
kor.ill.in.ua
1    193.29.200.140 (Ukraine)

ASN197203 (UMHAS, UA)
ui.ill.in.ua
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
17    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.de
1    104.18.2.81 (None, )

ASN13335 (CLOUDFLARENET, US)
r.i.ua
20    78.159.118.240 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
cdn.umh.ua
z.cdn.umh.ua
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
2    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    212.8.250.83 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.mox.tv
1    212.32.253.229 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
z.cdn.adtarget.market
4    51.83.200.186 (France)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-83-200.eu
gaua.hit.gemius.pl
4    91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
h.holder.com.ua
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
7    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
17    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
20    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
adservice.google.de
2    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
2    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu
ls.hit.gemius.pl
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
1    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
9    37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
2    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
3    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
10    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adtelligent-d.openx.net
eu-u.openx.net
us-u.openx.net
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    81.17.55.98 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
5    2400:52e0:1e00::1055:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
cdn.membrana.media
4    138.199.37.230 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-230.bunnyinfra.net
ym-tack.b-cdn.net
8    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    91.218.215.4 (Ukraine)

ASN42352 (QOS, UA)
PTR: unallocated.qos.kiev.ua
membrana-cdn.media
12    2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
12    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
2    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
9    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    2a02:26f0:f700:d::212:4f67 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    3.122.189.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-189-188.eu-central-1.compute.amazonaws.com
pm.w55c.net
17    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
cm.g.doubleclick.net
4    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    52.29.52.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-52-153.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
1    2a02:26f0:6c00::210:ba1b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.sascdn.com
5    185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    2602:803:c004:200::152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    81.17.55.161 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
euw1.smartadserver.com
4    67.220.226.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2a05:d018:d29:3605:9af0:2701:a426:d747 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal9000.redintelligence.net
1    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
5    138.201.63.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal90009.redintelligence.net
2    18.185.180.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-180-247.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    52.28.67.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
18    37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu
cdn.contentspread.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
www14.smartadserver.com
3    2607:f8b0:400c:c38::5e (Charleston, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:5d::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr3---sn-4g5ednld.googlevideo.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
6    185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
25    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com
d5p.de17a.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
3    52.50.45.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
6    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    34.193.201.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-201-64.compute-1.amazonaws.com
sync.srv.stackadapt.com
9    52.30.188.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    54.80.38.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-38-94.compute-1.amazonaws.com
a.audrte.com
4    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
1    52.29.237.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-237-148.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    52.209.54.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-54-253.eu-west-1.compute.amazonaws.com
r.scoota.co
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.94.240.141 (France)

ASN16276 (OVH, FR)
PTR: bixel-12.cloudy.ovh
green.erne.co
1    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel-eu.onaudience.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    159.65.194.197 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
70 ill.in.ua
csskor.ill.in.ua — Cisco Umbrella Rank: 390601
jskor.ill.in.ua — Cisco Umbrella Rank: 400015
kor.ill.in.ua — Cisco Umbrella Rank: 341199
ui.ill.in.ua — Cisco Umbrella Rank: 374798
1 MB
47 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 739
ads.pubmatic.com — Cisco Umbrella Rank: 741
image6.pubmatic.com — Cisco Umbrella Rank: 996
simage2.pubmatic.com — Cisco Umbrella Rank: 882
image2.pubmatic.com — Cisco Umbrella Rank: 1316
simage4.pubmatic.com — Cisco Umbrella Rank: 1564
aud.pubmatic.com — Cisco Umbrella Rank: 8381
image4.pubmatic.com — Cisco Umbrella Rank: 1480
55 KB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
218 KB
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
331 KB
30 adform.net
adx.adform.net — Cisco Umbrella Rank: 3427
track.adform.net — Cisco Umbrella Rank: 3383
s1.adform.net — Cisco Umbrella Rank: 6770
c1.adform.net — Cisco Umbrella Rank: 871
201 KB
24 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 716
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1267
eus.rubiconproject.com — Cisco Umbrella Rank: 832
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2966
beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 11152
token.rubiconproject.com — Cisco Umbrella Rank: 858
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1381
49 KB
21 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
pix.eu.criteo.net — Cisco Umbrella Rank: 5392
csm.eu.criteo.net — Cisco Umbrella Rank: 5670
436 KB
20 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 221455
z.cdn.umh.ua — Cisco Umbrella Rank: 242882
65 KB
17 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9945
ads.eu.criteo.com — Cisco Umbrella Rank: 5530
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 7028
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7363
gum.criteo.com — Cisco Umbrella Rank: 446
mug.criteo.com — Cisco Umbrella Rank: 1856
dis.criteo.com — Cisco Umbrella Rank: 903
63 KB
15 korrespondent.net
korrespondent.net — Cisco Umbrella Rank: 211379
ua.korrespondent.net — Cisco Umbrella Rank: 308801
id.korrespondent.net — Cisco Umbrella Rank: 357457
76 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
acdn.adnxs.com — Cisco Umbrella Rank: 872
secure.adnxs.com — Cisco Umbrella Rank: 670
69 KB
12 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7640
ghb.adtelligent.com — Cisco Umbrella Rank: 6213
sync.adtelligent.com — Cisco Umbrella Rank: 5351
ghb1.adtelligent.com — Cisco Umbrella Rank: 8603
38 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 142
2 KB
10 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1916
euw1.smartadserver.com — Cisco Umbrella Rank: 19566
www14.smartadserver.com — Cisco Umbrella Rank: 46646
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 721
13 KB
10 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 40737
bgstats.mox.tv — Cisco Umbrella Rank: 42052
143 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 814
4 KB
9 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 5630
pixel.mathtag.com — Cisco Umbrella Rank: 1380
sync.mathtag.com — Cisco Umbrella Rank: 679
5 KB
9 google.de
www.google.de — Cisco Umbrella Rank: 3658
adservice.google.de — Cisco Umbrella Rank: 5450
2 KB
8 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
181 KB
8 openx.net
adtelligent-d.openx.net — Cisco Umbrella Rank: 31156
rtb.openx.net — Cisco Umbrella Rank: 2379
eu-u.openx.net — Cisco Umbrella Rank: 2786
us-u.openx.net — Cisco Umbrella Rank: 698
4 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 977
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
5 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
3 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 33053
hal90009.redintelligence.net — Cisco Umbrella Rank: 314714
8 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
2 KB
6 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 497
tlx.3lift.com — Cisco Umbrella Rank: 817
3 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
2 KB
5 membrana.media
cdn.membrana.media — Cisco Umbrella Rank: 51740
228 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 44281
ls.hit.gemius.pl — Cisco Umbrella Rank: 8731
22 KB
5 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 343720
h.holder.com.ua — Cisco Umbrella Rank: 319002
5 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 4199
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12486
2 KB
4 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 7169
980 B
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1792
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2932
2 KB
4 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1903
2 KB
4 gstatic.com
www.gstatic.com
csi.gstatic.com
15 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
30 KB
4 b-cdn.net
ym-tack.b-cdn.net — Cisco Umbrella Rank: 48491
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
169 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20128
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30309
740 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1114
793 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1004
1 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3245
956 B
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 477
348 KB
3 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3328
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
368 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 791
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 918
750 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 32320
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 41763
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 963
382 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4330
207 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 821
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1014
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1282
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6509
562 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1202
499 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1172
2 KB
2 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3327
apps.sascdn.com — Cisco Umbrella Rank: 7524
12 KB
2 membrana-cdn.media
membrana-cdn.media — Cisco Umbrella Rank: 52737
44 KB
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5452
365 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2763
24 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 866
554 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1163
43 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 39171
119 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
88 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4735
461 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3231
555 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3979
641 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5807
369 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 14488
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1952
283 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8778
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6635
277 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 10408
324 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3376
382 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1403
407 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 6368
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 98
1 googlevideo.com
rr3---sn-4g5ednld.googlevideo.com — Cisco Umbrella Rank: 49356
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 66124
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
708 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
17 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1256
279 B
1 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7381
565 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
700 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 11623
257 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1341
672 B
1 adtarget.market
z.cdn.adtarget.market — Cisco Umbrella Rank: 237127
41 B
1 i.ua
r.i.ua — Cisco Umbrella Rank: 138845
1 KB
492 93
Domain Requested by
44 kor.ill.in.ua ua.korrespondent.net
18 s1.adform.net track.adform.net
s1.adform.net
ua.korrespondent.net
17 simage2.pubmatic.com ads.pubmatic.com
17 cm.g.doubleclick.net 7 redirects ua.korrespondent.net
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
eus.rubiconproject.com
eu-u.openx.net
17 pagead2.googlesyndication.com z.cdn.umh.ua
ad.mox.tv
pagead2.googlesyndication.com
ua.korrespondent.net
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
17 z.cdn.umh.ua cdn.umh.ua
16 securepubads.g.doubleclick.net ua.korrespondent.net
securepubads.g.doubleclick.net
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
www.googletagservices.com
imasdk.googleapis.com
13 csskor.ill.in.ua ua.korrespondent.net
csskor.ill.in.ua
12 static.criteo.net ads.eu.criteo.com
player.adtcdn.com
static.criteo.net
cdn.membrana.media
12 tpc.googlesyndication.com googleads.g.doubleclick.net
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
12 jskor.ill.in.ua ua.korrespondent.net
10 ib.adnxs.com 1 redirects player.adtcdn.com
cdn.membrana.media
acdn.adnxs.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 match.prod.bidr.io 9 redirects
9 ua.korrespondent.net ua.korrespondent.net
jskor.ill.in.ua
8 image2.pubmatic.com ads.pubmatic.com
8 eus.rubiconproject.com ua.korrespondent.net
eus.rubiconproject.com
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
cdn.membrana.media
player.adtcdn.com
8 cdn.jsdelivr.net cdn.membrana.media
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
8 ad.mox.tv z.cdn.umh.ua
ad.mox.tv
ua.korrespondent.net
7 pix.eu.criteo.net ads.eu.criteo.com
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
7 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
7 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
6 rtb-csync.smartadserver.com 3 redirects
6 match.adsrvr.org eus.rubiconproject.com
eu-u.openx.net
ads.pubmatic.com
6 x.bidswitch.net 6 redirects
6 ghb.adtelligent.com player.adtelligent.com
player.adtcdn.com
cdn.membrana.media
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
5 ads.pubmatic.com cdn.membrana.media
player.adtcdn.com
ads.pubmatic.com
5 track.adform.net hal90009.redintelligence.net
s1.adform.net
5 hal90009.redintelligence.net 1 redirects 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
hal90009.redintelligence.net
5 token.rubiconproject.com 4 redirects ced-ns.sascdn.com
5 tags.mathtag.com 1 redirects ced-ns.sascdn.com
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
tags.mathtag.com
5 cdn.membrana.media z.cdn.umh.ua
cdn.membrana.media
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects
4 a.audrte.com 2 redirects
4 eu-u.openx.net 1 redirects player.adtcdn.com
eu-u.openx.net
4 gum.criteo.com 2 redirects static.criteo.net
4 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ads.pubmatic.com
4 ups.analytics.yahoo.com 4 redirects
4 eb2.3lift.com 2 redirects cdn.membrana.media
4 dsp.adfarm1.adition.com 4 redirects
4 cdnjs.cloudflare.com ads.eu.criteo.com
s1.adform.net
4 ym-tack.b-cdn.net cdn.membrana.media
4 hbopenbid.pubmatic.com player.adtcdn.com
cdn.membrana.media
4 adx.adform.net player.adtcdn.com
cdn.membrana.media
4 www.googletagservices.com ad.mox.tv
googleads.g.doubleclick.net
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
4 www.google.com ua.korrespondent.net
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 h.holder.com.ua i.holder.com.ua
4 gaua.hit.gemius.pl 1 redirects ua.korrespondent.net
gaua.hit.gemius.pl
4 id.korrespondent.net ua.korrespondent.net
jskor.ill.in.ua
id.korrespondent.net
3 image4.pubmatic.com
3 pixel.onaudience.com 3 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 sync.crwdcntrl.net ads.pubmatic.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 cms.quantserve.com 3 redirects
3 sync.mathtag.com 3 redirects
3 acdn.adnxs.com cdn.membrana.media
player.adtcdn.com
3 csi.gstatic.com imasdk.googleapis.com
3 mug.criteo.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
3 an.yandex.ru 2 redirects ua.korrespondent.net
3 imasdk.googleapis.com cdn.membrana.media
imasdk.googleapis.com
3 inv-nets.admixer.net ad.mox.tv
cdn.membrana.media
3 onetag-sys.com player.adtcdn.com
cdn.membrana.media
3 bidder.criteo.com player.adtcdn.com
cdn.membrana.media
3 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 sync.adtelligent.com player.adtelligent.com
ua.korrespondent.net
cdn.membrana.media
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ua.korrespondent.net
3 cdn.umh.ua ua.korrespondent.net
cdn.umh.ua
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 r.scoota.co 2 redirects
2 loada.exelator.com 2 redirects
2 ad.turn.com 2 redirects
2 pixel-sync.sitescout.com ads.pubmatic.com
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 aud.pubmatic.com
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 us-u.openx.net eu-u.openx.net
2 dis.criteo.com 2 redirects
2 id5-sync.com player.adtcdn.com
2 csync.loopme.me 2 redirects
2 prebid-server.rubiconproject.com cdn.membrana.media
2 tlx.3lift.com cdn.membrana.media
2 pm.w55c.net 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
ua.korrespondent.net
2 membrana-cdn.media cdn.membrana.media
ua.korrespondent.net
2 prg.smartadserver.com player.adtcdn.com
2 prebid-eu.creativecdn.com player.adtcdn.com
2 fastlane.rubiconproject.com player.adtcdn.com
2 script.4dex.io player.adtcdn.com
script.4dex.io
2 ap.lijit.com ua.korrespondent.net
2 bgstats.mox.tv ua.korrespondent.net
2 unpkg.com ad.mox.tv
2 www.google.de ua.korrespondent.net
2 stats.g.doubleclick.net www.google-analytics.com
2 player.adtelligent.com player.adtcdn.com
2 player.adtcdn.com ua.korrespondent.net
2 www.googletagmanager.com ua.korrespondent.net
2 korrespondent.net 2 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 lb.eu-1-id5-sync.com player.adtcdn.com
1 ic.tynt.com cdn.membrana.media
1 www.youtube.com
1 rr3---sn-4g5ednld.googlevideo.com
1 www14.smartadserver.com
1 ghb1.adtelligent.com cdn.membrana.media
1 cdn.contentspread.net hal90009.redintelligence.net
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net ua.korrespondent.net
1 px.ads.linkedin.com eus.rubiconproject.com
1 euw1.smartadserver.com ced-ns.sascdn.com
1 beacon-fra2.rubiconproject.com ced-ns.sascdn.com
1 apps.sascdn.com ced-ns.sascdn.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 rtb.openx.net 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
1 s0.2mdn.net imasdk.googleapis.com
1 www.gstatic.com 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
1 cat.nl.eu.criteo.com ua.korrespondent.net
1 ced-ns.sascdn.com ua.korrespondent.net
1 secure-assets.rubiconproject.com 1 redirects
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 prebid.a-mo.net player.adtcdn.com
1 adtelligent-d.openx.net player.adtcdn.com
1 pbjs.e-planning.net player.adtcdn.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 a4p.adpartner.pro 1 redirects
1 cs.admanmedia.com 1 redirects
1 z.cdn.adtarget.market ua.korrespondent.net
1 r.i.ua ua.korrespondent.net
1 ui.ill.in.ua ua.korrespondent.net
1 i.holder.com.ua ua.korrespondent.net
492 157
Subject Issuer Validity Valid
*.korrespondent.net
Sectigo RSA Domain Validation Secure Server CA		 2022-09-09 -
2023-09-21		 a year crt.sh
*.ill.in.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-09-14 -
2023-09-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
holder.com.ua
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
*.kp.ua
R3		 2022-10-17 -
2023-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
i.ua
R3		 2023-01-02 -
2023-04-02		 3 months crt.sh
cdn.umh.ua
R3		 2022-12-06 -
2023-03-06		 3 months crt.sh
player.adtelligent.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
ad.mox.tv
R3		 2022-11-26 -
2023-02-24		 3 months crt.sh
adtarget.market
R3		 2022-11-24 -
2023-02-22		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
bgstats.mox.tv
R3		 2022-11-26 -
2023-02-24		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-11-25 -
2023-02-23		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.e-planning.net
R3		 2022-12-19 -
2023-03-19		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
cdn.membrana.media
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.membrana-cdn.media
R3		 2023-01-02 -
2023-04-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
contentspread.net
R3		 2022-12-14 -
2023-03-14		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-06 -
2023-03-06		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-12-13 -
2023-02-21		 2 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh

This page contains 66 frames:

Primary Page: https://ua.korrespondent.net/
Frame ID: 47009DEA478AEC6DA23085705C30D979
Requests: 244 HTTP requests in this frame

Frame: https://ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1672891200
Frame ID: 57471C72DAE3AD0E8B7499577F6C7B5D
Requests: 3 HTTP requests in this frame

Frame: https://cdn.umh.ua/libs/vast/vast-player/contentroll.html?2&advMediaId=zone_1186773423_yBQLTopsZeuA&ADTAG=https://z.cdn.umh.ua/load?o=v&z=1186773423&u=d393e4cc5f344ab0&sr=1600x1200&cw=1600&ch=1200&hc=4&pl=3&mi=4&me=8.00&df=64&bh=2&tl=1047&n=2154067856&url=ua.korrespondent.net/&vc=Intel%20Iris%20OpenGL%20Engine&zyx=2114804455
Frame ID: 3AA88CEEB605BCC09B2BF2425BB454C7
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=295c6609-b825-419c-afbd-53628058b0c1
Frame ID: EB43D403D4EF694B730618519A67A976
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: EAD8AACE5D290D1D625323010A1A8CB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: 3BA6F732B383270662E0D9B197D37EF9
Requests: 1 HTTP requests in this frame

Frame: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 87268BC9971159651E2D88BA35242105
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1672896347&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x810_l%7C188x540_r&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346952&bpp=3&bdt=743&idt=425&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8359092071123&frm=20&pv=2&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=457
Frame ID: FBA2C11BDC79C7C71F10E7023430CE4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
Frame ID: 3912CD729143FC2E4EE9B99EE1B603B5
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Frame ID: 86974CC5540763F53FED79161CC05C54
Requests: 19 HTTP requests in this frame

Frame: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D60F562F1898306685D10F227461E448
Requests: 8 HTTP requests in this frame

Frame: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7D6B19F4FA0A6FEDF8CA16D9C52622B0
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: B439F1BFC85F1B163AB7305F520B7341
Requests: 11 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: AA0DE6257893DC51CC9991B7305CE8DF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8AC5AB16409DEABE5D24DDD9141849A0
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.550.0_en.html
Frame ID: 7EC425774259975A2378F271A0B837E8
Requests: 21 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%225c0ed3aa-f91d-49fd-b297-64319184195d%22%2c%22adomain%22%3a%22mcfit.de%22%2c%22page%22%3a%221722121%22%2c%22format%22%3a%22118606%22%2c%22crid%22%3a%223710338%22%2c%22dsp%22%3a%22109%22%2c%22buyer%22%3a%2215981%22%2c%22cid%22%3a%22%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-184583312917697845%22%7d
Frame ID: 011B0DE3F7075FF4B29D537861D7D744
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldNeU5EQTBOek10WWpabE9TMDRZV1ZtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNjkzMjM3MTQyODE3MTc5MTMvMTEyMDQ0MjAvMTI3ODAzMzYvOS9rNXQyOTRaRGZ2TWtqazA5ZGdBNjF0R0pzUDJRX0QwZnVjSm1VQm5kd01NLzEvOS8wLzAvMjAzOTIxNi8xMzU4ODkxNzE4LzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDA2OTMyMzcxNDI4MTcxNzkxMy96cmgvMC85MTgwLzQyLzk5OS8yLzgwLjI1NS4xMC4wLzAuMDAwLzE2NzI4OTYzNDcvMTY3MjkwODk0Ny85LzE2MTE0Lw/u3EXu5g-OaRq8LmCNxhnFULxa7I&nodeid=3758&group=zrh&auctionid=4069323714281717913&pbs_auctionid=4069323714281717913&shardkey=4069323714281717913&sid=12780336&cid=11204420&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F
Frame ID: BF6BC8176230639D92AD2A3698FC2EE4
Requests: 10 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=37537200020216606783199012195009&a=41b681e4
Frame ID: FAB2C98DB0CD40A3B3B0A62630D7AE4F
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Frame ID: 122F83CD979E58A911432C06AAF1A55F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 75EC0375B9A505453DC8A8C1A5660272
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12153854/12153854.js?ADFassetID=12153854&bv=516
Frame ID: AADF07FA48A7E8A69858E86DF14DEB69
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3729950B5FA5A9EEF3F537D936AB3F2A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F10B3E24015C4FEE7E651E2AFD5F69C4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: F61A454B72E5FE56EC78BFBE06E07EF9
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2E5764316D5D9E3D07DACFD6E6056C35
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: B475DB5EB6782202D57C5C767B0E133B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B40268D82025F0B23D193E6B65924E3E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 09CAC792B13BF34DF7E438526811D1BF
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 19CA63D8C85F453679BDC5F84894AC86
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EAB0F48B9CBE5BC6CEA4C814CC78973C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Frame ID: 94F385A388C23B1DEA583AD3F76331D9
Requests: 12 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8e1d98f6-adf0-4603-bbb0-a30a913a90ae&gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}
Frame ID: 56DC48C61D5DEAA946DBE2AC5C859588
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Frame ID: 14E00AD8555780B78E7CE750D1D237AF
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 74915C7F3C93288CDCE4F23B0AAD4353
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: 6A8C18531C8E0DC149E0331065E23477
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 17EAF1B4512F514802FB443CDD831CF1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: DC89E40AC80856E9939888A7FE86FA7B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 91A83A3315C034389A13D840D6C9F4EA
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1672896347500&gdpr=0
Frame ID: 5A57A365E181B8604FEFC6FCA61B6F29
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Frame ID: 16FD54E9E1CF312BCA2B74D77BDCFE9E
Requests: 7 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6b5a63b6-5f5c-4e01-be27-94022feba0a2&gdpr=0&gdpr_consent=
Frame ID: C9062B0478CDDC1F1F86D35E1ED47494
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7C8959320A3D760473CB6CB047DCD55C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5027029190840815360
Frame ID: F65A337540A82CD4CF6C4F6A4A646B7E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=26324302-0D94-4CAE-9668-5F58D081266B&redir=true&gdpr=0&gdpr_consent=
Frame ID: EBCE438AE7783F02F90507A10324ABA3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489809576130088528&gdpr=0&gdpr_consent=
Frame ID: 8600892953578A00C55337116D1227F1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
Frame ID: 0E01DAAC9FF83A8F858C872E72FCE942
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
Frame ID: 85CE58E77050E692BE76619AAADB3109
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6ehWm5S6R0ZwvQWKmDtlQlD_CsY
Frame ID: 0ED3B364920FBBD0E742EF383480557B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
Frame ID: DB3ED110F6214C4EDCA0F12E85906475
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
Frame ID: D59E6360C20AC4F53E25FC9789CA4C79
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
Frame ID: F76C71D0E28414E2C713268A983FBC1A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1iV1U5HlRUBtm2U61-H6cVD_CsY
Frame ID: A10CA798EE5D25063CC78DD409B03142
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
Frame ID: 3A33D72B6DEF173AC91D46C294480936
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfYgAJS9kWkwAo&gdpr=0&gdpr_consent=&_test=Y7ZfYgAJS9kWkwAo
Frame ID: 537D9B97B40CC0AA8F02CAF9793DB117
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CBFFC539AF3C9F33117973B91D9DAB34
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 6A4EA00A7C4E45BD066C2A5359E6014C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7011107387
Frame ID: CA2DFF7A99BAF8A25F18C354E2F2EC3C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: F1B8E21522B3317F375F3581AA017220
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 09220CEF06001628840B8226B908B3A4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: CAD7C921654DB10884FA13296BE3A42E
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7a00e6cbb93fc9d0/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7GPoEAlsTgaanUjhhRYMjRQa
Frame ID: F104B008564814D8B35ABF2700C73D9E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E43157B87A5E096207DE9446771CF2F1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1c47j4gb8ohh
Frame ID: 80EDCED53CB77743E4E1D7AB9DEDE88E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:ABD98127C7004AF885174BFD946D5191&gdpr=0&gdpr_consent=
Frame ID: 4AB048B6ACEE105776C4FC582A055EBF
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent=
Frame ID: 017AFC37789509453FFC37B5E2EF8F1A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини - останні новини України та світу сьогодні - Korrespondent.net

Page URL History Show full URLs

  1. http://193.29.200.154/ HTTP 301
    http://korrespondent.net/ HTTP 301
    https://korrespondent.net/ HTTP 302
    https://ua.korrespondent.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

492
Requests

90 %
HTTPS

31 %
IPv6

93
Domains

157
Subdomains

114
IPs

16
Countries

4272 kB
Transfer

13194 kB
Size

158
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://193.29.200.154/ HTTP 301
    http://korrespondent.net/ HTTP 301
    https://korrespondent.net/ HTTP 302
    https://ua.korrespondent.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136
  • https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=295c6609-b825-419c-afbd-53628058b0c1
Request Chain 137
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=62cd1005-1bf6-4ec7-aef2-a766c7229a54
Request Chain 156
  • https://gaua.hit.gemius.pl/_1672896347366/rexdot.js?l=100&sendf=8&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cq1xSW2vwGYsZducW2FiZng7kldIzr5pmA2dafvzYqj.U73dpbNfWlxZrdqizOUlWArLATEPr6MhS7M3sD7bFXzF1qsr/zlUXcXKYYK2jr/&fpdata=aQMnaqy3c.LO1E7bM2Pml2gmVpFPKMmx6qZz_2SXhFv.S7&ltime=432&fr=1&ref=&inner=_ver%3D334%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63b65f5a379a6d11&brts=1672896347&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1672896347366/rexdot.js?l=100&sendf=8&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cq1xSW2vwGYsZducW2FiZng7kldIzr5pmA2dafvzYqj.U73dpbNfWlxZrdqizOUlWArLATEPr6MhS7M3sD7bFXzF1qsr/zlUXcXKYYK2jr/&fpdata=aQMnaqy3c.LO1E7bM2Pml2gmVpFPKMmx6qZz_2SXhFv.S7&ltime=432&fr=1&ref=&inner=_ver%3D334%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63b65f5a379a6d11&brts=1672896347&fpcap=
Request Chain 236
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 264
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1nG6ZEze206d1rtywbNBk&google_cver=1&google_push=AavPq0PrtdP6m6TH9hMuR9yccC-2Ds8ZGXTkvZahfZDdlxrr2FBK7oFfXlbVgOPrMbaZBQTXtnzDX778j1oOcVHbob8j-7Pd6FDd HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1nG6ZEze206d1rtywbNBk&google_cver=1&google_push=AavPq0PrtdP6m6TH9hMuR9yccC-2Ds8ZGXTkvZahfZDdlxrr2FBK7oFfXlbVgOPrMbaZBQTXtnzDX778j1oOcVHbob8j-7Pd6FDd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ME1vbmhNQ1MxUGRpTGE1&google_gid=CAESEA1nG6ZEze206d1rtywbNBk&google_cver=1&google_push=AavPq0PrtdP6m6TH9hMuR9yccC-2Ds8ZGXTkvZahfZDdlxrr2FBK7oFfXlbVgOPrMbaZBQTXtnzDX778j1oOcVHbob8j-7Pd6FDd
Request Chain 265
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENgzkSZYENOtnpIQ5hyGWSA&google_cver=1&google_push=AavPq0OZbz_ngbL50OfXP2MryctGdV_Kgk5KL_hapD8m-lWO6wcAiwZIa0_YyuIp2ejKPYZaHvqNmaN2QsWvI_-81_AtpEyARro HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNTEwNDI2NjIyMTcxMg%3D%3D&google_push=AavPq0OZbz_ngbL50OfXP2MryctGdV_Kgk5KL_hapD8m-lWO6wcAiwZIa0_YyuIp2ejKPYZaHvqNmaN2QsWvI_-81_AtpEyARro
Request Chain 266
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGwJvypY95bSotCibF0_kIk&google_cver=1&google_push=AavPq0PbLmMwC1EkUGmiW_Yv-4USSx9QvxPL1Rm_IZaQeRSRm9bIGvFvkQLyh51v0g0WPCqTotw5h1ojJgsIY0DvgBuj4RuBq2u0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGwJvypY95bSotCibF0_kIk&google_cver=1&google_push=AavPq0PbLmMwC1EkUGmiW_Yv-4USSx9QvxPL1Rm_IZaQeRSRm9bIGvFvkQLyh51v0g0WPCqTotw5h1ojJgsIY0DvgBuj4RuBq2u0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PbLmMwC1EkUGmiW_Yv-4USSx9QvxPL1Rm_IZaQeRSRm9bIGvFvkQLyh51v0g0WPCqTotw5h1ojJgsIY0DvgBuj4RuBq2u0&google_hm=TKjXWoJTSoqEVcAsDZPgUA==
Request Chain 268
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJef_jRFFK7QPgpmtZGNvQI&google_cver=1&google_push=AavPq0OkJKywRjrz6ruqHnEaREvSy1aIYl4eNhxw8tIbNp6oXmotwHaCirOHQqLumZGg3QK-Lp0J5b1MwS8yHas7xHOS2UUpJU2b HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0OkJKywRjrz6ruqHnEaREvSy1aIYl4eNhxw8tIbNp6oXmotwHaCirOHQqLumZGg3QK-Lp0J5b1MwS8yHas7xHOS2UUpJU2b&google_gid=CAESEJef_jRFFK7QPgpmtZGNvQI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczNTU3MzQ5MDA0NzA1Mzg0NzM4Ng%3D%3D&google_push=AavPq0OkJKywRjrz6ruqHnEaREvSy1aIYl4eNhxw8tIbNp6oXmotwHaCirOHQqLumZGg3QK-Lp0J5b1MwS8yHas7xHOS2UUpJU2b
Request Chain 269
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP7zpPg9WBgEzx11XDhi3XI&google_cver=1&google_push=AavPq0NCHLXwwcRht1253jcUAoDx1lJVR2KzvApDHCc2EuEXO4V_iEgnPQRD3UH20wyyJcdTC0kKp_sh-n9L2zFvDQYG0Io9pMVc9w HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP7zpPg9WBgEzx11XDhi3XI&google_cver=1&google_push=AavPq0NCHLXwwcRht1253jcUAoDx1lJVR2KzvApDHCc2EuEXO4V_iEgnPQRD3UH20wyyJcdTC0kKp_sh-n9L2zFvDQYG0Io9pMVc9w&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JQXJGemR0RTJ1RmxZbWdvWldRSm1fajhMeUpwSlVzNH5B&google_push=AavPq0NCHLXwwcRht1253jcUAoDx1lJVR2KzvApDHCc2EuEXO4V_iEgnPQRD3UH20wyyJcdTC0kKp_sh-n9L2zFvDQYG0Io9pMVc9w
Request Chain 270
  • https://an.yandex.ru/mapuid/google/CAESEGbB3aMxKiSwShzVYjPdk08?ext-param=AavPq0N7XrFLOj8S2ONjzgDVdxuM-qU93mlg_tQ0NdLResxZhwBE14rg2JgFU7GzydiCu00V6jEZeFu1QcIobVYOMHFGyuo9O71XMQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEGbB3aMxKiSwShzVYjPdk08?redir-setuniq=1&ext-param=AavPq0N7XrFLOj8S2ONjzgDVdxuM-qU93mlg_tQ0NdLResxZhwBE14rg2JgFU7GzydiCu00V6jEZeFu1QcIobVYOMHFGyuo9O71XMQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGbB3aMxKiSwShzVYjPdk08&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 279
  • https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldNeU5EQTBOek10WWpabE9TMDRZV1ZtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNjkzMjM3MTQyODE3MTc5MTMvMTEyMDQ0MjAvMTI3ODAzMzYvOS9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFodlM0MzdHVHczRVd2S2YxZWRxaHQ0LzEvOS8wLzAvMjAzOTIxNi8xMzU4ODkxNzE4LzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDA2OTMyMzcxNDI4MTcxNzkxMy96cmgvMC85MTgwLzQyLzk5OS8yLzgwLjI1NS4xMC4wLzAuMDAwLzE2NzI4OTYzNDcvMTY3MjkwODk0Ny85LzE2MTE0Lw/pRkUj7c4XRWvhpL8QfoaWPAdshQ&nodeid=3758&group=zrh&auctionid=4069323714281717913&pbs_auctionid=4069323714281717913&shardkey=4069323714281717913&sid=12780336&cid=11204420&price=9EA28A1ECD524110&bp=a_cagefj&nfy_act=LD5wfn0&src=imp&type=burl&client=c2s&bfip=185.29.134.181 HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=4069323714281717913&node_id=3758&exch_id=9
Request Chain 282
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDU0OTlkZWMwNmUwMzgzZmU5NTkzMDU5ZTJlM2U1N2IyZDVmNzRjMg
Request Chain 283
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tCwtl7d1Ts2kfO6NoddC0Q&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tCwtl7d1Ts2kfO6NoddC0Q
Request Chain 284
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/npdd7fD3q7OPUakPBzvu7g?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-M_ZrquhE2oJJek3zzfFN5x6vw389YY_Fwlv_MA--~A
Request Chain 285
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=v0iUa4SaRKap-ztTyVe1FA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=v0iUa4SaRKap-ztTyVe1FA
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBEXUnLpo_v67zG_kRTKURg&google_cver=1
Request Chain 287
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTkFJWUItVy1DSkE2
Request Chain 288
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCINAIYB-W-CJA6
Request Chain 295
  • https://hal90009.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=8a2bd98b53&subid=&uid=9f06e10b45010ff5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Da0386bcb00d7b6a942c3959e52a08b5e41770670%26mt_aid%3D4069323714281717913%26mt_id%3D11204420%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_cid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F%26redirect%3D&documentReferer=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=2435994844269&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90009.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=8a2bd98b53&subid=&uid=9f06e10b45010ff5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Da0386bcb00d7b6a942c3959e52a08b5e41770670%26mt_aid%3D4069323714281717913%26mt_id%3D11204420%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_cid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F%26redirect%3D&documentReferer=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=2435994844269&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 333
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=nisT-XxJYURzQlpYWG9OUTNwcGpsMWt4aVdLZk5sZUFub3VrTkJOSWx2VGY2anh5TVdXM1RvK0JtcC9JS082ZGNiSVZzc3dDZTAzSmJtZS94bVltVTFvaHUzNm1VZ3VaZUxZR1FKakMraFJQcnR2cXlnU0t2YWNvYU1ETE9Gclh6V3B0dkVvNmVzWGJldnowNkpTSkhkN3hRa29DOW42NjhxbTVFWWR0NHZDblVLcklBYW02bHVwVC8zaWNrRGtQOC9BZTZRemZKcHVNTUVSWURQM0V0aVoxdmhLUDhISWJtM2RZZGpkT3VscDFMNHNmSVYyNmhzSzUxSFZKN1RFTVFBRU95YkhtcVpmWWxpdFY0dXdMRDlpMDdEQT09fA&cppv=2
Request Chain 394
  • https://csync.loopme.me/?pubid=11378&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8e1d98f6-adf0-4603-bbb0-a30a913a90ae&gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}
Request Chain 400
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HNODHHw1Qllxa0VISURqQXJZWTNpMGdTbDdXRi82MHY5eUcyZlI5dkRpMGtEQnFYOUs1T2Y2V2t3V1BqQW9qMkZEUjhGbHE0WEFzak0yZDl5NUJNRnZYQlRFai9LNWVqWXl3UUg2QXdrQ1VJTVJUb2lZb3ZhckgxZTZ1cnJyOGZEMW1oV1FWR1hxOVJydmNxYnFxVnY2c2tPMkc1WnZjZjZuaEpEVFhSVFRQdzdTNlJxeUh0NERtLzIzcG44WFN4Mjd0QUJNUUw5L0xZU2JHMUhFOFZqMGVxUkUwSVJiOGZBbHVoNEJ6ZkM1SFN6QTRBbCt6STFGQ0ZoMXNKVEVBNXR4dXFTVW5xZk4zaXl1SFllWmRQTUJYa0lob2Y5L2xCakM5dHAwSlFBak8yWWpYMD18&cppv=2
Request Chain 408
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDcwOTE1NTQzMTEyMjc4MTU2Mw==&gdpr=0&gdpr_consent=
Request Chain 410
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=e502ee25-8ffb-49ca-9149-3e937b6e91c1
Request Chain 412
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=821e5617-9d33-4f23-bc56-aed6a8c13bda&gdpr=0&gdpr_consent=
Request Chain 413
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7185035104266221712&gdpr=0&gdpr_consent=
Request Chain 420
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b5a63b6-5f5c-4e01-be27-94022feba0a2
Request Chain 421
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=w1FRt8AEBuTYBlHikFcet5YHBbbYB1WxkwfNSnu_
Request Chain 422
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=951816736145919925
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECHd-JPOUdlGBSrgYXmvQr0&google_cver=1
Request Chain 428
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6b5a63b6-5f5c-4e01-be27-94022feba0a2&gdpr=0&gdpr_consent=
Request Chain 429
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 430
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5027029190840815360
Request Chain 432
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489809576130088528&gdpr=0&gdpr_consent=
Request Chain 433
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JjJDAg2UTK6WaF9Y0IEmaw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 436
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2430886179 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=26324302-0D94-4CAE-9668-5F58D081266B
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjYzMjQzMDItMEQ5NC00Q0FFLTk2NjgtNUY1OEQwODEyNjZC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKv3VkVbdP3j0YIZtomrNhs&google_cver=1
Request Chain 440
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=951816736145919925
Request Chain 451
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
Request Chain 452
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
Request Chain 453
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6ehWm5S6R0ZwvQWKmDtlQlD_CsY
Request Chain 454
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYWcwN0hiTDhBQUNCSi1IbkJmZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACag07HbL8AACBJ-HnBfg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACag07HbL8AACBJ-HnBfg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACag07HbL8AACBJ-HnBfg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4709155431122781563&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
Request Chain 455
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=26324302-0D94-4CAE-9668-5F58D081266B HTTP 302
  • https://a.audrte.com/p
Request Chain 456
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 457
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26324302-0D94-4CAE-9668-5F58D081266B&addseg=19,36,42
Request Chain 458
  • https://pixel.onaudience.com/?partner=214&mapped=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=92565cd5fda9d127/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 459
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_3450da91-f336-4433-8de7-843f46b4f046&bsw_param=4ca8d75a-8253-4a8a-8455-c02c0d93e050&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 461
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26324302-0D94-4CAE-9668-5F58D081266B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9oYBZUlE2uXAli2Cp3Z9SrlodIHWQzg-~A&gdpr=0&gdpr_consent=
Request Chain 464
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2430180155125739679&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 465
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=26324302-0D94-4CAE-9668-5F58D081266B HTTP 302
  • https://a.audrte.com/p
Request Chain 466
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 467
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26324302-0D94-4CAE-9668-5F58D081266B&addseg=19,36,42
Request Chain 468
  • https://pixel.onaudience.com/?partner=214&mapped=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=80317ac91790bc96bab15f6c2957e869&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 469
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
Request Chain 470
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
Request Chain 471
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d1b118ec-1b43-40cc-b001-9b0b5991e9bf&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 473
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26324302-0D94-4CAE-9668-5F58D081266B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9oYBZUlE2uXAli2Cp3Z9SrlodIHWQzg-~A&gdpr=0&gdpr_consent=
Request Chain 474
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1iV1U5HlRUBtm2U61-H6cVD_CsY
Request Chain 477
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACag07HbL8AACBJ-HnBfg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACag07HbL8AACBJ-HnBfg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACag07HbL8AACBJ-HnBfg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=2&userid=4709155431122781563&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
Request Chain 478
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2358122561087811743&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 479
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y7ZfYgAJS9kWkwAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfYgAJS9kWkwAo&gdpr=0&gdpr_consent=&_test=Y7ZfYgAJS9kWkwAo
Request Chain 480
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 481
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 482
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1672896353991 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7011107387
Request Chain 486
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7a00e6cbb93fc9d0/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7GPoEAlsTgaanUjhhRYMjRQa
Request Chain 488
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1c47j4gb8ohh
Request Chain 489
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:ABD98127C7004AF885174BFD946D5191&gdpr=0&gdpr_consent=
Request Chain 490
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6673b07d-bc49-4c16-a398-54f50a7329bd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 491
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6489809576130088528
Request Chain 493
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b5a63b6-5f5c-4e01-be27-94022feba0a2

492 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ua.korrespondent.net/
Redirect Chain
  • http://193.29.200.154/
  • http://korrespondent.net/
  • https://korrespondent.net/
  • https://ua.korrespondent.net/
159 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
039f119636265f82427e7e3e88ae85ed4695d5e2b505f2a0d1ff6408ae687b8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7849cb92bb5b2c3a-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:46 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
7849cb91eaac2c3a-FRA
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:46 GMT
location
https://ua.korrespondent.net
server
cloudflare
x-powered-by
ASP.NET
opensans-condbold-webfont.woff
csskor.ill.in.ua/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/fonts/opensans-condbold-webfont.woff
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26dc9aca8f2ab8bbb58b5e9e5918988475e42f7cffad974698a71b2addc6ec5b

Request headers

Referer
https://ua.korrespondent.net/
Origin
https://ua.korrespondent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 18 Dec 2013 10:08:55 GMT
server
Microsoft-IIS/10.0
etag
"7499fa28d9fbce1:0"
x-powered-by
ASP.NET
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
49816
index.min.css
csskor.ill.in.ua/css/ 		188 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c914c5ec7768654dc4f35534b46d2da72708c4db16148a833ce1847b893f60a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 14:41:35 GMT
server
Microsoft-IIS/10.0
etag
"80b91c43f335d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
30556
responsive.min.css
csskor.ill.in.ua/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/responsive.min.css?v=1.1.2
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eda53a126b9ad636ada21bc74b0e54c5dfa526083e7a876b17eb90061254d275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 09:52:22 GMT
server
Microsoft-IIS/10.0
etag
"08f70dd1331d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
5192
admin.css
csskor.ill.in.ua/css/ 		3 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/admin.css?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d2fbad9636c1fb1ddc3e083984f2b5d3a955a32fdb6247876aabee203958e7dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Thu, 15 May 2014 11:10:16 GMT
server
Microsoft-IIS/10.0
etag
"0dce73f2e70cf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
855
adv.css
csskor.ill.in.ua/css/ 		2 KB
766 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/adv.css?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2791dcb76821658dce3165022548a9d1032f4c99efe7acfaafdd6327cbd88129

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Thu, 15 May 2014 11:10:16 GMT
server
Microsoft-IIS/10.0
etag
"0dce73f2e70cf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
723
jquery-ui-1.9.2.custom.css
csskor.ill.in.ua/css/jq/ui/smoothness/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/jq/ui/smoothness/jquery-ui-1.9.2.custom.css
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1885450c0476075437b5f7356ec5dc33fa5179e850cc4dbf59c29f37744818f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2014 11:20:28 GMT
server
Microsoft-IIS/10.0
etag
"066d961b32cf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
6146
royalslider.min.css
csskor.ill.in.ua/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bcab73e79e54f5f8b0cf77546f937aaf4aed60947fc1e4a7801813ed34728c4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 26 Oct 2018 14:09:52 GMT
server
Microsoft-IIS/10.0
etag
"0b82a90356dd41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2594
elections.css
csskor.ill.in.ua/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/elections.css
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cefac0898ee1d19ff1fc498113e6f7b81a0f5a6e63b3ae72106cde5d0454bc01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Mon, 27 Oct 2014 21:02:42 GMT
server
Microsoft-IIS/10.0
etag
"0c5215929f2cf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2480
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1609229-9
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
718320417cdecc80c1ac84dbec09d347b23ed8bb65fc78b5922d3ab91ee040c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43613
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Jan 2023 05:25:46 GMT
jquery.min.js
jskor.ill.in.ua/js/jq/ 		125 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cafe2ccc723f38d12406fdcc2b9777f7f89363a39bbd09c91bb75876f24141fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
etag
"078642cb3efcf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
39559
jquery.Storage.js
jskor.ill.in.ua/js/jq/ 		1 KB
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.Storage.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
11449813770e57069d077ac0ad5beb3f7406204c87d961ba1b53c30dba58b3c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
etag
"078642cb3efcf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
727
jquery.lazyload.mini.js
jskor.ill.in.ua/js/jq/ 		4 KB
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.lazyload.mini.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ed325bb4e1bd9f76da8039c87602d63b91e6963d6bf830e62d938a1b90cd133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
etag
"078642cb3efcf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
901
jquery.tmpl.min.js
jskor.ill.in.ua/js/jq/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.tmpl.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af6592d435a34ae2cbc384c908b2000e3a33f3c3d7bace1a84ba7880a8a80d9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
etag
"078642cb3efcf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2804
scrollable.js
jskor.ill.in.ua/js/jq/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/scrollable.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3224cd51f4161d44547a1f5a57a5566582c3d6a690d2212af8a0a8739d0c8e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 17:51:46 GMT
server
Microsoft-IIS/10.0
etag
"0a5952db3efcf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2214
menu.js
jskor.ill.in.ua/js/modules/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/modules/menu.js?v=2
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a58c45b495338481a91c73729bf3916ce6c7d8e9f0566c0e731a7a3da7dba81c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
etag
"0d2c62eb3efcf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1610
profile.js
id.korrespondent.net/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/js/profile.js?v=3
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
214227a16b4ff571023cbfabe1a74a46b33fb30abbcd8d1a722ae12e3afeb794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Mon, 08 Oct 2018 21:45:48 GMT
server
Microsoft-IIS/10.0
etag
"08e2d46505fd41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
1803
common.min.js
jskor.ill.in.ua/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/common.min.js?v=1.3.5
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bcd0cd7d131396368ab07c7c6e63897dad1b92ff4b4ef32a7761a02ab48dd5a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 15:25:02 GMT
server
Microsoft-IIS/10.0
etag
"05b82669910d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1752
dropdown.min.js
jskor.ill.in.ua/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/dropdown.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d169a4b4bf7e00787e12931b5c2040d76f6995b3ba3f06050274b28644b47d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
etag
"078642cb3efcf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1138
select.min.js
jskor.ill.in.ua/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/select.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5cad78844631f748de4f5526652f08ae1504dce421b6e8dcd796af07e639ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
etag
"0d2c62eb3efcf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
4138
jquery.royalslider.min.js
jskor.ill.in.ua/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jquery.royalslider.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
daa9c1c00563b973df8c5dad719b8670a599a9465ba9bbac4d222c586b538571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
etag
"0d2c62eb3efcf1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
16792
holder.js
i.holder.com.ua/t/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Fri, 05 Jan 2024 05:25:46 GMT
branding.js
jskor.ill.in.ua/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/branding.js?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
898e180e28f0d79507e9383a6f58303043c24013cca819f7451381562f323093

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 13:59:35 GMT
server
Microsoft-IIS/10.0
etag
"803da68484dcd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1794
hide-banners.js
jskor.ill.in.ua/js/ 		2 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/hide-banners.js?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dd89c698f5518b8e74892fd52085772390a4cb078ff04939584650c0d3507c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 07:51:53 GMT
server
Microsoft-IIS/10.0
etag
"4aa533f9ab51d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
827
logo-ua.png
ua.korrespondent.net/i/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/logo-ua.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fdbbb1faa15e41cd9417b5ac8ad144c3bde0c031f3e0e6a05a4bb1385c902e4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Jul 2022 11:48:52 GMT
server
cloudflare
age
64
etag
"a1c784d9f79cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
7849cb954e012c3a-FRA
content-length
5472
2794636.jpg
kor.ill.in.ua/m/610x386/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/610x386/2794636.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e707787de39cf51760b733497ea2d80ed883ff253ada8df2854a14cfefb11754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Thu, 05 Jan 2023 04:21:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
69556
expires
Thu, 05 Jan 2023 05:30:19 GMT
2794635.jpg
kor.ill.in.ua/m/400x253/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794635.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
06791294f0ca74ee9ef7e57b62a7146f312e3e86f1bd8ced3b51e01de3dcec70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Thu, 05 Jan 2023 02:38:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
42011
expires
Thu, 05 Jan 2023 05:29:27 GMT
2794626.jpg
kor.ill.in.ua/m/400x253/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794626.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8257da221b0d01bf5b45262f9ffa1e42b2777e58b529f270673494ee35c0446a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Thu, 05 Jan 2023 00:39:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
32750
expires
Thu, 05 Jan 2023 05:27:22 GMT
2794623.jpg
kor.ill.in.ua/m/400x253/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794623.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
de19fc50db39806c89ff5c6d9dc50db7f4c1a7414b89124b3ec0b70a4487d299

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 23:36:10 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
31323
expires
Thu, 05 Jan 2023 05:30:19 GMT
2794620.jpg
kor.ill.in.ua/m/400x253/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794620.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5a9b96223920dadf0979807678b7570cc07d2fb7cea2a0143d369153eeca0bab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 23:03:31 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
32228
expires
Thu, 05 Jan 2023 05:27:22 GMT
2794617.jpg
kor.ill.in.ua/m/400x253/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794617.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
41212afc0616bb1bdb253c2803d89b4946d838dcbf7f53f34d701fff7976e67b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 21:59:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
33214
expires
Thu, 05 Jan 2023 05:28:24 GMT
2748609.jpg
kor.ill.in.ua/m/400x253/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2748609.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b54c328d57640f55808863d1376eadfb1c402c56204f1e9b5f7e2c0d48c4ab76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 21:14:47 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
38644
expires
Thu, 05 Jan 2023 05:29:24 GMT
2794612.jpg
kor.ill.in.ua/m/400x253/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794612.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1b7d54df0d6bd98fa7b739a6f2ae7afd37d313f31ccbb4724c5cb7144bd358f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 20:24:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
28335
expires
Thu, 05 Jan 2023 05:29:22 GMT
2794613.jpg
kor.ill.in.ua/m/400x253/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794613.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9c4a81b8702da0f5ed9489c64087a49723526701acbe8d667b0da9cac62c19e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 20:20:54 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
40155
expires
Thu, 05 Jan 2023 05:32:38 GMT
2794614.jpg
kor.ill.in.ua/m/400x253/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794614.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a5051f275b34bded23e96a75d93cddae64b3f51247efd5f8ca1f572110a3fc2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 20:26:16 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
92849
expires
Thu, 05 Jan 2023 05:40:44 GMT
2794607.jpg
kor.ill.in.ua/m/400x253/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794607.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b7fc4571cac3f9bba6a37436dea708880aaab7883783f6555a814ef587ba6406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 19:00:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
32927
expires
Thu, 05 Jan 2023 05:27:22 GMT
2794606.jpg
kor.ill.in.ua/m/400x253/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794606.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6f4eb2c5048bce11d08ee5bbb48771b6c1ac1523e9eba6b43ab3de3e56b6a328

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 19:27:33 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
45724
expires
Thu, 05 Jan 2023 05:29:22 GMT
ajax.gif
ua.korrespondent.net/i/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/ajax.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd4fb84ef463207662efa03dbd05515afb3aee6a71fa7c5e56e7b0b13504a7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:43:59 GMT
server
cloudflare
age
3555
etag
"f5e98f8369dbd11:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
7849cb954e022c3a-FRA
content-length
5483
2794633.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794633.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6647a0e10af9621efe86fed73188af4616634410dc3ff2e26661627f32cc8f70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Thu, 05 Jan 2023 02:28:18 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14784
expires
Thu, 05 Jan 2023 05:29:22 GMT
2793598.jpg
kor.ill.in.ua/m/190x120/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2793598.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
df9b40919d4c89ac47aa1f8e6fafaf0a1003eeb3054647300063a936abd173ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 16:45:09 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
12084
expires
Thu, 05 Jan 2023 05:39:26 GMT
2794588.jpg
kor.ill.in.ua/m/190x120/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794588.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cfbd2f7e0e6fad9b99a3dbeedc40c15df1a4d83d72bc27251698239990f735e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 16:24:33 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
8700
expires
Thu, 05 Jan 2023 05:39:26 GMT
2794582.jpeg
kor.ill.in.ua/m/190x120/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794582.jpeg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bc3b3dd0dea4a4cd7d8952359b4e76719500fd17e4b50d38b9fecf028c3f46d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 15:53:09 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
10214
expires
Thu, 05 Jan 2023 05:39:26 GMT
blank.gif
ua.korrespondent.net/i/ 		45 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/blank.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:43:59 GMT
server
cloudflare
age
3555
etag
"f5e98f8369dbd11:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
7849cb956e152c3a-FRA
content-length
45
2794571.jpg
kor.ill.in.ua/m/190x120/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794571.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
47fb80d01d144501a3c85ec46b97ac3a227d3f62fe45ebfb471bc7033e93fc6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 15:28:44 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
9580
expires
Thu, 05 Jan 2023 05:26:27 GMT
2794545.jpg
kor.ill.in.ua/m/190x120/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794545.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
37ada64efe4fc1e9f13520dbcfd410c3be687e607ff909b08dab0cbbe5744c81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 14:32:07 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
11160
expires
Thu, 05 Jan 2023 05:28:23 GMT
2794541.jpg
kor.ill.in.ua/m/190x120/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794541.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0fdade545083710ec2c14b2d97bcacf4254ade19d5b17213c37dcb086ff7ac2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 14:15:23 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
8647
expires
Thu, 05 Jan 2023 05:29:22 GMT
2794512.jpg
kor.ill.in.ua/m/190x120/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794512.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f61f44c6d0ea36d265d85185cfa78fc98f3312acee6764c82d5c445373cfea2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 13:05:19 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
12435
expires
Thu, 05 Jan 2023 05:37:36 GMT
2794484.jpg
kor.ill.in.ua/m/190x120/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794484.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
163793b0136e364b44f65c3bcb3466d18c86375952d35d398caca02ee9ce36de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 12:16:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
11424
expires
Thu, 05 Jan 2023 05:30:20 GMT
2794455.jpg
kor.ill.in.ua/m/190x120/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794455.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5e74aaaf00469b92ba08038f76d2990c17d412e670f57d938f802f47e7ddd0d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 10:42:07 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
10025
expires
Thu, 05 Jan 2023 05:26:27 GMT
2794429.jpg
kor.ill.in.ua/m/190x120/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794429.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
72323ad074da00a905d03bffc7642f236a35aa5446c2fa1ecca5869c06595af1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 09:30:06 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
10891
expires
Thu, 05 Jan 2023 05:29:22 GMT
2794394.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794394.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c66b6978e1b73f1f7cc61cf3ec4d8d4b14718fc51f12dbb4276c563a177f7286

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 08:04:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14828
expires
Thu, 05 Jan 2023 05:26:20 GMT
2794368.jpg
kor.ill.in.ua/m/190x120/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794368.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d213970a5b57a0dfffec6c77c27ccf772040668eeb33298064dfb27315feb85f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 06:00:28 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
15146
expires
Thu, 05 Jan 2023 05:28:24 GMT
2794270.jpg
kor.ill.in.ua/m/190x120/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794270.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
196a86d240f0ad1ad368f169a1ed3b601c15cfda7503f5ccd0ba7df534ca57cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Tue, 03 Jan 2023 15:12:21 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
16512
expires
Thu, 05 Jan 2023 05:32:43 GMT
2794238.jpg
kor.ill.in.ua/m/190x120/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794238.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0078be67aaf882dd4cd6af79f261dd76b81250542fbd1b75f44f0ae38ac47583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Tue, 03 Jan 2023 13:41:34 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
10910
expires
Thu, 05 Jan 2023 05:26:28 GMT
2794222.jpg
kor.ill.in.ua/m/190x120/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2794222.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6c9093dd597b271c1ef727a66cb1f5958d475afeba07bef845fa26d14269eb95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Tue, 03 Jan 2023 12:56:31 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
5873
expires
Thu, 05 Jan 2023 05:29:24 GMT
2758304.jpg
kor.ill.in.ua/m/170x170/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/170x170/2758304.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
71290a2d1972e2fa3a41731d7297b5b1bfb2b54906d10f7f9f5c2c76f8387eec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Tue, 09 Aug 2022 05:52:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
9244
expires
Thu, 05 Jan 2023 05:29:44 GMT
2592627.jpg
kor.ill.in.ua/m/170x170/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/170x170/2592627.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f0047ee3299a2f20f42137991f05098936ae8629c97e0bbefa39d136130e5081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Sun, 14 Feb 2021 15:52:57 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
17488
expires
Thu, 05 Jan 2023 05:27:21 GMT
2783158.jpg
kor.ill.in.ua/m/170x170/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/170x170/2783158.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ac6854473a06bdf8d3add4b8ace1c53eba4bcf88c0df3adf78ed6243fab5a04e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Tue, 15 Nov 2022 16:47:00 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
13048
expires
Thu, 05 Jan 2023 05:29:22 GMT
2715997.jpg
kor.ill.in.ua/m/86x115/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/86x115/2715997.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ee83c984c733b9c55a91f42e6cf39ba90c22bc0789296f4b7a5ec189ef24afbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Sun, 27 Feb 2022 21:34:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
8895
expires
Thu, 05 Jan 2023 05:27:19 GMT
disclaimer.min.js
ui.ill.in.ua/s/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.ill.in.ua/s/disclaimer.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
193.29.200.140 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
2356de1d2ca4b622f2949c68f0659a08d577e86204c4700c439132c5164d17ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2019 12:36:23 GMT
Server
Microsoft-IIS/7.0
ETag
"d67f5a9ce421d51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=31536
Accept-Ranges
bytes
Content-Length
1352
hb_738585_17161.js
player.adtcdn.com/prebidlink/464693/ 		406 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
433bbd46d6327d977d17f8123e30a1f7f8326e8d81bc9b8b73e4e15ef8e17aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 15:29:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
220
etag
W/"63b59b51-6583f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsT7HTQGQYWu68T%2F%2FLpliaAhVG6U9A3oECyyn%2BviW5Dbo0urwPIDwsi0AE7Ie7NK10J%2B8xYYDvEpC21QfJdQmdq3c3m6CikMEwuTu3xfC3ZY2KkuAqepGdH0n5ajUoMuLIkEEkD%2FlyA%2Bx3xfJKl55A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
7849cb9599d5912e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 05 Jan 2023 05:37:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27560
x-xss-protection
0
server
sffe
etag
"1442 / 867 of 1000 / last-modified: 1672873566"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Jan 2023 05:25:46 GMT
wrapper_hb_738585_17161.js
player.adtcdn.com/prebidlink/464693/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/464693/wrapper_hb_738585_17161.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d6a5b855af39208b95b7b0a1592ab6027e0152f4a8e9549a7bb51b13d384eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 15:29:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
220
etag
W/"63b59b51-683"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzrD9T1jLLvjy68va0bYXAprfJQxJnXS8e7WrUoPPIKrVO68gaHZk%2FW7Gi53EDGwdcRR9jB8FBwVjh44gl5ezgtA7C%2BuXDht72LeVxQwrFxSVGkPsyi3ZcwSlkPnHiltsx2Kw19z6jZUERuvHmDC1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
7849cb9599d7912e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 05 Jan 2023 05:37:06 GMT
icon-sprite.png
csskor.ill.in.ua/i/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/icon-sprite.png
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83ab5047e820c4c9edf0823374a8a31e0119fae38f345a88caa81b46184dfe5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
etag
"0ef6440fe69cf1:0"
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
29852
blank.gif
csskor.ill.in.ua/css/ 		45 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/css/blank.gif
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Tue, 25 Feb 2014 11:20:28 GMT
server
Microsoft-IIS/10.0
etag
"066d961b32cf1:0"
x-powered-by
ASP.NET
content-type
image/gif
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
45
preloader.gif
csskor.ill.in.ua/i/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/preloader.gif
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
90102a5b0d498a0928a1923216a5e922fa4dd138a5c7ecad85c6f5b6cdd6bdab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
etag
"0ef6440fe69cf1:0"
x-powered-by
ASP.NET
content-type
image/gif
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
6154
2789473.jpg
kor.ill.in.ua/m/67x43/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2789473.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b373137e3f25d6ba88763bf357b34625ae79e7614cd02ae653b39a3cd7a65fc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Tue, 13 Dec 2022 14:37:50 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2006
expires
Thu, 05 Jan 2023 05:29:23 GMT
2789250.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2789250.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8460872a2dc97551965a50d6f69a321e4e4dc5ffc8cb048fe5e49fc993857a47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Mon, 12 Dec 2022 20:53:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2742
expires
Thu, 05 Jan 2023 05:27:26 GMT
2794636.jpg
kor.ill.in.ua/m/67x43/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2794636.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c9de20ca15c161b2f4627cc2d7ebc06db541f548a6d8b650440ca9de25c622ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Thu, 05 Jan 2023 04:21:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2185
expires
Thu, 05 Jan 2023 05:32:16 GMT
2748609.jpg
kor.ill.in.ua/m/67x43/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2748609.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
904408dd813b83b92532754d2c86ad72e0c9e9fc16b4feaff36e1ba8c86dbb0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 21:14:47 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2428
expires
Thu, 05 Jan 2023 05:29:24 GMT
2794613.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2794613.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b909fe4dd0891abb06de850210f368fa1750ca12e0b2d384c0e5528c19bb4fc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 20:20:54 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2919
expires
Thu, 05 Jan 2023 05:33:29 GMT
2794614.jpg
kor.ill.in.ua/m/67x43/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2794614.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ae5327265bbba843da99133404e2d9279bef3c29e6399ff26a262f943c53deb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 20:26:16 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2336
expires
Thu, 05 Jan 2023 05:29:22 GMT
2794573.jpg
kor.ill.in.ua/m/67x43/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2794573.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
75c28fb6d9751a17b19260658180bd5baf6cf9254ec736a43b3177d2583b9027

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 15:46:50 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2477
expires
Thu, 05 Jan 2023 05:29:22 GMT
2794050.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2794050.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
60aae86f80ee4aa05d946021545daa8a65d116424759e5c6c82d63a8e6dd4cfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Tue, 03 Jan 2023 00:38:19 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2650
expires
Thu, 05 Jan 2023 05:39:53 GMT
2794266.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2794266.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
adc8699a07b50b1ef7757edbc6be50d330697f0eee0ed7446e358cf82dfac49e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Tue, 03 Jan 2023 14:54:39 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
3441
expires
Thu, 05 Jan 2023 05:25:51 GMT
s
r.i.ua/ 		815 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.i.ua/s?u1647&p4&n0.9433031798521374&c1&d24&w1600&h1200&r/ua.korrespondent.net/
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dee64cfa2b35f3939ac0361adb223c197bf701c412e6e13002f77d4cbd10bcbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
p3p
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
no-cache, must-revalidate
cf-ray
7849cb960a709164-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
e.js
cdn.umh.ua/libs/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
257ae897eb8307e45ebba08e4b65969625e876e20d3b99c9593f3e5bab3f7db0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block;
last-modified
Fri, 14 Oct 2022 11:29:20 GMT
server
nginx
etag
W/"63494810-2c5c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
X-PINGOTHER
expires
Fri, 06 Jan 2023 05:25:46 GMT
subscribe.png
csskor.ill.in.ua/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/subscribe.png
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
84510fffe17fea544ae340bc9373b62106bfccc148f93e8ac4bbed045c64e9a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
etag
"0ef6440fe69cf1:0"
x-powered-by
ASP.NET
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
4138
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1609229-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 03:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5702
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 05 Jan 2023 05:50:44 GMT
hbw_master_738585_17161.js
player.adtelligent.com/prebidlink/19362/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19362/hbw_master_738585_17161.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/wrapper_hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
987544d69ee0587d6abfbb15df64a523d877b9a209973114eb5f4983faf3e319

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Sat, 07 Jan 2023 05:25:46 GMT
date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 15:29:21 GMT
server
nginx
etag
W/"63b59b51-18f68"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=160236804&t=pageview&_s=1&dl=https%3A%2F%2Fua.korrespondent.net%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=144141328&gjid=1224920464&cid=201022016.1672896347&tid=UA-1609229-9&_gid=60821454.1672896347&_r=1&gtm=2oubu0&z=200021706
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
load
z.cdn.umh.ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1261666467&div=zone_1261666467&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
864452b07e3930367ab8b5a434d75d14b46697b2248c53300ddc1a3f2bf2431a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-length
1018
expires
-1
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1609229-9&cid=201022016.1672896347&jid=144141328&gjid=1224920464&_gid=60821454.1672896347&_u=YEBAAUAAAAAAACAAI~&z=593883334
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 05 Jan 2023 05:25:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1261666467&div=zone_1261666467&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f58cfda56b062e9b72bf642c7ef744ab84932e1a77d3a32c60db08552cfcb418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 11:58:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"638896ce-7204"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Jan 2023 06:25:46 GMT
smc
z.cdn.adtarget.market/ 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z.cdn.adtarget.market/smc?s=201&u=d393e4cc5f344ab0
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
212.32.253.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:17:37 GMT
server
nginx
gtm.js
www.googletagmanager.com/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7KPL8
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
895c88b770ad935d3cd2f05a2a61c3a01434c2fd3950737e65c6c4cd32295f86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46215
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Jan 2023 05:25:46 GMT
load
z.cdn.umh.ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1479810766&div=zone_1479810766&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
b5eec69f83a33a2f3a612fc6e638ef0e08a2de8328d9f2c43a397c9d1147f604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
993
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2049166118&div=zone_2049166118&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1175131832&div=zone_1175131832&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
load
z.cdn.umh.ua/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1186773423&div=zone_1186773423&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
727f49b85469cbe1724a2c23e9cbdbe1eaef8cebfb3f4ab8168ad93c418216eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
4007
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1298427590&div=zone_1298427590&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1664245384&div=zone_1664245384&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1907900247&div=zone_1907900247&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2064876158&div=zone_2064876158&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1508430322&div=zone_1508430322&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
load
z.cdn.umh.ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1526170517&div=zone_1526170517&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
3b9ffb60a3dc9ac99ad7043374b97d0c418e4dfc626152ec1b2346c3e866f7d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
891
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1463746620&div=zone_1463746620&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
load
z.cdn.umh.ua/ 		1 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1836648724&div=zone_1836648724&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
b97623e85d1b1f723d972ef17df1203ddaeaf32bd8aa581ee7d3754a4b69d317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
818
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1551866364&div=zone_1551866364&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
load
z.cdn.umh.ua/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1624934371&div=zone_1624934371&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-cache, must-revalidate
server
nginx
expires
-1
xgemius.js
gaua.hit.gemius.pl/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
fc4ed496dbfbe15b4b76827894045f3abd3718f08dd6b28f48e0965d62cbf83a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 17:44:03 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
17129
expires
Thu, 05 Jan 2023 17:25:46 GMT
user.hnd
id.korrespondent.net/aut/ 		9 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/aut/user.hnd?_1672896346692=
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc788950c34406808d0a6d40ee7d7a0a585a3cebcd266cb72b1a4a8a252f1331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private
weather.hnd
ua.korrespondent.net/widget/ 		2 KB
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/widget/weather.hnd
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
df081b65cb9384fb2d895c3d61ae82d0539fd694ccd6dfba8403b0e1b4ac3554

Request headers

Accept
*/*
Referer
https://ua.korrespondent.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Jan 2023 05:24:54 GMT
server
cloudflare
age
52
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private
cf-ray
7849cb96ef642c3a-FRA
preloader_photo-gray.gif
csskor.ill.in.ua/i/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/preloader_photo-gray.gif
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa850796db9400b694644339634f8708ffd14e3ac9843972954dcb4571dcb939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
etag
"0ef6440fe69cf1:0"
x-powered-by
ASP.NET
content-type
image/gif
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
5916
2794630.jpg
kor.ill.in.ua/m/400x253/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794630.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
558968b6feb769746563b5d7cc021cbcb899615ac739d8a8fc2b29e811c6402f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Thu, 05 Jan 2023 02:08:04 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
59694
expires
Thu, 05 Jan 2023 05:28:14 GMT
2794595.jpg
kor.ill.in.ua/m/400x253/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794595.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8720ac889eca509f841c14192084ecb290535d710167bf2da82786f7c4e4865c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 17:08:46 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
25669
expires
Thu, 05 Jan 2023 05:27:24 GMT
2794573.jpg
kor.ill.in.ua/m/400x253/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2794573.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
56780391ddd93a37506a3fb9436c43577bd89514af041cdace895f70b249e124

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Wed, 04 Jan 2023 15:46:50 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
57344
expires
Thu, 05 Jan 2023 05:27:24 GMT
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b7824&c1&r49017491&dholder_300x100_24&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:46 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b6100&c1&r49017491&dholder_300x30_0&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:46 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8040&c1&r49017491&dholder_300x30_40&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:46 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b2890&c1&r49017491&dholder_2890_ros&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:46 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
invisible.js
ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 5747 		32 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1672891200
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3449f421236175f31e5e18ebc2813cbfdd25cefb62708ae475ba6a6c12011d87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7849cb972faf2c3a-FRA
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1609229-9&cid=201022016.1672896347&jid=144141328&_u=YEBAAUAAAAAAACAAI~&z=1208866884
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1609229-9&cid=201022016.1672896347&jid=144141328&_u=YEBAAUAAAAAAACAAI~&z=1208866884
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
76.png
ua.korrespondent.net/i/weather/icon/ 		537 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/weather/icon/76.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e12a2c1c361ea32bb1c2d85f2aa7bcf31380cc7bd8af1b71a9400a3aeb4faa99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:44:00 GMT
server
cloudflare
age
3091
etag
"0c0d08369dbd11:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
7849cb973fb52c3a-FRA
content-length
537
/
ghb.adtelligent.com/geo/ 		134 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1d12945e8815260a4d2b2dd486a2902bd40318192c64627ca4b49848aa939c39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:46 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
134
tracking
ghb.adtelligent.com/adunit/ 		43 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=738585&site_id=17161&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fua.korrespondent.net%2F&adid=inaica.i2&features=81952&vpbv=N110&tte=311&lifecycle_tte=1184
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:46 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 22:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 22:32:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		619 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a29a385c4123dcb600933b5ef307f1a9e30a3a48633c8e85781307e4c66903e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
219
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:46 GMT
impress
ad.mox.tv/delivery/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1554&height=288&width=400&tld=korrespondent.net&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=ua.korrespondent.net&top_url=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&url=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&async=1&uid=7026666080
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1e707652012830c1500f85082769de49051cd57fa1cffc87100262bb46a7f7f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
contentroll.html
cdn.umh.ua/libs/vast/vast-player/ Frame 3AA8 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/vast/vast-player/contentroll.html?2&advMediaId=zone_1186773423_yBQLTopsZeuA&ADTAG=https://z.cdn.umh.ua/load?o=v&z=1186773423&u=d393e4cc5f344ab0&sr=1600x1200&cw=1600&ch=1200&hc=4&pl=3&mi=4&me=8.00&df=64&bh=2&tl=1047&n=2154067856&url=ua.korrespondent.net/&vc=Intel%20Iris%20OpenGL%20Engine&zyx=2114804455
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
b62b8abef0ed199e767aa2fa05912c37b41a0f4ec975d32272ec09d55940d80c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:46 GMT
etag
W/"633ee84c-27d3"
expires
Fri, 06 Jan 2023 05:25:46 GMT
last-modified
Thu, 06 Oct 2022 14:38:04 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block;
login.js
id.korrespondent.net/js/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/js/login.js?v=4
Requested by
Host: id.korrespondent.net
URL: https://id.korrespondent.net/js/profile.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4420ea692c662405840a6b76be19da76ecd585025bbdbcd4e8e44ad5ef6f6dc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:16:37 GMT
server
Microsoft-IIS/10.0
etag
"80b897c8b289d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
4924
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1836648724&div=zone_1836648724&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d49e823385c871048e49fee52b7c313323bf5f1ddb63241726f15ff4d9046b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Origin
https://ua.korrespondent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49501
x-xss-protection
0
server
cafe
etag
10567953934659510742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 05:25:46 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1609229-30&cid=201022016.1672896347&jid=1916077478&gjid=1680628383&_gid=60821454.1672896347&_u=aGDAgUABAAAAAGAAI~&z=324359322
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 05 Jan 2023 05:25:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=160236804&t=pageview&_s=1&dl=https%3A%2F%2Fua.korrespondent.net%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUABAAAAACAAI~&jid=1916077478&gjid=1680628383&cid=201022016.1672896347&tid=UA-1609229-30&_gid=60821454.1672896347&gtm=2wgbu0P7KPL8&z=531889095
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 21:44:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27680
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
vast-player.js
cdn.umh.ua/libs/vast/vast-player/ Frame 3AA8 		154 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/vast/vast-player/vast-player.js
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/vast/vast-player/contentroll.html?2&advMediaId=zone_1186773423_yBQLTopsZeuA&ADTAG=https://z.cdn.umh.ua/load?o=v&z=1186773423&u=d393e4cc5f344ab0&sr=1600x1200&cw=1600&ch=1200&hc=4&pl=3&mi=4&me=8.00&df=64&bh=2&tl=1047&n=2154067856&url=ua.korrespondent.net/&vc=Intel%20Iris%20OpenGL%20Engine&zyx=2114804455
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
28a458241c298563c927dc67dc871bd0eed1d7b01ae37d86bebfab05921b1089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.umh.ua/libs/vast/vast-player/contentroll.html?2&advMediaId=zone_1186773423_yBQLTopsZeuA&ADTAG=https://z.cdn.umh.ua/load?o=v&z=1186773423&u=d393e4cc5f344ab0&sr=1600x1200&cw=1600&ch=1200&hc=4&pl=3&mi=4&me=8.00&df=64&bh=2&tl=1047&n=2154067856&url=ua.korrespondent.net/&vc=Intel%20Iris%20OpenGL%20Engine&zyx=2114804455
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block;
last-modified
Thu, 06 Oct 2022 14:41:04 GMT
server
nginx
etag
W/"633ee900-26604"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
X-PINGOTHER
expires
Fri, 06 Jan 2023 05:25:46 GMT
csyncs
ghb.adtelligent.com/ 		520 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=802191
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8d759c131f8033b592583dacbe2c6e7084e9f0c33f1cf7f331278d4a7ba34b14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:46 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
319
pica.js
ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/ Frame 5747 		17 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4691c428db49cff43f7ed3fb1984c069add10543755acfbf6e588ad3b61fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7849cb97b8312c3a-FRA
config.json
player.adtelligent.com/exchange_rates/738581/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/738581/config.json?cb=https%3A%2F%2Fua.korrespondent.net%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
eec5b1943d3f7b4220a9b6f96c733ff80bd8a80c389927fbd017c4e250919517

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 07 Jan 2023 05:25:46 GMT
date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Tue, 03 Jan 2023 00:02:30 GMT
server
nginx
etag
W/"63b37096-8f7"
content-type
application/json
access-control-allow-origin
https://ua.korrespondent.net
cache-control
max-age=172800
x-proxy-cache
HIT
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
29891192
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT5BT4R4R9T5XAD97TJZYFJT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7849cb984e2c9972-FRA
achernar.min.js
ad.mox.tv/js/achernar/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Jan 2023 06:25:46 GMT
prebid.js
ad.mox.tv/js/achernar/ 		316 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0a8f7efbd95f4afdbade77c4e5d33f9b340e23e262c59791121c00547cc96cee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Mon, 28 Nov 2022 15:58:34 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6384daaa-4f0f0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Jan 2023 06:25:46 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27560
x-xss-protection
0
server
sffe
etag
"1442 / 698 of 1000 / last-modified: 1672873566"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Jan 2023 05:25:46 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
26853680
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FWZWKMW4D5XZVDAAQ34HNM8B-fra
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7849cb984e2d9972-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c57a76ffab9a7bf8bb3962e858e632ee6d788b3b77d4c5818e0b05466695518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49502
x-xss-protection
0
server
cafe
etag
4661559193120251035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 05:25:46 GMT
mwayss_invocation.min.css
ad.mox.tv/mox/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
magic.png
bgstats.mox.tv/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
csync
sync.adtelligent.com/ Frame EB43
Redirect Chain
  • https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
  • https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=295c6609-b825-419c-afbd-53628058b0c1
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=295c6609-b825-419c-afbd-53628058b0c1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 05 Jan 2023 05:25:47 GMT
Etag
6245242d4e90647b
Server
Adtelligent

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 05 Jan 2023 05:25:47 GMT
Expires
0
Location
https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=295c6609-b825-419c-afbd-53628058b0c1
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=62cd1005-1bf6-4ec7-aef2-a766c7229a54
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=62cd1005-1bf6-4ec7-aef2-a766c7229a54
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:47 GMT
Server
Adtelligent
Etag
6245242d4e90647b
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=62cd1005-1bf6-4ec7-aef2-a766c7229a54
date
Thu, 05 Jan 2023 05:25:46 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 05 Jan 2023 05:25:46 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1609229-30&cid=201022016.1672896347&jid=1916077478&_u=aGDAgUABAAAAAGAAI~&z=1291451920
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1609229-30&cid=201022016.1672896347&jid=1916077478&_u=aGDAgUABAAAAAGAAI~&z=1291451920
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
login_ua.js
id.korrespondent.net/js/lang/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/js/lang/login_ua.js
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89e0c888f3370962831869b407034daafaa6c60858e9f27b95275439c18697c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=86400
expires
Thu, 05 Jan 2023 15:25:46 GMT
fpdata.js
gaua.hit.gemius.pl/ 		286 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=ua.korrespondent.net
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
bc9105637e42189728e4705411ca8eb35cae179871b57f4dc3f736289aa9bd05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
286
expires
Sat, 04 Feb 2023 05:25:46 GMT
lsget.html
ls.hit.gemius.pl/ Frame EAD8 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-146-59-30.eu
Software
GHC /
Resource Hash
94008ac1b103d53145e14663ce8aa0d6003dd9d0c1233589b3fb4e208aa056f7

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2721
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:47 GMT
etag
PRIVATE7520710249
expires
Sat, 04 Feb 2023 05:25:47 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net&bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
816d884ab37398c30e9fc614a96a8a4ec2a538d46b7b87cbbb52edacbc918ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119973
x-xss-protection
0
server
cafe
etag
11385805668355977280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 05:25:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame 3BA6 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4863
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 04:04:43 GMT
etag
10353107486223812946
expires
Thu, 19 Jan 2023 04:04:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load
z.cdn.umh.ua/ Frame 3AA8 		0
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?o=v&z=1186773423&u=d393e4cc5f344ab0&sr=1600x1200&cw=1600&ch=1200&hc=4&pl=3&mi=4&me=8.00&df=64&bh=2&tl=1047&n=2154067856&url=ua.korrespondent.net/&vc=Intel%20Iris%20OpenGL%20Engine&zyx=2114804455
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/vast/vast-player/vast-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.umh.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
server
nginx
vary
Origin
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://cdn.umh.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=166&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Warning%3A%20Do%20not%20add%20multiple%20property%20codes%20with%20AdSense%20tag%20to%20avoid%20seeing%20unexpected%20behavior.%20These%20codes%20were%20found%20on%20the%20page%20ca-pub-3690534485164634%2C%20ca-pub-3755662197386269%0Aat%20Np%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A209%3A284)%0Aat%20Pp%20(adsbygoogle.js%3A208%3A324)%0Aat%20adsbygoogle.js%3A221%3A731%0Aat%20Nj.ga%20(adsbygoogle.js%3A91%3A223)%0Aat%20Qj%20(adsbygoogle.js%3A95%3A19)%0Aat%20adsbygoogle.js%3A221%3A488%0Aat%20adsbygoogle.js%3A222%3A305%0Aat%20adsbygoogle.js%3A224%3A4&shv=r20230103&mjsv=m202212070101&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&url=https%3A%2F%2Fua.korrespondent.net%2F
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7849cb92bb5b2c3a
ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 5747 		2 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/cv/result/7849cb92bb5b2c3a
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1672891200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
server
cloudflare
cf-ray
7849cb9aaa9f2c3a-FRA
content-type
text/plain; charset=UTF-8
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		579 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2275458081435335&correlator=2903852425936140&eid=44780792%2C31071351&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_korrespondent.net_S_WW_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C336x90%7C321x123%7C320x100%7C320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=1398245798&didk=2616070061&sfv=1-0-40&prev_scp=mt_fln%3D0.8%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672896347352&lmt=1672896347&dlt=1672896346209&idt=660&adxs=-168&adys=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fua.korrespondent.net%2F&frm=20&vis=1&psz=336x-1&msz=336x-1&fws=516&ohw=0&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b573ca8f940e2fbf828d87a415f81084aedab1e27eecc6d6109640031bf108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8726 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:47 GMT
expires
Fri, 05 Jan 2024 05:25:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load
z.cdn.umh.ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1609580831&div=zone_1609580831&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
9828d25ef1705f68eaabd01cce175fa6cea1a3187dc576d216913f57b40745b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
1086
expires
-1
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=784&height=600&width=300&tld=korrespondent.net&ctype=div
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1526170517&div=zone_1526170517&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f58cfda56b062e9b72bf642c7ef744ab84932e1a77d3a32c60db08552cfcb418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 11:58:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"638896ce-7204"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 05 Jan 2023 06:25:47 GMT
rexdot.js
gaua.hit.gemius.pl/__/_1672896347366/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1672896347366/rexdot.js?l=100&sendf=8&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua.korre...
  • https://gaua.hit.gemius.pl/__/_1672896347366/rexdot.js?l=100&sendf=8&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua.ko...
169 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1672896347366/rexdot.js?l=100&sendf=8&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cq1xSW2vwGYsZducW2FiZng7kldIzr5pmA2dafvzYqj.U73dpbNfWlxZrdqizOUlWArLATEPr6MhS7M3sD7bFXzF1qsr/zlUXcXKYYK2jr/&fpdata=aQMnaqy3c.LO1E7bM2Pml2gmVpFPKMmx6qZz_2SXhFv.S7&ltime=432&fr=1&ref=&inner=_ver%3D334%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63b65f5a379a6d11&brts=1672896347&fpcap=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
8822db0a6be1753a351f8763aed612e920daef51f9dd9ac2cfeaef59dc896411

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Wed, 04 Jan 2023 05:25:47 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1672896347366/rexdot.js?l=100&sendf=8&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cq1xSW2vwGYsZducW2FiZng7kldIzr5pmA2dafvzYqj.U73dpbNfWlxZrdqizOUlWArLATEPr6MhS7M3sD7bFXzF1qsr/zlUXcXKYYK2jr/&fpdata=aQMnaqy3c.LO1E7bM2Pml2gmVpFPKMmx6qZz_2SXhFv.S7&ltime=432&fr=1&ref=&inner=_ver%3D334%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63b65f5a379a6d11&brts=1672896347&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Wed, 04 Jan 2023 05:25:47 GMT
cookie.js
partner.googleadservices.com/gampad/ 		401 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ua.korrespondent.net&callback=_gfp_s_&client=ca-pub-3755662197386269&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d51e2bd1708ec4ea42f8031441056c5341a59274608e84def0d79969e43cb24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FBA2 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1672896347&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x810_l%7C188x540_r&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346952&bpp=3&bdt=743&idt=425&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8359092071123&frm=20&pv=2&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=457
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:47 GMT
expires
Thu, 05 Jan 2023 05:25:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
localstore.js
script.4dex.io/ 		483 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
996875
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEEtj%2F4Sog6bIQbRYXuE8W0j74Q5Ueq79GYm9JOzuDli9FcISmXeoGgqQmmODLtBwTbPglWN7j09KdaL94OEmX3MlxVWbUnkMFtmoN9F5koV%2FCnG01tWWbaSGmbmGggGCUG7Pp0n42sqXV9X"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7849cb9b9c759b88-FRA
ads
googleads.g.doubleclick.net/pagead/ Frame 3912 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4551f93cad15c0b5e39f2fbffafc5d205ce1dce8aa9205c7ec077bc488c60282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9923
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:47 GMT
expires
Thu, 05 Jan 2023 05:25:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ua.korrespondent.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ua.korrespondent.net
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Thu, 05 Jan 2023 05:25:47 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=55&gdpr=0&eid_pubcid.org=23274684-b7be-4951-8c0d-4847395a79fa%5E1&rf=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=%2F21861267298%2Fkorrespondent.net_top_banner%23div-gpt-ad-korrespondent.net_top_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=8817e240-004c-492d-aabc-fdfa2001d7f8&l_pb_bid_id=2af5c667626eb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21861267298%2Fkorrespondent.net_top_banner%23div-gpt-ad-korrespondent.net_top_banner&slots=1&rand=0.6529941080039465
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
18ffedde6fd7c836769212f118780e54946783ba060fe4952455c562a7216ccd

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ua.korrespondent.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=93778834240
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ua.korrespondent.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ROS
pbjs.e-planning.net/pbjs/1/2e43c/1/ua.korrespondent.net/ 		404 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2e43c/1/ua.korrespondent.net/ROS?rnd=0.27147084469656946&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fua.korrespondent.net%2F&pbv=6.25.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fua.korrespondent.net%2F&gdpr=0&e_pubcid=23274684-b7be-4951-8c0d-4847395a79fa
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
a1f0cd9d254af40dc90716a04c761790f5b4371f60ab4f8ae83670f5002eda8a

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:47 GMT
access-control-allow-credentials
true
content-type
text/plain
server
openresty
content-length
404
x-sid
AMS-928
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:47 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://ua.korrespondent.net
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ 		359 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=50504&zone_id=2715992&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=23274684-b7be-4951-8c0d-4847395a79fa%5E1&rf=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=%2F21861267298%2Fkorrespondent.net_top_banner%23div-gpt-ad-korrespondent.net_top_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=8817e240-004c-492d-aabc-fdfa2001d7f8&l_pb_bid_id=18ec97ff9788e7d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21861267298%2Fkorrespondent.net_top_banner%23div-gpt-ad-korrespondent.net_top_banner&slots=1&rand=0.3583394347305322
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c424aefd3075dfe493a1225dac35720fca9b90d31b502819b8cb2ac16efe6246

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ua.korrespondent.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
359
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3c9ed1a704d65c85ecc67b0add68595fd1b17ffd1cca1be2eadbe1a39127d931
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ce11112d-030e-4e0d-82d3-87e90bdb9080
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adtelligent-d.openx.net/w/1.0/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8817e240-004c-492d-aabc-fdfa2001d7f8&nocache=1672896347460&gdpr=0&pubcid=23274684-b7be-4951-8c0d-4847395a79fa&aus=970x90%2C728x90&divids=div-gpt-ad-korrespondent.net_top_banner&aucs=%252F21861267298%252Fkorrespondent.net_top_banner%2523div-gpt-ad-korrespondent.net_top_banner&auid=541177132
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d764c0451887c56d82c4a83cc4a248d637611bf1963a4b0dfecc10cae3d238ca

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2243
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:47 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:47 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
ghb.adtelligent.com/v2/auction/ 		256 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a3256b04b573be120eb8c8fb62bea9048ee1f03b60abcc0df6f526152b905600

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:47 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
230
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
5780a68812f39ad98db9efe980b59c71d7fb5f1958a9bd445f1f1e62aea5ca33

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		20 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b5306bf00846a1d1b4bfb0b875371f47687f210e976254900069836dafd040af

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
ym.js
cdn.membrana.media/ksp/ 		371 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/ksp/ym.js
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1609580831&div=zone_1609580831&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1047&pl=3&mi=4&me=8&hc=4&n=1672896346616&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=526183286
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
fe0734e778efc3e0b28e778bd852383cfec979540a86ce9ea5c2bb88f4d74400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-164
cdn-cachedat
01/04/2023 20:37:54
cdn-pullzone
139012
last-modified
Wed, 04 Jan 2023 20:33:52 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
32
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63b5e2b0-5cb16"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
cbb74b4424e7131751fd35dfed006da7
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1094069
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuY7h%2FgU7f3qpGifak2%2F1OORdKLUBSC5Vx1bycVbD5BxLwtlTuJsmdh5J9ifIwv6%2By3m3dv94NqY016jQrM7E65%2BL7FmiO%2BTwIqXtvogolS4wJBYLXJJYc1fc70U2CxpND5GFfgcg%2Bn7QH0b"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7849cb9bcd56bb4a-FRA
impress
ad.mox.tv/delivery/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=784&height=600&width=300&tld=korrespondent.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ua.korrespondent.net&top_url=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&url=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&async=1&uid=1924685961
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=784&height=600&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
48517a9e498b7d417079c4f0a4be3ab0bf1747d077fbd44ea7db4450a0c2a4f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
page_view
ym-tack.b-cdn.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/page_view?KSP;desktop;;main_page;3efab6|b1aa66
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-230.bunnyinfra.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
video.js
cdn.membrana.media/video/ 		252 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
f1641e6a69d92d2953b6b2cad7f6c85ab9f0769d05697c8da0a91c7521c86820

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-169
cdn-cachedat
01/04/2023 17:12:45
cdn-pullzone
139012
last-modified
Wed, 04 Jan 2023 17:12:39 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
224
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63b5b387-3f052"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
f6b5b4a19f3cf8a85d4454f69aae0ee4
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230105
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
438dced13f377cbe768f7067bc447b8439817a702fdef683a9e826b2bebbcef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5094
x-jsd-version
1.0.1577
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4543-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-XyVn9stbvUzLJ4ElZ+sMrc058Wk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opRL%2FF4wSxvtPCErCvI9krNRguV%2Bc4ENTAv6yBtFy5nk4yZcd%2FuZaSC8lrVL5ACwVOAO6pXMTbIGNs7wmFVEt222iT701qECwEmZvAZk6jAEnRdLohYAs78czT2VNaqC3YnB4hqwLd2E5ZcE%2BXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7849cb9c59f2bb95-FRA
magic.png
bgstats.mox.tv/ 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		359 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2275458081435335&correlator=2335232823164209&eid=44780792%2C31071351&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_korrespondent.net_S_WW_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C336x90%7C321x123%7C320x100%7C320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=727052054&didk=3894101972&sfv=1-0-40&fsbs=1&prev_scp=mt_fln%3D0.3%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D302a8a81bf8b866e%3AT%3D1672896347%3AS%3DALNI_MYtonvVfbBEA8brh3bqFJ_U4eu0ww&gpic=UID%3D00000b9d5af143fb%3AT%3D1672896347%3ART%3D1672896347%3AS%3DALNI_MaqLgDmrzYIzAqXOlb10WuW6ivkyg&abxe=1&dt=1672896347610&lmt=1672896347&dlt=1672896346209&idt=660&adxs=-168&adys=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fua.korrespondent.net%2F&frm=20&vis=1&psz=336x-1&msz=336x-1&fws=516&ohw=0&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8abf4e322198a4efb1dbd2cb694f25f59ec388be4ca4f672fc27192057777e08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:47 GMT
Server
nginx
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
geolocation.json
cdn.membrana.media/ 		3 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/geolocation.json
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
cdn-edgestorageid
1055
cdn-storageserver
DE-51
cdn-cachedat
11/17/2022 00:00:11
cdn-pullzone
139012
x-ym-country
DE
content-length
3
last-modified
Fri, 11 Mar 2022 13:55:15 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
309
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
"622b54c3-3"
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers
x-ym-country, cdn-requestcountrycode
cache-control
public, max-age=86400
cdn-requestid
734bd0228fe3b80e5051b7506b9171a2
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
load_playlist_attempt
ym-tack.b-cdn.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/load_playlist_attempt?sellbe;KSP;https://membrana-cdn.media/ksp/desktop/videoSources.json;5b598b0d-bdeb-4d25-a651-52ccb6eb5284
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-230.bunnyinfra.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
videoSources.json
membrana-cdn.media/ksp/desktop/ 		556 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://membrana-cdn.media/ksp/desktop/videoSources.json
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.218.215.4 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS
unallocated.qos.kiev.ua
Software
nginx /
Resource Hash
fe8d8a20b860472eec7aa2d5fdb7e82345751fe77336c48b613c91bcc49e95be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:33:04 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 04 Jan 2023 11:16:56 GMT
server
nginx
etag
"63b56028-22c"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=900, public
accept-ranges
bytes
timing-allow-origin
*
content-length
556
expires
Thu, 05 Jan 2023 05:48:04 GMT
video-js.min.css
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video-js.min.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
93931
x-jsd-version
7.10.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19151-FRA, cache-yyz4541-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"9c74-gctcuC69YhaG/DD9GQ5wdLQgH0k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFaMR7SfQwXKqw8Kwy2tXJuBezMRa7Yyn%2B1gFcClvvfcDCKPhHQDWwFiGZBvfjAYE6XjQC2v1mveCFBkRE4JTpc8QNEN8FKIsKE2vVXpfM5H7SCbDGJSPQJ%2FYB7yMo%2FcWlahpVDTBJIilse5%2BPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7849cb9eee3b2c3d-FRA
video.min.js
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 		507 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
93931
x-jsd-version
7.10.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4524-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"7ea72-NUHhQfHLDs+4qjHF6W3MzXuUrNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a73VIS2x%2BT3CI8yAZMcXZdn2FeuH6uzYIGSB1QX2XndpA9b%2Bwt6q48sAqKl%2B4%2F%2FZ0B7xnbPCle64h0NcGCVagZZyUBra4ETA86uXvYzMddF6F3kZs25ifpSRAtRI0uuj6GUlnUM%2FBm8%2BAJLXk5k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7849cb9eee3c2c3d-FRA
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3912 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
3417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:28:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3912 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 08:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
75581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Jan 2023 08:26:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3912 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:47 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3912 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9tvcW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTpAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o5ttEwmkL-GT8xWdsuPN7iqPI_WFMvTjplXniaJn6qMX27jSvIvdgAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM3NTU2NjIxOTczODYyNjkYAA&sigh=7-cGZeI8vIM&uach_m=[UACH]&cid=CAQSGwDq26N9vlBV-8VUoAaVXyZiQpthS5m-KqfSExgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 05:25:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:47 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3912 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Et2BMKwC-gGdg2ICAgAAAMZrlI_ksFw9ujcNWETXZDYQW1-2Y4BaJHgR-Sw4IFRjABIAAA&wp=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
272663
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8697 		159 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e5a6847946776e66edd0b216204b5dfc711ab54e985168970aec209cb9d96312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:47 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0xLpfdjTZFobtDfJbI7w-Q1bT_YVpqjfJhHTidBiIKSpBkThAoxer-TPC2Jcvlpt2sk8KdkNslXg-58DKdNjXwBg8hCFv5_fBNgR4cD-BhlyW5i_hb-NkQoitBvdZs8XBZJeNlEjIq_lcEk_6xvThkxoC3-K7c2unE8Y7xPglD20B0JzmeVLaG3k_BmYVV7nFlTurQxZUVC1u7pzbEkfJy0lCQxJUVYGMm0Zqp-c9YrE7UYaa-N91VOjXxFB2TsrHBKGmw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
59378240
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2275458081435335&correlator=1757704143065989&eid=44780792%2C31071351&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=21861267298%2Ckorrespondent.net_top_banner&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=5&adks=3609222720&didk=4044265473&sfv=1-0-40&fsbs=1&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6344813%26hb_buyer_id%3D24253%26hb_div_id%3Ddiv-gpt-ad-korrespondent.net_top_banner%26hb_r_id%3D31a39f09a04805e%26hb_site_id%3D17161%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D5.95%26hb_adid%3D35bd27f506c86e%26hb_bidder%3Dsmartadserver%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fua.korrespondent.net%252F&sc=1&cookie=ID%3D302a8a81bf8b866e%3AT%3D1672896347%3AS%3DALNI_MYtonvVfbBEA8brh3bqFJ_U4eu0ww&gpic=UID%3D00000b9d5af143fb%3AT%3D1672896347%3ART%3D1672896347%3AS%3DALNI_MaqLgDmrzYIzAqXOlb10WuW6ivkyg&abxe=1&dt=1672896347746&lmt=1672896347&dlt=1672896346209&idt=660&adxs=315&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fua.korrespondent.net%2F&frm=20&vis=1&psz=970x90&msz=970x90&fws=0&ohw=0&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b45c12254e4053b4c9470a6d0f2783ea8961b4aa2074c4009141804a9ad29d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9552
x-xss-protection
0
google-lineitem-id
6165939518
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138414303949
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3912 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
502295ad56fe3027bdaa75c06c26a00f42b9922cd3eec775b976d9fb0992ae44

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2275458081435335&correlator=1969080543800316&eid=44780792%2C31071351&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Ckorrespondent.net_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C336x90%7C321x123%7C320x100%7C320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=2179768575&didk=3419961132&sfv=1-0-40&fsbs=1&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm61%26yb_tt%3Dtt0%26yb_ff%3D0%26yb_th%3D21%26yb_tm%3D25%26yb_wd%3D3%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fua.korrespondent.net%252F&sc=1&cookie=ID%3D302a8a81bf8b866e%3AT%3D1672896347%3AS%3DALNI_MYtonvVfbBEA8brh3bqFJ_U4eu0ww&gpic=UID%3D00000b9d5af143fb%3AT%3D1672896347%3ART%3D1672896347%3AS%3DALNI_MaqLgDmrzYIzAqXOlb10WuW6ivkyg&abxe=1&dt=1672896347849&lmt=1672896347&dlt=1672896346209&idt=660&adxs=-168&adys=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fua.korrespondent.net%2F&frm=20&vis=1&psz=336x-1&msz=336x-1&fws=516&ohw=0&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66654dcab43929e17cd72c307a93f3da9d7eba570a3b5cc4d4fd744a2a2a69f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17442
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
load_playlist_success
ym-tack.b-cdn.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/load_playlist_success?sellbe;KSP;https://membrana-cdn.media/ksp/desktop/videoSources.json;5b598b0d-bdeb-4d25-a651-52ccb6eb5284
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-230.bunnyinfra.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8697 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:47 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8697 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:47 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8697 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 31 Dec 2023 05:25:47 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8697 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 31 Dec 2023 05:25:47 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 8697 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hjmKLuRD4aEUudEgqG-Y9lVj1XtOyyn5IKx9oKHytug9ESsAeY25vR-EDDRD3TKOXodxeMumOu7KZ-LBacBZqKQQV6m3PvBoKRykEHWHjWbALZVGa1EmkLid04_9mTAS3dhyTqMQ0p5jtiffIjuATxsKYF8ebqwKfrMRd-9jtUDfkf5UWED0d_vl_C20ikqBexBzEWOT0fKikPo2owOXT3RNQjVYb0F7DEMh_1W_eNzfTMHthBRaGOW5v6XOi0L5B1Z8HNkvlcbDeAU110wJyN5DVFZTRjkgK7gTI01Myc4QFEP4aXjYGA37Inx3h3pRC_X3uTT0Tw4QqTnfNB9tz5WkPW_-b-9mKXJIjzq4VUB70TBGzOAU-K_8zgqn9uGHMgi4R_vohFP8_6fd2JTwgdtCEAq69fd6xyFqoZ8srzowQRmAA7gAWSFL7KZITlZtFRdwTw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3268792
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8697 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1237711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKMj2NtEBf%2FoEh0VeuVT8sSkgpVKwkFSwnf3IPVTfMoqdhj%2B2kTztbN4TJSVU1LwBbIOIH%2BXLd9D05oQtLW1UNcKSGEEawmSraMM%2FY%2FgKT8vxAZhB0amVEGg%2FEZTM%2B5iNrE8y713j4iyKAovIxgwSlkw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7849cb9e8a479c0a-FRA
expires
Tue, 26 Dec 2023 05:25:47 GMT
animejs.js
static.criteo.net/animejs/ Frame 8697 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:47 GMT
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 8697 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:47 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 8697 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:47 GMT
img
pix.eu.criteo.net/img/ Frame 8697 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2Fb9a691b1117c4852a99f90ebf4870876_hori-oscuro.png&v=3&w=596&s=lFxhVchiKGUV8VjayLZOqvZt
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
55780628835031bd65b3fa4861a215288a307b470e1a624767c1a4f42e4534ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30221806
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15457
expires
Thu, 21 Dec 2023 00:22:34 GMT
img
pix.eu.criteo.net/img/ Frame 8697 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2Fd62afb5e0aee42948007147eb3e87c82_img_vertical_1.png&v=3&w=1200&s=WLqKrbX08tEhVti6crCiUBZE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e285a682b03da689303b5c67f387ab0517ade17b3295d67b0568082b8dc42b7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30940122
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
118320
expires
Fri, 29 Dec 2023 07:54:30 GMT
img
pix.eu.criteo.net/img/ Frame 8697 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F5b902dcd-2ee3-49b7-ac79-6de69554a8eb_abd40355-608e-47ad-922f-d32a95913c20.jpg&v=3&w=400&s=fXwOVhe5D6Dr3-3avrK647LV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
8f917db46db4180828a67d8dad1030866f64ba1f7f0a16c089a6c7f3d22fc141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=706663
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29858
expires
Fri, 13 Jan 2023 09:43:31 GMT
img
pix.eu.criteo.net/img/ Frame 8697 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F9243565c-e26f-44d8-891e-1458515eb14d_71879b83-e764-47df-858c-e1eab8304401.jpg&v=3&w=400&s=dxZF4is0TkTBKp6enydGEgnD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
5bdff1e31c4267812733c8474c6622e0716c038c4ee345c40ad1c337b40ac45e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=999834
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20680
expires
Mon, 16 Jan 2023 19:09:42 GMT
img
pix.eu.criteo.net/img/ Frame 8697 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F0fceb2e2-ab7f-43ac-8e68-7d196ce5c9e8_fdd9d023-312e-4c91-ae17-8953f4e1be0e.jpg&v=3&w=400&s=lQ6xaDBkztn7eeO64QldCUoK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
0661fcbff20234623597717e39e6fcd45c580395efa1aa82b0297ff7272c88fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=367996
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18092
expires
Mon, 09 Jan 2023 11:39:04 GMT
all
csm.eu.criteo.net/ Frame 8697 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0xLpfdjTZFobtDfJbI7w-Q1bT_YVpqjfJhHTidBiIKSpBkThAoxer-TPC2Jcvlpt2sk8KdkNslXg-58DKdNjXwBg8hCFv5_fBNgR4cD-BhlyW5i_hb-NkQoitBvdZs8XBZJeNlEjIq_lcEk_6xvThkxoC3-K7c2unE8Y7xPglD20B0JzmeVLaG3k_BmYVV7nFlTurQxZUVC1u7pzbEkfJy0lCQxJUVYGMm0Zqp-c9YrE7UYaa-N91VOjXxFB2TsrHBKGmw&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8697 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:47 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8697 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:47 GMT
container.html
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D60F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:47 GMT
expires
Fri, 05 Jan 2024 05:25:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D60F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 21:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
28214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 21:35:34 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame D60F 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7533
x-jsd-version
1.14.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIYvxnVik1MTpZPBlFmAweD%2FZxhuD%2B3Pvr16UlhKaI05RmpxQeUFJzKMhR2f0LLfHZhT1Kg1Tg%2FeTbQWGrdPC3etPDB7fUeC5i7VmdOobtsR2aTTyvaCSzh3ZczMp8OfYEO77XK5Sgzeg%2F66A94%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7849cb9f4e962c3d-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D60F 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:48 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c977552cc421fb87b59aeff237a28a451165db6bb2c1debd59f1392447eff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127165
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:48 GMT
1127fdd5-2032-4653-b52b-b1c55878d17f
https://ua.korrespondent.net/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ua.korrespondent.net/1127fdd5-2032-4653-b52b-b1c55878d17f
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame D60F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFVuf4qxQkeOXybpBhIAXZd7M6RfgM9QOAHZ1HSbilceC9EnGkq0zE4IjLqZzO-2hPayTSeUaQ6CDvbpLT2Prger9ItJbbaPxdwDN6d33_8E5DeJ39FhTVY0t2eLDfGkpj8aOZ2twkmNwMmgYuoLlZuk8QFw2LoIH0jzUzVWIa1g1VFfXXt39s1wJJmJRJiFkEr98vdzLcOzL6zwq20BUazo-c1fqoQcovw7fNklU3wa8kRCEyPUe2MepfWfFFcNNR0ygzLq2TNGV9I5zk1a-1gS-oM8N83lEyUqxVJ5PsQoL6YbtVLBXSJjbbS18e1ylO1LxMBkmpK8XX8emkDuGWBqcL2kV3xrIhSUw&sai=AMfl-YRn5T0OICla09O3-Q1Ao_4PPrfpuvtIs4YoZdlzLU-WpKajTyxrlvBzZgGMp1YON--U_nRxWX6BrMVmto1hmm4w8vAvRm0QPz6il7hpa9kXFR2Zv-XPqZIe2zrujy4R&sig=Cg0ArKJSzMtoGt0wT3EFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame D60F 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56cc563638546e25a5e97f58eed5dbf24cdadf7301033ae6e570452f40d7d19b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
container.html
2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D6B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:47 GMT
expires
Fri, 05 Jan 2024 05:25:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=N2M0TjhvU1VOeitQRjMvTmZMOFZhNExrSHVwdDB0YTBjQnlPZHZaUEdUaXRTMkhrdFpoZGlZOFlrZ0ZZd0l4TmVrdFRBTDZSN0RGa0RVV3ovZjdlMndleTZSeWs3THVGT1k0dnRtQVVDcXp4SkxqdER6dDZUeHhBOS9ZbGk2czE0UThzc1JGYVltTG53cVR1c2NodUxkN0x0UWVna0w4ZThLQUhRYUxPZncrNk4rdjRycWpkWVA0Y0djYjREOXZuNGt4aEgzZERRTDYyUFBNUjBkdFlacEplQmZnY2RrY2F1dm40U1IvN2E0QytPQXZBaERyUDBKL2F4UUwrSSszcw%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame D60F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE9Q0xg0DRJQ1s4DN02xvl2f6H-Q2q1JcTfQWoywLD2aVTUB4k2KrEjlFvKfvnDfMEeERmCSIoqzobtNxSXoEkjOy0auCTS8jMl8a3fPGmP9979gvZNBb9nglBC_xRgoeHPAmtZYSiuum-OkAJcWoY4r4JjOa4cmUrlexCz7ENC_mLrUGglShFaFRgOisjzLgQKt3oHXfru7phZrApGdrLrUFfPwfUdDM9tXi6szMuylK3MtJjw1QBH_aApY7Xb5N8qAZlec-GK-MP9Vn25IzGqftv_DsQksnF-X5EmRn16G3dZod9U1Z3mVtDPxSdOINF_j3lXRS1yk-cHNMSx8-4sXybTYX1zNVpejI2Cw&sai=AMfl-YTLXcR22j21X5WVAc3yqfJGvEQwKkKiI_Zxy4NJmAXaxH4GopKpIE5KSJmdA5tjINVpTDt1fA1onvEG-C8ZXhsHH-Xz1ek26MV1FwHGq2XsriEGKx8wNHPlL52zq-hc&sig=Cg0ArKJSzGagk7CJhEQbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:48 GMT
usync.html
eus.rubiconproject.com/ Frame B439
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:48 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 05 Jan 2023 05:25:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame AA0D 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:d::212:4f67 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
235ba1a602b529f25526ef25a9a25b47ecadf44d567090132758160ea09a9b26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Jan 2023 08:16:55 GMT
Server
AkamaiNetStorage
ETag
"82315e5b90b66f96f17a14705d0410f7:1672745217.286146"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11209
videojs.ads.css
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 		975 B
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
93929
x-jsd-version
6.7.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19130-FRA, cache-yyz4535-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbvYFkn1sY631nmY6cIQ77AiKoKSbK0ndbGqAPPiCHKL9Q6QTP6VGa0WrFa3eE7YGDIKih1edxEHxoLcZUM47OHbvVTL1yTYgP3Z6D07MmlnBh10E0pBdy1Hw%2FiPSgdx7CmElhnYGXNnYa82v3U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7849cba07fdc2c3d-FRA
videojs.ads.min.js
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
93929
x-jsd-version
6.7.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19145-FRA, cache-yyz4530-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6a3c-OUUBKv7icoV/OxPeKLpcAlpHAGg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPEL9jHLnOr1ZF2WOjjllmdKJrkzhevgI1KkC1tiADeEcKHG3JUO2vCZDHgipQyGA%2FxU8f0zqEI4vOM4aDeFyeFX72pnNgoUKZ12LowJcCzs2kMhJLgBBQyKkdvoWl0xYqcqjPRF%2FkQmyQsn%2FWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7849cba07fde2c3d-FRA
videojs.ima.min.css
cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/videojs.ima.min.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
93929
x-jsd-version
1.9.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19165-FRA, cache-yyz4556-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"a4e-O74oHTnsIDZGOCZu1d1V6JdzQ/o"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcAZfungeS4erKg0JuYIYAYoAJrS9mob40hCoznJ7uNmB%2Fw2jFV0pUhDYaWOu7XekrHomcuC93hqrWvnAIJJ06MXcl3ZDhppPaLSdLchlvH2K6KCDX6bkXvMdEy2xkb86Z%2FSGQFHp5%2F4a1jCITE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7849cba07fdf2c3d-FRA
videojs.ima.min.js
cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/videojs.ima.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
93929
x-jsd-version
1.9.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19165-FRA, cache-yyz4549-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"8de3-vTKcH4aTIzR97yz47tyPsdWDLOI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTOhPpLdi9%2BOCpzglNFFP%2Bci%2FhXHWXHnceqKs1CHtMivc8bTyc77rY1Y0nrs3gie3p8pOe5ui6Ujw%2ByaVH24ZWDRLN5BffZ%2F5wNE5aS2NRyTNu2zDEnKhkKNqdHLkSp322aBMkkL6Se9GGGaaMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7849cba07fe02c3d-FRA
videojs.vast.vpaid.min.css
cdn.membrana.media/video/vast.vpaid/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/vast.vpaid/videojs.vast.vpaid.min.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
1560cfa1deaf7443a0ed13098ce9bccbc2ca4460ab18757ddffd24e3418ec70e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-164
cdn-cachedat
11/16/2022 23:11:39
cdn-pullzone
139012
last-modified
Mon, 09 Aug 2021 12:49:31 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
112
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"6111245b-791"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-requestid
97eaaa89a6d9346e6f1877b92deb1681
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs_5.vast.vpaid.mod.min.js
cdn.membrana.media/video/vast.vpaid/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/vast.vpaid/videojs_5.vast.vpaid.mod.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?3efab6|b1aa66
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
421d251f38fc878372dc77db199603c46eb47bc06292681277baef3057b17e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-199
cdn-cachedat
12/21/2022 20:30:57
cdn-pullzone
139012
last-modified
Wed, 05 Oct 2022 21:07:54 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
250
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"633df22a-18294"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
637c23a9b04e245e46dbc088557b78fd
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 7D6B 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 08:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
75582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Jan 2023 08:26:06 GMT
lgn.php
cat.nl.eu.criteo.com/delivery/ Frame 7D6B 		43 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=IuFLtix5ncIPHiSvUDOHaNyFuVVqj49dDb-qJrXTaipvY2CP1rSxlqBGN65hehlonk-17XJu6232x2Of25qD8MN6GBi4ekwiCJYLisCA8v3ZE1NC-jbjvZvtlzYyRhE6-lIR2X9Hx8RZ_lmn1bFCIPpv76XlOHqVy6_1Y2Nfa5ACJeBUL4pEyhbmSsVWMsze8m1suiX45Sogf3O7QaI0AguvP5B-hTGYJtK_vQ-gODHXLYn2X0JlTfVPsOxzHsBLcGZ3e1e-toBdvJ9vEncCvCpt-DwDCSmZ9U88qg_f5W93Jtf5YWaIqy3tdXH2Cw2yoSueesgvG43aKudsJuFXRsQiVt3_-9y2Zem-QWO7NUuqGKr4ufZDWy1tzKmvm-YEFszaAe3yct__d5hkJsR32CpPkXUfHMHam0J022iv4UWEK3GWJ4RheSuM1jxv0xGHLOW5_A&z=Y7ZfWwAN02EIu-XUAAeHZjCe_hw_qJ64_0HcGg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2977557
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7D6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k-DuEpT0FwAAnYNiAgIAAAC5G-khj9pmNGiVYCjMTCnPEFtftmO7vs591_EsVn_YaAASAwE&wp=Y7ZfWwAN02EIu-XUAAeHZjCe_hw_qJ64_0HcGg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
160552
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 7D6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoCsbW1-2Y-GmN9TL7_UP5o6eEMme0rFc1Z2R93DAjbcBEAEgAGCVgomCmAeCARdjYS1wdWItODI0MTA0OTQ5NzYwODk5N8gBCakCBmGgCJTKsT7gAgCoAwGqBKACT9DzlF_zlZPdiyJ7IA86mocrWVcbfQBfRYTQQTgOtUldLl7ILNK5P8IHPoT6UQ_PlIQDHvJ8oPY-EmCXpz58hStajpF9UgxOn7Ub_k5WydHrr2Uxw4YLLD2wDzXFMR8jT4pkylPlG86u1uT8INK_vtb_ENgpnGnepxajtcnBMZng4Ilo0rov7OZpmeLczZlbJtqJlYdCbAU0shizQ-HrWiYtBjwieT7XE9cpoe9nfkpgSHnxMNOzuf1r9jzOXYi3SBT9tdpvYZ1ur3BntTt0sSRyHJrkZr-UP1Ni9C0UlqrP1FR6D2eeW2CfC3JEbaT34OEe5HcvPudlvT1SrdZp3W4gJOB9UAbfr8qMtonVTVorPiz6Rq36KjHXuYXabh6R4AQBgAb9uOyklcyj1N8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNDM1NDMxNzQxMDgzMjgyNoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MjQxMDQ5NDk3NjA4OTk3GPPxFg&sigh=m2_9TAuC6TU&uach_m=[UACH]&cid=CAQSOwDq26N9wkR8-TNnzngtGDff5QMIxKgbGE-MT_Y_-cct3zMKgWlC6QgzN8v0VIVE7VOSuwvPcr2QthAWGAEgEw&vt=10
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7D6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFYUtW1-2Y-GmN9TL7_UP5o6eEMme0rFc1Z2R93DAjbcBEAEgAGCVgomCmAeCARdjYS1wdWItODI0MTA0OTQ5NzYwODk5N8gBCakCBmGgCJTKsT7gAgCoAwHIAwKqBKACT9DzlF_zlZPdiyJ7IA86mocrWVcbfQBfRYTQQTgOtUldLl7ILNK5P8IHPoT6UQ_PlIQDHvJ8oPY-EmCXpz58hStajpF9UgxOn7Ub_k5WydHrr2Uxw4YLLD2wDzXFMR8jT4pkylPlG86u1uT8INK_vtb_ENgpnGnepxajtcnBMZng4Ilo0rov7OZpmeLczZlbJtqJlYdCbAU0shizQ-HrWiYtBjwieT7XE9cpoe9nfkpgSHnxMNOzuf1r9jzOXYi3SBT9tdpvYZ1ur3BntTt0sSRyHJrkZr-UP1Ni9C0UlqrP1FR6D2eeW2CfC3JEbaT34OEe5HcvPudlvT1SrdZp3W4gJOB9UAbfr8qMtonVTVorPiz6Rq36KjHXuYXabh6R4AQBgAb9uOyklcyj1N8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNDM1NDMxNzQxMDgzMjgyNoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MjQxMDQ5NDk3NjA4OTk3GPPxFg&sigh=E2ttrgc0y64&uach_m=[UACH]&cid=CAQSOwDq26N9wkR8-TNnzngtGDff5QMIxKgbGE-MT_Y_-cct3zMKgWlC6QgzN8v0VIVE7VOSuwvPcr2QthAWGAEgEw
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 7D6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
3418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:28:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8AC5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59869
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 12:47:59 GMT
etag
48472445140208031
expires
Thu, 05 Jan 2023 12:47:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 7D6B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 08:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
75582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Jan 2023 08:26:06 GMT
l
www.google.com/ads/measurement/ Frame 7D6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2lzc7d5cf7lyegfGo3sgGZCaQAfwTHEUR-8JWWzcobCkb0yNedANeLwbjQ7u8XJgwG6bzfjSVLVFJpEF91KmQonEtIQ
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7D6B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 21:35:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
28214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 21:35:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D6B 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:48 GMT
148b897ed20242fb53e65c70a8c63c89.js
www.gstatic.com/mysidia/ Frame 7D6B 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 20:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14307
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 19:06:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 20:17:57 GMT
img
pix.eu.criteo.net/img/ Frame 7D6B 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1659767381%2F2175257-2-08.jpg&ups=1&v=3&w=800&s=xJSBe5w0zbgUDfRSmpYnmB6D
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e14c7395df7420386631df5de99376d4faacd7743a34860db231bac06b7a4f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28966197
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22716
expires
Wed, 06 Dec 2023 11:35:45 GMT
img
pix.eu.criteo.net/img/ Frame 7D6B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?ar=1&h=200&llw=100&m=0&partner=942&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F942%2F210816%2Ff0385941b58c4db180e9e3b6f328c160_logo_c-a_black.png&v=3&w=200&s=SMnb3eenzO0sZVU9Npr2TkAU
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d035a43db6aa75479b915c5688199be3f93f60a479c1df19ad8166b419ffc322
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30150869
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2399
expires
Wed, 20 Dec 2023 04:40:18 GMT
truncated
/ Frame 7D6B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
korrespondent-main24-6620-20230104.webp
membrana-cdn.media/ksp/desktop/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://membrana-cdn.media/ksp/desktop/korrespondent-main24-6620-20230104.webp
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.218.215.4 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS
unallocated.qos.kiev.ua
Software
nginx /
Resource Hash
11b7b963da331262ebb3bdc870947dbbf043be417fdcf5e237a8e1da16f77418
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:33:05 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 04 Jan 2023 11:17:44 GMT
server
nginx
etag
"63b56058-acb4"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
44212
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://ua.korrespondent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
usync.js
eus.rubiconproject.com/ Frame B439 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b2d8d487376553bd276e2d91652ea0a76c01fbc86f383d30656e38d40d042cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 21:35:34 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=58186
content-length
10067
expires
Thu, 05 Jan 2023 21:35:34 GMT
bridge3.550.0_en.html
imasdk.googleapis.com/js/core/ Frame 7EC4 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.550.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2aa38f694d0c317108f531ccc45f7914bc46d1d483073da07d7add3f09092ab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
145517
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227687
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Jan 2023 13:00:31 GMT
expires
Wed, 03 Jan 2024 13:00:31 GMT
last-modified
Tue, 13 Dec 2022 20:44:46 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 05:25:48 GMT
pixel
cm.g.doubleclick.net/ Frame 8AC5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1nG6ZEze206d1rtywbNBk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1nG6ZEze206d1rtywbNBk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ME1vbmhNQ1MxUGRpTGE1&google_gid=CAESEA1nG6ZEze206d1rtywbNBk&google_cver=1&google_push=AavPq0PrtdP6m6TH9hMuR9yccC-2Ds8ZGXTkvZahfZDdlxr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ME1vbmhNQ1MxUGRpTGE1&google_gid=CAESEA1nG6ZEze206d1rtywbNBk&google_cver=1&google_push=AavPq0PrtdP6m6TH9hMuR9yccC-2Ds8ZGXTkvZahfZDdlxrr2FBK7oFfXlbVgOPrMbaZBQTXtnzDX778j1oOcVHbob8j-7Pd6FDd
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:48 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0202b4924c632485f@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ME1vbmhNQ1MxUGRpTGE1&google_gid=CAESEA1nG6ZEze206d1rtywbNBk&google_cver=1&google_push=AavPq0PrtdP6m6TH9hMuR9yccC-2Ds8ZGXTkvZahfZDdlxrr2FBK7oFfXlbVgOPrMbaZBQTXtnzDX778j1oOcVHbob8j-7Pd6FDd
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8AC5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENgzkSZYENOtnpIQ5hyGWSA&google_cver=1&google_push=AavPq0OZbz_ngbL50OfXP2MryctGdV_Kgk5KL_hapD8m-lWO6wcAiwZIa0_YyuIp2ejKPYZaHvqNmaN2QsWvI_...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNTEwNDI2NjIyMTcxMg%3D%3D&google_push=AavPq0OZbz_ngbL50OfXP2MryctGdV_Kgk5KL_hapD8m-lWO6wcAiwZIa0_YyuIp2ejKPYZaHvqNmaN2QsWvI_-81_...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNTEwNDI2NjIyMTcxMg%3D%3D&google_push=AavPq0OZbz_ngbL50OfXP2MryctGdV_Kgk5KL_hapD8m-lWO6wcAiwZIa0_YyuIp2ejKPYZaHvqNmaN2QsWvI_-81_AtpEyARro
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNTEwNDI2NjIyMTcxMg%3D%3D&google_push=AavPq0OZbz_ngbL50OfXP2MryctGdV_Kgk5KL_hapD8m-lWO6wcAiwZIa0_YyuIp2ejKPYZaHvqNmaN2QsWvI_-81_AtpEyARro
Date
Thu, 05 Jan 2023 05:25:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 8AC5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGwJvypY95bSotCibF0_kIk&google_cver=1&google_push=AavPq0PbLmMwC1EkUGmiW_Yv-4USSx9QvxPL1Rm_IZaQeRSRm9bIGvFvkQLyh51v0g0WPCqTotw5h1ojJgsIY0DvgBuj...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGwJvypY95bSotCibF0_kIk&google_cver=1&google_push=AavPq0PbLmMwC1EkUGmiW_Yv-4USSx9QvxPL1Rm_IZaQeRSRm9bIGvFvkQLyh51v0g0WPCqTotw5h1ojJgsIY0...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PbLmMwC1EkUGmiW_Yv-4USSx9QvxPL1Rm_IZaQeRSRm9bIGvFvkQLyh51v0g0WPCqTotw5h1ojJgsIY0DvgBuj4RuBq2u0&google_hm=TKjXWoJTSoqEVcAsDZPgUA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PbLmMwC1EkUGmiW_Yv-4USSx9QvxPL1Rm_IZaQeRSRm9bIGvFvkQLyh51v0g0WPCqTotw5h1ojJgsIY0DvgBuj4RuBq2u0&google_hm=TKjXWoJTSoqEVcAsDZPgUA==
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PbLmMwC1EkUGmiW_Yv-4USSx9QvxPL1Rm_IZaQeRSRm9bIGvFvkQLyh51v0g0WPCqTotw5h1ojJgsIY0DvgBuj4RuBq2u0&google_hm=TKjXWoJTSoqEVcAsDZPgUA==
date
Thu, 05 Jan 2023 05:25:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dds
rtb.openx.net/sync/ Frame 8AC5 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELx7P9sHqpuReIuleU2LYvM&google_cver=1&google_push=AavPq0Mix75Bwr7vVvWT2E7ri9r1lmiAgQx-XctMp-2c021q8bLig208EMzsLqGhwmxdQcpBjFmPUIjswNsBN9zqRqkdxXqHyJYj
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
rud0jsnf8seuu0eqmi0e1e7dvkmpbg2s
pixel
cm.g.doubleclick.net/ Frame 8AC5
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJef_jRFFK7QPgpmtZGNvQI&google_cver=1&google_push=AavPq0OkJKywRjrz6ruqHnEaREvSy1aIYl4eNhxw8tIbNp6oXmotwHaCirOHQqLumZGg3QK-Lp0J5b1MwS8yHas7xHOS2UUpJU2b
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0OkJKywRjrz6ruqHnEaREvSy1aIYl4eNhxw8tIbNp6oXmotwHaCirOHQqLumZGg3QK-Lp0J5b1MwS8yHas7xHOS2UUpJU2...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczNTU3MzQ5MDA0NzA1Mzg0NzM4Ng%3D%3D&google_push=AavPq0OkJKywRjrz6ruqHnEaREvSy1aIYl4eNhxw8tIbNp6oXmotwHaC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczNTU3MzQ5MDA0NzA1Mzg0NzM4Ng%3D%3D&google_push=AavPq0OkJKywRjrz6ruqHnEaREvSy1aIYl4eNhxw8tIbNp6oXmotwHaCirOHQqLumZGg3QK-Lp0J5b1MwS8yHas7xHOS2UUpJU2b
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczNTU3MzQ5MDA0NzA1Mzg0NzM4Ng%3D%3D&google_push=AavPq0OkJKywRjrz6ruqHnEaREvSy1aIYl4eNhxw8tIbNp6oXmotwHaCirOHQqLumZGg3QK-Lp0J5b1MwS8yHas7xHOS2UUpJU2b
date
Thu, 05 Jan 2023 05:25:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 8AC5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP7zpPg9WBgEzx11XDhi3XI&google_cver=1&google_push=AavPq0NCHLXwwcRht1253jcUAoDx1lJVR2KzvApDHCc2EuEXO4V_iEgnPQRD3UH20wyyJcdTC0...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP7zpPg9WBgEzx11XDhi3XI&google_cver=1&google_push=AavPq0NCHLXwwcRht1253jcUAoDx1lJVR2KzvApDHCc2EuEXO4V_iEgnPQRD3UH20wyyJcdTC0...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JQXJGemR0RTJ1RmxZbWdvWldRSm1fajhMeUpwSlVzNH5B&google_push=AavPq0NCHLXwwcRht1253jcUAoDx1lJVR2KzvApDHCc2EuEXO4V_iEgnP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JQXJGemR0RTJ1RmxZbWdvWldRSm1fajhMeUpwSlVzNH5B&google_push=AavPq0NCHLXwwcRht1253jcUAoDx1lJVR2KzvApDHCc2EuEXO4V_iEgnPQRD3UH20wyyJcdTC0kKp_sh-n9L2zFvDQYG0Io9pMVc9w
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JQXJGemR0RTJ1RmxZbWdvWldRSm1fajhMeUpwSlVzNH5B&google_push=AavPq0NCHLXwwcRht1253jcUAoDx1lJVR2KzvApDHCc2EuEXO4V_iEgnPQRD3UH20wyyJcdTC0kKp_sh-n9L2zFvDQYG0Io9pMVc9w
date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
spacer.gif
an.yandex.ru/resource/ Frame 8AC5
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEGbB3aMxKiSwShzVYjPdk08?ext-param=AavPq0N7XrFLOj8S2ONjzgDVdxuM-qU93mlg_tQ0NdLResxZhwBE14rg2JgFU7GzydiCu00V6jEZeFu1QcIobVYOMHFGyuo9O71XMQ&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEGbB3aMxKiSwShzVYjPdk08?redir-setuniq=1&ext-param=AavPq0N7XrFLOj8S2ONjzgDVdxuM-qU93mlg_tQ0NdLResxZhwBE14rg2JgFU7GzydiCu00V6jEZeFu1QcIobVYOMHFGyuo9O71XMQ&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGbB3aMxKiSwShzVYjPdk08&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 21 Dec 2023 05:25:48 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8AC5 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INBk-Z5VY3FVqZITSQq7AXvyczwbaT9FudVVy8Oi2CTKk0io1DZY5bzkRHeeDrU78eDFl42s4
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
truncated
/ Frame 7D6B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a76f24751c60482785cd5e36cbae38547164ec65fe473673074e08d6a8ecd895

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame B439 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LCINAIYB-W-CJA6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 011B 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%225c0ed3aa-f91d-49fd-b297-64319184195d%22%2c%22adomain%22%3a%22mcfit.de%22%2c%22page%22%3a%221722121%22%2c%22format%22%3a%22118606%22%2c%22crid%22%3a%223710338%22%2c%22dsp%22%3a%22109%22%2c%22buyer%22%3a%2215981%22%2c%22cid%22%3a%22%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-184583312917697845%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:48 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Fri, 06 Jan 2023 05:25:48 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
js
tags.mathtag.com/notify/ Frame BF6B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldNeU5EQTBOek10WWpabE9TMDRZV1ZtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNjkzMjM3MTQyODE3MTc5MTMvMTEyMDQ0MjAvMTI3ODAzMzYvOS9rNXQyOTRaRGZ2TWtqazA5ZGdBNjF0R0pzUDJRX0QwZnVjSm1VQm5kd01NLzEvOS8wLzAvMjAzOTIxNi8xMzU4ODkxNzE4LzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDA2OTMyMzcxNDI4MTcxNzkxMy96cmgvMC85MTgwLzQyLzk5OS8yLzgwLjI1NS4xMC4wLzAuMDAwLzE2NzI4OTYzNDcvMTY3MjkwODk0Ny85LzE2MTE0Lw/u3EXu5g-OaRq8LmCNxhnFULxa7I&nodeid=3758&group=zrh&auctionid=4069323714281717913&pbs_auctionid=4069323714281717913&shardkey=4069323714281717913&sid=12780336&cid=11204420&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
6258de8cb218dbc19f35d85e2ee98e06c7943e5c9086456aeaf587fc217bd340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
x-mm-nodeid
3758
Content-Encoding
gzip
x-mm-bid-request-time
1672896347
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Thu, 05 Jan 2023 05:25:47 GMT
Server
MMBD/3.374.2
x-mm-latency
1 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
zrh-router-x78, zrh-bidder-x144
x-mm-lag
1
Expires
Thu, 05 Jan 2023 05:25:47 GMT
b7901c0a-71a9-4018-acf0-b362e9796ca2
beacon-fra2.rubiconproject.com/beacon/d/ Frame BF6B 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/b7901c0a-71a9-4018-acf0-b362e9796ca2?oo=0&accountId=16114&siteId=237090&zoneId=1614590&sizeId=55&e=6A1E40E384DA563BAE83A1599002D15A3369ED09A4A67589B1135085AABF246EFB49125AB9DF5737D416AB9CA90EA7F6E67C761D9207148D1858E744259082E21252B0A9E26927E8AE3F82BCD0DF4219C66F54B23E9F45346F92AEA0810771B2A0629DAD06110F829D17C923E55A61280A2E7E3907569BC520EC7A0F73861D64DCF8639D23EEE53A54FD7027D7CAC57D3041768AF869E6A4D24FA414EA840BE5CBAC0C17F90E143E9DBE352E04F8B77332602CFF3C50CB3F
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:48 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
ck-confirm
tags.mathtag.com/ Frame BF6B
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldNeU5EQTBOek10WWpabE9TMDRZV1ZtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNjkzMjM3MTQyODE3MTc5MTMvMTEyMDQ0MjAvMTI3ODAzMzYvOS9rNX...
  • https://tags.mathtag.com/ck-confirm?bid_id=4069323714281717913&node_id=3758&exch_id=9
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=4069323714281717913&node_id=3758&exch_id=9
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x40, zrh-bidder-x144
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 05 Jan 2023 05:25:47 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
x-mm-nodeid
3758
x-mm-bid-request-time
1672896347
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Length
85
x-mm-handled-by-owner
true
Last-Modified
Thu, 05 Jan 2023 05:25:47 GMT
Server
MMBD/3.374.2
x-mm-latency
2 (2)
Content-Type
text/html; charset=utf-8
Location
https://tags.mathtag.com/ck-confirm?bid_id=4069323714281717913&node_id=3758&exch_id=9
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x71, zrh-bidder-x144
Keep-Alive
timeout=360
x-mm-lag
1
Expires
Thu, 05 Jan 2023 05:25:47 GMT
register
token.rubiconproject.com/ Frame BF6B 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LCINAJ0T-1L-8Z98
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
aip
euw1.smartadserver.com/h/ Frame BF6B 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw1.smartadserver.com/h/aip?uii=2495698194051892309&tmstp=3709128370&ckid=4709155431122781563&systgt=%24qc%3d1313617845%3b%24ql%3dHigh%3b%24qpc%3d93138%3b%24qt%3d25_176_7906t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5810%3b%24wpc%3d5812%3b%24wpc%3d5786%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5778%3b%24wpc%3d5779%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5610&acd=1672896347569&envtype=0&opid=cb24a252-1f76-4e80-b9f8-859b5f4276c0&opdt=1672896347568&siteid=567940&tgt=%24dt%3d1t&gdpr=0&visit=S&statid=1&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fua.korrespondent.net%2f&cappid=4709155431122781563&capp=0&mcrdbt=0&insid=11375259&imgid=0&pgid=1722121&fmtid=118606&isLazy=0&rtb=1&rtbnid=3451&rtbbid=7461201686757315995&rtbh=2c15515eb77e5c9fc0b12ffea52fb7969aeb3b2f&rtblt=638084931475731032&rtbet=0&rtbptnid=109&cftgid=1f5e6e8f554c
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pixel
cm.g.doubleclick.net/ Frame B439
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDU0OTlkZWMwNmUwMzgzZmU5NTkzMDU5ZTJlM2U1N2IyZDVmNzRjMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDU0OTlkZWMwNmUwMzgzZmU5NTkzMDU5ZTJlM2U1N2IyZDVmNzRjMg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDU0OTlkZWMwNmUwMzgzZmU5NTkzMDU5ZTJlM2U1N2IyZDVmNzRjMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B439
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tCwtl7d1Ts2kfO6NoddC0Q&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tCwtl7d1Ts2kfO6NoddC0Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tCwtl7d1Ts2kfO6NoddC0Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HD4DT0MPE404DGNMF1P0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tCwtl7d1Ts2kfO6NoddC0Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B439
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/npdd7fD3q7OPUakPBzvu7g?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-M_ZrquhE2oJJek3zzfFN5x6vw389YY_Fwlv_MA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-M_ZrquhE2oJJek3zzfFN5x6vw389YY_Fwlv_MA--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-M_ZrquhE2oJJek3zzfFN5x6vw389YY_Fwlv_MA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame B439
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=v0iUa4SaRKap-ztTyVe1FA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=v0iUa4SaRKap-ztTyVe1FA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=v0iUa4SaRKap-ztTyVe1FA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3AEEW82FKJYEPE3FSV5V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=v0iUa4SaRKap-ztTyVe1FA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B439
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBEXUnLpo_v67zG_kRTKURg&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBEXUnLpo_v67zG_kRTKURg&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBEXUnLpo_v67zG_kRTKURg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B439
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTkFJWUItVy1DSkE2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTkFJWUItVy1DSkE2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTkFJWUItVy1DSkE2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame B439
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCINAIYB-W-CJA6
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCINAIYB-W-CJA6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 697B5F3FCB524D4DA7EA5DAE6D60D41B Ref B: FRAEDGE1717 Ref C: 2023-01-05T05:25:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxfYiczWFSqBQ5zbtxSA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCINAIYB-W-CJA6
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame B439 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
h67p15kot2n3
hal9000.redintelligence.net/zone/ Frame BF6B 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/h67p15kot2n3?subid=&gdpr=0&gdpr_consent=&rnd=4069323714281717913&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Da0386bcb00d7b6a942c3959e52a08b5e41770670%26mt_aid%3D4069323714281717913%26mt_id%3D11204420%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_cid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F%26redirect%3D
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
6e5382e18d016ff4973bd20c09545ad90265ef2528177dd95c95fc3e22bfe710

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2962
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame BF6B 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=4069323714281717913&node_id=3758&exch_id=9
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldNeU5EQTBOek10WWpabE9TMDRZV1ZtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNjkzMjM3MTQyODE3MTc5MTMvMTEyMDQ0MjAvMTI3ODAzMzYvOS9rNXQyOTRaRGZ2TWtqazA5ZGdBNjF0R0pzUDJRX0QwZnVjSm1VQm5kd01NLzEvOS8wLzAvMjAzOTIxNi8xMzU4ODkxNzE4LzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDA2OTMyMzcxNDI4MTcxNzkxMy96cmgvMC85MTgwLzQyLzk5OS8yLzgwLjI1NS4xMC4wLzAuMDAwLzE2NzI4OTYzNDcvMTY3MjkwODk0Ny85LzE2MTE0Lw/u3EXu5g-OaRq8LmCNxhnFULxa7I&nodeid=3758&group=zrh&auctionid=4069323714281717913&pbs_auctionid=4069323714281717913&shardkey=4069323714281717913&sid=12780336&cid=11204420&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x33, zrh-bidder-x144
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 05 Jan 2023 05:25:47 GMT
img
pixel.mathtag.com/event/ Frame BF6B 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=4069323714281717913&v3=1262142&v4=12780336&v5=11204420&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldNeU5EQTBOek10WWpabE9TMDRZV1ZtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNjkzMjM3MTQyODE3MTc5MTMvMTEyMDQ0MjAvMTI3ODAzMzYvOS9rNXQyOTRaRGZ2TWtqazA5ZGdBNjF0R0pzUDJRX0QwZnVjSm1VQm5kd01NLzEvOS8wLzAvMjAzOTIxNi8xMzU4ODkxNzE4LzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDA2OTMyMzcxNDI4MTcxNzkxMy96cmgvMC85MTgwLzQyLzk5OS8yLzgwLjI1NS4xMC4wLzAuMDAwLzE2NzI4OTYzNDcvMTY3MjkwODk0Ny85LzE2MTE0Lw/u3EXu5g-OaRq8LmCNxhnFULxa7I&nodeid=3758&group=zrh&auctionid=4069323714281717913&pbs_auctionid=4069323714281717913&shardkey=4069323714281717913&sid=12780336&cid=11204420&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master zrh-pixel-x11 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 05 Jan 2023 05:25:47 GMT
img
tags.mathtag.com/event/ Frame BF6B 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=4069323714281717913&st=12780336&time=1672896348&nodeid=3758
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldNeU5EQTBOek10WWpabE9TMDRZV1ZtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNjkzMjM3MTQyODE3MTc5MTMvMTEyMDQ0MjAvMTI3ODAzMzYvOS9rNXQyOTRaRGZ2TWtqazA5ZGdBNjF0R0pzUDJRX0QwZnVjSm1VQm5kd01NLzEvOS8wLzAvMjAzOTIxNi8xMzU4ODkxNzE4LzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDA2OTMyMzcxNDI4MTcxNzkxMy96cmgvMC85MTgwLzQyLzk5OS8yLzgwLjI1NS4xMC4wLzAuMDAwLzE2NzI4OTYzNDcvMTY3MjkwODk0Ny85LzE2MTE0Lw/u3EXu5g-OaRq8LmCNxhnFULxa7I&nodeid=3758&group=zrh&auctionid=4069323714281717913&pbs_auctionid=4069323714281717913&shardkey=4069323714281717913&sid=12780336&cid=11204420&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x66, zrh-bidder-x144
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 05 Jan 2023 05:25:47 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 7EC4 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=2004932673222993&sz=1x1%7C400x300%7C640x480%7C480x360%7C640x360%7C480x270%7C400x225%7C423x238&url=https%3A%2F%2Fua.korrespondent.net%2F&iu=%2F22308795431%2FKSP_DESKTOP_VIDEO%2FKSP_DESKTOP_VIDEO_SUPER_HIGH&cust_params=notsy_v_meta_round%3D1%26notsy_v_round%3D1%26page_id%3Dmain_page%26traffic_source%3Ddirect%26notsy_pf%3De35344&npa=0&tfcd=0&sdkv=h.3.550.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.9.0&sdki=445&ptt=20&adk=3247216049&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.550.0&media_url=https%3A%2F%2Fmembrana-cdn.media%2Fksp%2Fdesktop%2Fkorrespondent-main24-6620-20230104-desktop.mp4&sid=8BFD3594-25E8-48A1-BAC1-43F3BB11E481&nel=0&eid=44748969%2C44765701&top=https%3A%2F%2Fua.korrespondent.net%2F&loc=https%3A%2F%2Fua.korrespondent.net%2F&dt=1672896348636&cookie=ID%3D302a8a81bf8b866e%3AT%3D1672896347%3AS%3DALNI_MYtonvVfbBEA8brh3bqFJ_U4eu0ww&gpic=UID%3D00000b9d5af143fb%3AT%3D1672896347%3ART%3D1672896347%3AS%3DALNI_MaqLgDmrzYIzAqXOlb10WuW6ivkyg&scor=997521212570708&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.550.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal90009.redintelligence.net/ Frame BF6B
Redirect Chain
  • https://hal90009.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=8a2bd98b53&subid=&uid=9f06e10b45010ff5&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90009.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=8a2bd98b53&subid=&uid=9f06e10b45010ff5&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
610 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=8a2bd98b53&subid=&uid=9f06e10b45010ff5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Da0386bcb00d7b6a942c3959e52a08b5e41770670%26mt_aid%3D4069323714281717913%26mt_id%3D11204420%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_cid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F%26redirect%3D&documentReferer=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=2435994844269&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2859264cf885fc512a4033fde27f77b598fd8ab20e281a4999abb2418f6fd339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
37537200020216606783199012195009
Connection
close
Content-Length
329
Expires
Thu, 05 Jan 2023 05:25:48 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=8a2bd98b53&subid=&uid=9f06e10b45010ff5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Da0386bcb00d7b6a942c3959e52a08b5e41770670%26mt_aid%3D4069323714281717913%26mt_id%3D11204420%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_cid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F%26redirect%3D&documentReferer=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=2435994844269&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:48 +0100
request_content.php
hal90009.redintelligence.net/ Frame FAB2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=37537200020216606783199012195009&a=41b681e4
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=8a2bd98b53&subid=&uid=9f06e10b45010ff5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Da0386bcb00d7b6a942c3959e52a08b5e41770670%26mt_aid%3D4069323714281717913%26mt_id%3D11204420%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_cid%3D6b5a63b6-5f5c-4e01-be27-94022feba0a2%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Ft%2Ffra2%2F0%2Fb7901c0a-71a9-4018-acf0-b362e9796ca2%2F%26redirect%3D&documentReferer=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2F2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=2435994844269&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
85fa04e69a6eebf71542b304a3dea085ecd9b4cd099a3b46695f29e253165283

Request headers

Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1504
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:48 GMT
Expires
Thu, 05 Jan 2023 05:25:48 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 122F 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Requested by
Host: 2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
URL: https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:48 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
openrtb
adx.adform.net/adx/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4c6d0518b82f658b11bf55cb276e28d995879ef31c461f0db9348a3933aae44c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:48 GMT
AN-X-Request-Uuid
afebd9db-d6aa-433e-8630-822833db4c0e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		1 KB
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1ade3fb8937782599e32e0a6cd8ed5eb4a7210ef268278fc1e3f511ea83a8bbf

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
573
auction
tlx.3lift.com/header/ 		19 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fua.korrespondent.net%2F&tmax=2000
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.180.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-180-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2ba522dbe91ca07ea8e0777ee923faec55ebe83a984bcc682b5211b3868b361d

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.1&cb=84163057075
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ua.korrespondent.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
Server
nginx
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
usync.js
eus.rubiconproject.com/ Frame 122F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b2d8d487376553bd276e2d91652ea0a76c01fbc86f383d30656e38d40d042cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 21:35:34 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=58186
content-length
10067
expires
Thu, 05 Jan 2023 21:35:34 GMT
/
track.adform.net/adfscript/ Frame FAB2 		730 B
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=60271187;click=https://hal90009.redintelligence.net/c/p3ldc0e36jm52jx?tprd=
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=37537200020216606783199012195009&a=41b681e4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bf4f2d6e00637ad9bc3a640a14690a3e400b8d50da3b1942e411cf34a018ed7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
532
expires
-1
viewability
hal90009.redintelligence.net/ Frame FAB2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=37537200020216606783199012195009&a=c6ef17f3&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=37537200020216606783199012195009&a=41b681e4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=37537200020216606783199012195009&a=41b681e4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:48 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame FAB2 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60271187;click=https://hal90009.redintelligence.net/c/p3ldc0e36jm52jx?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:24 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 06 Jan 2023 08:35:38 GMT
/
track.adform.net/adfserve/ Frame FAB2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=60271187;click=https://hal90009.redintelligence.net/c/p3ldc0e36jm52jx?tprd=;js=1;adfxid=1x;8914;set=en-US|en-US|1600X1200|0|950|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94ee01b834f269901d7c4f0c0b2ae156d3c22f47af3cf12fc00dd10756df9baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2031
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame D60F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbHiKsGWiOe-aeY9pYu1QAXyIioggpEJbXoCRJgmKfT-uHHUqmqTQOr5ks1yVHMHlxLJtNuxvJFIdNDgFbagK0NyeYucw-AArEJoUMmlFpCYduOqKA&sig=Cg0ArKJSzNRc2tMd0Hl0EAE&id=lidar2&mcvt=1000&p=10,315,100,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3609222720&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672896347947&rpt=215&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7EC4 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=2996580701037484&sz=1x1%7C400x300%7C640x480%7C480x360%7C640x360%7C480x270%7C400x225%7C423x238&url=https%3A%2F%2Fua.korrespondent.net%2F&iu=%2F22308795431%2FKSP_DESKTOP_VIDEO%2FKSP_DESKTOP_VIDEO_HIGH&cust_params=notsy_v_meta_round%3D1%26notsy_v_round%3D1%26page_id%3Dmain_page%26traffic_source%3Ddirect%26notsy_pf%3D150d71&npa=0&tfcd=0&sdkv=h.3.550.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.9.0&sdki=445&ptt=20&adk=3247216049&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.550.0&media_url=https%3A%2F%2Fmembrana-cdn.media%2Fksp%2Fdesktop%2Fkorrespondent-main24-6620-20230104-desktop.mp4&sid=8BFD3594-25E8-48A1-BAC1-43F3BB11E481&nel=0&eid=44748969%2C44765701&top=https%3A%2F%2Fua.korrespondent.net%2F&loc=https%3A%2F%2Fua.korrespondent.net%2F&dlt=1672896346209&idt=2386&dt=1672896349210&cookie=ID%3D302a8a81bf8b866e%3AT%3D1672896347%3AS%3DALNI_MYtonvVfbBEA8brh3bqFJ_U4eu0ww&gpic=UID%3D00000b9d5af143fb%3AT%3D1672896347%3ART%3D1672896347%3AS%3DALNI_MaqLgDmrzYIzAqXOlb10WuW6ivkyg&scor=2364785105898185&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.550.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame FAB2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame FAB2 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=37537200020216606783199012195009&a=41b681e4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:49 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
openrtb
adx.adform.net/adx/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
58cdcc46c580c74777792a4a5301b05ac6c92f319d2f70b445e6a0fcc9d38934
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:49 GMT
AN-X-Request-Uuid
d1122b13-8ca4-4eb8-af32-8115b67415dc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		1 KB
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e59ad0baa91c191f241e7dab8437d3b6ce5f262d0f16e5816a72ae505d10689f

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:49 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
559
auction
tlx.3lift.com/header/ 		19 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fua.korrespondent.net%2F&tmax=2000
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.180.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-180-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.67.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-67-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b27333af05b570091fdd8aab4d0954598829078a43518ae8bf68a188d0121ace

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.1&cb=66782277173
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ua.korrespondent.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:49 GMT
Server
nginx
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Jan 2023 05:25:49 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Jan 2023 05:25:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6382edc5547efecdf3436b0542e0b99e14c6587b43f9e1e5567483daf091409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11009
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 75EC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:49 GMT
server
Kestrel
server-processing-duration-in-ticks
599373
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame FAB2 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 06 Jan 2023 08:30:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7D6B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusrxFEn5D_8-03FPbYv0X_fqrzqj_yT9dFjZpnC7h6Chs12IP2mmcQpDDKTjVTGohWKAFMFp3oVgYnzAOvZ0nS5nU&sig=Cg0ArKJSzLsml-4WpJqCEAE&cid=CAASF-Ropu2RFBfkeNthQzikisOd4D0saIiN&id=lidar2&mcvt=1000&p=920,0,1200,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2179768575&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672896348156&rpt=355&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/csimpr/ Frame FAB2 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=60271187&csi=GKmDdgwv0r0mmpiVKR97t7trZp3zzeYDaj3myqSg1BTrygPkIxxfk0LjnRQJdPjmBHj94PcL_wHh8aRajADqhd6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90009.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal90009.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sid
mug.criteo.com/ Frame 75EC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=nisT-XxJYURzQlpYWG9OUTNwcGpsMWt4aVdLZk5sZUFub3VrTkJOSWx2VGY2anh5TVdXM1RvK0JtcC9JS082ZGNiSVZzc3dDZTAzSmJtZS94bVltVTFvaHUzNm1VZ3VaZUxZR1FKakMraFJQcnR2cXlnU0t2YWNvYU1ETE...
446 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nisT-XxJYURzQlpYWG9OUTNwcGpsMWt4aVdLZk5sZUFub3VrTkJOSWx2VGY2anh5TVdXM1RvK0JtcC9JS082ZGNiSVZzc3dDZTAzSmJtZS94bVltVTFvaHUzNm1VZ3VaZUxZR1FKakMraFJQcnR2cXlnU0t2YWNvYU1ETE9Gclh6V3B0dkVvNmVzWGJldnowNkpTSkhkN3hRa29DOW42NjhxbTVFWWR0NHZDblVLcklBYW02bHVwVC8zaWNrRGtQOC9BZTZRemZKcHVNTUVSWURQM0V0aVoxdmhLUDhISWJtM2RZZGpkT3VscDFMNHNmSVYyNmhzSzUxSFZKN1RFTVFBRU95YkhtcVpmWWxpdFY0dXdMRDlpMDdEQT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6cd7b62c3b6259face787eac59bc706010d3c8862fac2f4f8c5ee4bee444ca3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3067349
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=nisT-XxJYURzQlpYWG9OUTNwcGpsMWt4aVdLZk5sZUFub3VrTkJOSWx2VGY2anh5TVdXM1RvK0JtcC9JS082ZGNiSVZzc3dDZTAzSmJtZS94bVltVTFvaHUzNm1VZ3VaZUxZR1FKakMraFJQcnR2cXlnU0t2YWNvYU1ETE9Gclh6V3B0dkVvNmVzWGJldnowNkpTSkhkN3hRa29DOW42NjhxbTVFWWR0NHZDblVLcklBYW02bHVwVC8zaWNrRGtQOC9BZTZRemZKcHVNTUVSWURQM0V0aVoxdmhLUDhISWJtM2RZZGpkT3VscDFMNHNmSVYyNmhzSzUxSFZKN1RFTVFBRU95YkhtcVpmWWxpdFY0dXdMRDlpMDdEQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
421865
content-length
0
expires
0
12153854.js
s1.adform.net/Banners/Elements/Files/160090/12153854/ Frame AADF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/12153854.js?ADFassetID=12153854&bv=516
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2653614c0457a7f9f40d825e71f3234bfbab69a3024e96718347e59f896bb5d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx00000558afd7e59e66068-0063b63dce-32940f80-default
etag
W/"61fbad1fd58bb4128c1855e62247b51f"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
action
www14.smartadserver.com/track/ Frame AA0D 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www14.smartadserver.com/track/action?sid=1672896348180&pid=1722121&iid=11375259&fmtid=118606&cid=0&key=viewcount&rtb=1&rtbbid=7461201686757315995&rtbet=0&rtblt=638084931475731032&rtbnid=3451&rtbh=2c15515eb77e5c9fc0b12ffea52fb7969aeb3b2f&ts=1672896348180
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
transfer-encoding
chunked
content-type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3729 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
28603
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 21:29:06 GMT
expires
Thu, 04 Jan 2024 21:29:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F10B 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9dbb324d67066a63144fea4d2ebf8ce411f4d3a381269cc5382347e12fd92b4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_iyQGH8v1A5ZBiu0z800FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-_iyQGH8v1A5ZBiu0z800FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:49 GMT
expires
Thu, 05 Jan 2023 05:25:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
screen.css
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		1 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dea8fbbd77c9ca2dae43026b68ddd46da2490d4f0138a7bd53e4181939f622c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx000004f0a2440097c922b-0063b63dce-3293aae9-default
etag
W/"d72cd354261d464d26e4813a4bb4a8cb"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame AADF 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx0000092b7bf2d6ff3edb0-0063765dc3-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		104 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
123cc1d2037e661a7407aa87e142e1739a1c150e7cf96da0296ef7ee54327cc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx000002cd41c887feaca3c-0063b63dce-32941e2b-default
etag
"56a353f1326703fbdff854874778b508"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
104
text0.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4c547f5619b0538da7afde371a48a5d471ae1e22de94545652e93084134664f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx000005e97c62402451a07-0063b63dce-32940419-default
etag
"fc6ffa983eb7efdc74b3c888244a18e5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5823
text1.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d2a322adfb7a108dbc35e607fd01c7ebfa9dacd761e1da45a58e3414b4dca34a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx000003f63284590463a8d-0063b63dce-32940419-default
etag
"9b446ce1dede7643098f01db92e18284"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17572
text2.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
55dfb0c2aa1b37a0b51127443c74062de5c896cb55001ad37dbfd55206da65cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx000004d1edad394e6d156-0063b63dce-32941e2b-default
etag
"646605aaa2c7288b937eb945186537a3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3090
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ea1044945159787b97f096175f2249bc31ac60fbd500f8a7771ec12a349f8550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx00000f3ea53106a414099-0063b63dce-329373d4-default
etag
"afe3ddbe76e744993ccbe1bedb7d8885"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15764
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c306af4800d787c37f20c97706772c16af254c451a5ab8369cdc000dcbe9d069

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx00000903bb178bd1455d1-0063b63dce-32940f80-default
etag
"58b27f58c0578063302a770a17a64166"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14473
date.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7472dc6e12344fb0a0f07d3d7dc576604a122f21e80a2f9463139b4daff4ddbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx00000d3002cf795130ef6-0063b63dce-32940419-default
etag
"b8170348540c23a3b4fb065bca205425"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8550
cta.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91f6471f6d691a07494de655ba2717d0bc11b5dc421751a15891027f16defb03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx00000fb500b071acbda96-0063b63dce-329373d4-default
etag
"eb60d70ca9d3896d0eb8dc2f7148287f"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7370
logostart.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
77fa6784ba1c4fd642491e4b37294bc009369b9155d8bb3c7ac681d3fdf68f5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx00000ddedd23a5956288a-0063b63dce-32940419-default
etag
"d1c0f4761f786e87b6721f62456eceff"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12009
logo.png
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7c6bbdbc2956f7238a7c3d660352572b57115e2395264685193613a24857c44c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx00000d500a95de8df7a25-0063b63dce-32941e2b-default
etag
"2e68f7d4db27e6afb49a5a498683f372"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12005
background.jpg
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
97a6bc1e37189dd5611ef2fbb065a066d38e8915c35506cd9122c7f85848b0a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx0000026a72f4239831a05-0063b63dce-329373d4-default
etag
"5cedebcdf294df7d26ea058948746e3c"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11501
model.jpg
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
97a6bc1e37189dd5611ef2fbb065a066d38e8915c35506cd9122c7f85848b0a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx00000a64731647edd6c4c-0063b63dce-32940f80-default
etag
"5cedebcdf294df7d26ea058948746e3c"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11501
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame AADF 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
18184487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2F33l3S5PSK%2BA9L5UhFbvvtZVVvkKyDzMqUaPhWl%2BLWu8IhRZmuDFQ5W0HqngJf1VW%2BpQT8XgItiPr54JDxZWJ4gPd3QUiAYY3%2BK2GH9lsSBp6iUD0hDBWM4RUrtjghIRxkbyN0%2BoiPOOZtkhQI%2B7QX7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7849cba92da45c0e-FRA
expires
Tue, 26 Dec 2023 05:25:49 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame AADF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14550909
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6bGag3UQWc2PwDEbvMN%2B3HzxrIs1mixwZnoFeNPiYVFab4FLa6onmQodDcUKg6l75hF%2FYhzbhvleiyxxzqBhjcTBJPwYwiCQgcLnL5EQpezUFzGjyim0AJOaPHgp8ExLdufEkwis9J6lf4fWiHCFpdg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7849cba92da65c0e-FRA
expires
Tue, 26 Dec 2023 05:25:49 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame AADF 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
19478443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6z4RN6Z2ISO%2FXY4JPNck0T5Ob9%2BczKfAyUL%2Bj6OU9p0zZlzZ3aEVe6lGk3d1Lt5X0BKT01F7hn%2BhU5hFwDVaGhy5vDD9OWIVCyuC3Fv3ex9cMo48sXetV7Mg4AAhbYdL9RRClRLcEJ1RfuQ2sIpAbkfC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7849cba92da75c0e-FRA
expires
Tue, 26 Dec 2023 05:25:49 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/ Frame AADF 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153854/bvpath_516/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b66a0b006a7085e67e75317da43b0b68569dfd2f7bea033798195cfdbfaa93ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:25 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:55:00 GMT
server
nginx
x-amz-request-id
tx00000290917a283b9a9dc-0063b63dce-329373d4-default
etag
W/"0ce7c9cf2518e9e1946223979d0e0a2d"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sodar
pagead2.googlesyndication.com/pagead/ Frame F10B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=2275458081435335&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 3729 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:41:49 GMT
generate_204
tpc.googlesyndication.com/ Frame 3729 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QeLzxA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7EC4 		82 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=1452258056679820&sz=1x1%7C400x300%7C640x480%7C480x360%7C640x360%7C480x270%7C400x225%7C423x238&url=https%3A%2F%2Fua.korrespondent.net%2F&iu=%2F22308795431%2FKSP_DESKTOP_VIDEO%2FKSP_DESKTOP_VIDEO_LOW&cust_params=notsy_v_meta_round%3D1%26notsy_v_round%3D1%26page_id%3Dmain_page%26traffic_source%3Ddirect%26notsy_pf%3D9d4153&npa=0&tfcd=0&sdkv=h.3.550.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.9.0&sdki=445&ptt=20&adk=3247216049&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.550.0&media_url=https%3A%2F%2Fmembrana-cdn.media%2Fksp%2Fdesktop%2Fkorrespondent-main24-6620-20230104-desktop.mp4&sid=8BFD3594-25E8-48A1-BAC1-43F3BB11E481&a3p=EhsKDmVzcC5jcml0ZW8uY29tEgAYoYySg9gwSAA.&nel=0&eid=44748969%2C44765701&top=https%3A%2F%2Fua.korrespondent.net%2F&loc=https%3A%2F%2Fua.korrespondent.net%2F&dlt=1672896346209&idt=2386&dt=1672896349798&cookie=ID%3D302a8a81bf8b866e%3AT%3D1672896347%3AS%3DALNI_MYtonvVfbBEA8brh3bqFJ_U4eu0ww&gpic=UID%3D00000b9d5af143fb%3AT%3D1672896347%3ART%3D1672896347%3AS%3DALNI_MaqLgDmrzYIzAqXOlb10WuW6ivkyg&scor=3762804554189083&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.550.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac865074db1731cbb32f6bece1e94a03ba10be667d82a0e02889c4007f871547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17124
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://ua.korrespondent.net
Date
Thu, 05 Jan 2023 05:25:49 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
viewability
hal90009.redintelligence.net/ Frame FAB2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=37537200020216606783199012195009&a=c6ef17f3&vb=v
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=37537200020216606783199012195009&a=41b681e4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=37537200020216606783199012195009&a=41b681e4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:50 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
csi
csi.gstatic.com/ Frame 7EC4 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lcinajrr&c=8359092071123&slotId=4179546035561.5&qqid=CPP7tcXYr_wCFYWxewodDoQK8Q&gqid=XV-2Y7qTMdv2gAf60IaYBA&fb=ima_html5-lima&sdkv=h.3.550.0&ppt=videojs-ima&ppv=1.9.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&ghmsh_eids=44748969%2C44765701&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&met.4=ghmsh_s.lcinakx2~ghmsh_s.lcinakx3&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=OrOUZcGQwML1vQlL
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.550.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7EC4 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 7EC4 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-4272971530084173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.550.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:37:47 GMT
x-content-type-options
nosniff
age
2883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 05:27:47 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7EC4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrdSCXV-2Y7PZMoXj7gOOiKqID73ZpIduxLvqkMkQsJAfEAEgo5fQhgFglYKJgpgHoAGcr_uoAsgBBeACAKgDAZgEAKoE2gJP0HSuc0GvllMUhzYl-zuVJIrraox2AaPqhIzW4FY1HsE0MJdCSuEGLdVZta7y84mka25uJVaVtNha7Oxidf8zaacOQiX2Hv5OlbTv_1Xht1XY0ZSIt_EJgzV1tJa-YoPr5b2dlTfAlcgiH19aASKiHgWEj4vjOPVtxxdyFuHywfOLIPd-_EjAQFJp2tLHxxo7zhz3Siv_rNTRpLUj8L3IN9TuCkHZFMOdD986oT_ORswXYsweUNLzNW4R5Edt6bpE2t24tSk2Z_NQOdn5UvnaotaJHwlq2PDwy2QIFXsv5hbi0B1LLKdWutCjGhvbL0awp6S3NpkxfzOBYO5QRJAoeRRpYCqJ63-OJHXENl4DhxX_NxbMYivwPPcRzyzvkAELEJEJo7E8Zrw1O6cyILsW12pILcmu1tDHxDhhgX5HrtCUAz6ZO8W6ed_L48H9XGtgfGg2BF3rEnFdwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECaCRpodHRwczovL3d3dy5oZXJvLXdhcnMuY29tL7EJ0qa14GvcGHqACgPICwHQCw7gCwG4DAGaDQEO2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=mq7mKdDqBVw&label=show_ad&sdkv=h.3.550.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQPMBUiMQDyUAAMZCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7EC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAXdeXV-2Y7PZMoXj7gOOiKqID73ZpIduxLvqkMkQsJAfEAEgo5fQhgFglYKJgpgHoAGcr_uoAsgBBeACAKgDAZgEAKoE1wJP0HSuc0GvllMUhzYl-zuVJIrraox2AaPqhIzW4FY1HsE0MJdCSuEGLdVZta7y84mka25uJVaVtNha7Oxidf8zaacOQiX2Hv5OlbTv_1Xht1XY0ZSIt_EJgzV1tJa-YoPr5b2dlTfAlcgiH19aASKiHgWEj4vjOPVtxxdyFuHywfOLIPd-_EjAQFJp2tLHxxo7zhz3Siv_rNTRpLUj8L3IN9TuCkHZFMOdD986oT_ORswXYsweUNLzNW4R5Edt6bpE2t24tSk2Z_NQOdn5UvnaotaJHwlq2PDwy2QIFXsv5hbi0B1LLKdWutCjGhvbL0awp6S3NpkxfzOBYO5QRJAoeRRpYCqJ63-OJHXENl4DhxX_NxbMYivwPPcRzyzvkAELEJEJo7E8Zrw1O6dqIQET2EjHCFtlDUmZK6EdWMhsQU7KITQHMOuikhVlyC5pnEJMZKHIhQMEwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCgmi-oCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhicr_uoAtgTDdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTQyNzI5NzE1MzAwODQxNzMYtJt6&sigh=ISCzBjFCp2k&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9gR4P4eTHjz_LkYUu2bLkOQd1TPFNYFIqlYL5g0oTSQ8sBVEccVESfGvUbG4ddPe2NvCqueT1GAEgEw&vt=10&sdkv=h.3.550.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQPMBUiMQDyUAAMZCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lcinaji9&c=8359092071123&slotId=4179546035561.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EC4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.550.0&e=44748969%2C44765701&id=ima_html5&c=518682456494721&domain=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-4g5ednld.googlevideo.com/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-4g5ednld.googlevideo.com/videoplayback?expire=1672925149&ei=XV-2Y6jmO-qC6dsPqs6DwAw&ip=2a01:4a0:5a::5&id=1e79266198a3bba7&itag=22&source=youtube&requiressl=yes&mh=9c&mm=31&mn=sn-4g5ednld&ms=au&mv=m&mvi=3&pl=42&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=99.172&lmt=1667513595748502&mt=1672896081&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhALg9LD3YM4zzZ1wzwOD5XztpdRfcuy899f1qUiO3Bi7JAiEA9xY4K6ES2X7ls3SYwgcL2IuIqUmH_v92Qh2S6RyNMw8=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPL3xFC8O-Tqg12GsUubJkOREvm6Y_7yd2agZfi5lL9NAiEA2sttCnXZmTCd3dzt6kFUwp0M5wDVndWE5ZNdlyNX8WA=&cpn=OrOUZcGQwML1vQlL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:5d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 05 Jan 2023 05:25:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Nov 2022 22:13:15 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-6041693/6041694
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
6041694
Expires
Thu, 05 Jan 2023 05:25:50 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7EC4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrdSCXV-2Y7PZMoXj7gOOiKqID73ZpIduxLvqkMkQsJAfEAEgo5fQhgFglYKJgpgHoAGcr_uoAsgBBeACAKgDAZgEAKoE2gJP0HSuc0GvllMUhzYl-zuVJIrraox2AaPqhIzW4FY1HsE0MJdCSuEGLdVZta7y84mka25uJVaVtNha7Oxidf8zaacOQiX2Hv5OlbTv_1Xht1XY0ZSIt_EJgzV1tJa-YoPr5b2dlTfAlcgiH19aASKiHgWEj4vjOPVtxxdyFuHywfOLIPd-_EjAQFJp2tLHxxo7zhz3Siv_rNTRpLUj8L3IN9TuCkHZFMOdD986oT_ORswXYsweUNLzNW4R5Edt6bpE2t24tSk2Z_NQOdn5UvnaotaJHwlq2PDwy2QIFXsv5hbi0B1LLKdWutCjGhvbL0awp6S3NpkxfzOBYO5QRJAoeRRpYCqJ63-OJHXENl4DhxX_NxbMYivwPPcRzyzvkAELEJEJo7E8Zrw1O6cyILsW12pILcmu1tDHxDhhgX5HrtCUAz6ZO8W6ed_L48H9XGtgfGg2BF3rEnFdwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECaCRpodHRwczovL3d3dy5oZXJvLXdhcnMuY29tL7EJ0qa14GvcGHqACgPICwHQCw7gCwG4DAGaDQEO2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=mq7mKdDqBVw&label=video_ad_loaded&sdkv=h.3.550.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQPMBUiMQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 7EC4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.550.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 09:15:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7EC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAXdeXV-2Y7PZMoXj7gOOiKqID73ZpIduxLvqkMkQsJAfEAEgo5fQhgFglYKJgpgHoAGcr_uoAsgBBeACAKgDAZgEAKoE1wJP0HSuc0GvllMUhzYl-zuVJIrraox2AaPqhIzW4FY1HsE0MJdCSuEGLdVZta7y84mka25uJVaVtNha7Oxidf8zaacOQiX2Hv5OlbTv_1Xht1XY0ZSIt_EJgzV1tJa-YoPr5b2dlTfAlcgiH19aASKiHgWEj4vjOPVtxxdyFuHywfOLIPd-_EjAQFJp2tLHxxo7zhz3Siv_rNTRpLUj8L3IN9TuCkHZFMOdD986oT_ORswXYsweUNLzNW4R5Edt6bpE2t24tSk2Z_NQOdn5UvnaotaJHwlq2PDwy2QIFXsv5hbi0B1LLKdWutCjGhvbL0awp6S3NpkxfzOBYO5QRJAoeRRpYCqJ63-OJHXENl4DhxX_NxbMYivwPPcRzyzvkAELEJEJo7E8Zrw1O6dqIQET2EjHCFtlDUmZK6EdWMhsQU7KITQHMOuikhVlyC5pnEJMZKHIhQMEwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCgmi-oCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhicr_uoAtgTDdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTQyNzI5NzE1MzAwODQxNzMYtJt6&sigh=ISCzBjFCp2k&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9gR4P4eTHjz_LkYUu2bLkOQd1TPFNYFIqlYL5g0oTSQ8sBVEccVESfGvUbG4ddPe2NvCqueT1GAEgEw&sdkv=h.3.550.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7EC4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C-X4BXV-2Y7PZMoXj7gOOiKqID73ZpIduxLvqkMkQsJAfEAEgo5fQhgFglYKJgpgHoAGcr_uoAsgBBeACAKgDAZgEAKoE1wJP0HSuc0GvllMUhzYl-zuVJIrraox2AaPqhIzW4FY1HsE0MJdCSuEGLdVZta7y84mka25uJVaVtNha7Oxidf8zaacOQiX2Hv5OlbTv_1Xht1XY0ZSIt_EJgzV1tJa-YoPr5b2dlTfAlcgiH19aASKiHgWEj4vjOPVtxxdyFuHywfOLIPd-_EjAQFJp2tLHxxo7zhz3Siv_rNTRpLUj8L3IN9TuCkHZFMOdD986oT_ORswXYsweUNLzNW4R5Edt6bpE2t24tSk2Z_NQOdn5UvnaotaJHwlq2PDwy2QIFXsv5hbi0B1LLKdWutCjGhvbL0awp6S3NpkxfzOBYO5QRJAoeRRpYCqJ63-OJHXENl4DhxX_NxbMYivwPPcRzyzvkAELEJEJo7E8Zrw1O6dqIQET2EjHCFtlDUmZK6EdWMhsQU7KITQHMOuikhVlyC5pnEJMZKHIhQMEwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=a3Fja8ZngaA&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D942%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D2212,319,2450,742%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1563%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D951606330%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672896348226%26ptlt%3D1672896350236%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1672896350087&sdkv=h.3.550.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQPMBUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNIkgFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7EC4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJsY6SqEAUqgoMev7njv553Xiis_c2v7-OCWgqTZjigZzSCvQ7QZprQo-8wj2v4SZocjlriPPOVdMM82a-BbOhHqxZJAVsQxwEUjdEaBQ7LFhn6KC0SL8lvb9DE5mgWQ00l_oTP70EM2pTom3OK4lYMGmcKFl5wcFp&sai=AMfl-YT3v9foZ9tIUdRdwXHH9cyR1ARc1zkALMVFbNlepugPh3xHV9kQCF3X58YF7Ki_43KaveAI5L65aErW6aVCsr5-hXGGsT_ZPTaXqACpKdqWd0WYO6CaNKKfNtSuGg&sig=Cg0ArKJSzNSATW9rj329EAE&cid=CAQSOwDq26N9gR4P4eTHjz_LkYUu2bLkOQd1TPFNYFIqlYL5g0oTSQ8sBVEccVESfGvUbG4ddPe2NvCqueT1GAEgEw&id=lidarv&acvw=sv%3D942%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2212,319,2450,742%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1563%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D951606330%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672896348226%26ptlt%3D1672896350237%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672896350087&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7EC4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C-X4BXV-2Y7PZMoXj7gOOiKqID73ZpIduxLvqkMkQsJAfEAEgo5fQhgFglYKJgpgHoAGcr_uoAsgBBeACAKgDAZgEAKoE1wJP0HSuc0GvllMUhzYl-zuVJIrraox2AaPqhIzW4FY1HsE0MJdCSuEGLdVZta7y84mka25uJVaVtNha7Oxidf8zaacOQiX2Hv5OlbTv_1Xht1XY0ZSIt_EJgzV1tJa-YoPr5b2dlTfAlcgiH19aASKiHgWEj4vjOPVtxxdyFuHywfOLIPd-_EjAQFJp2tLHxxo7zhz3Siv_rNTRpLUj8L3IN9TuCkHZFMOdD986oT_ORswXYsweUNLzNW4R5Edt6bpE2t24tSk2Z_NQOdn5UvnaotaJHwlq2PDwy2QIFXsv5hbi0B1LLKdWutCjGhvbL0awp6S3NpkxfzOBYO5QRJAoeRRpYCqJ63-OJHXENl4DhxX_NxbMYivwPPcRzyzvkAELEJEJo7E8Zrw1O6dqIQET2EjHCFtlDUmZK6EdWMhsQU7KITQHMOuikhVlyC5pnEJMZKHIhQMEwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=a3Fja8ZngaA&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D942%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2212,319,2450,742%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1563%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D951606330%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672896348226%26ptlt%3D1672896350238%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672896350087&sdkv=h.3.550.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQPMBUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNIkgFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EC4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.550.0&e=44748969%2C44765701&id=ima_html5&c=518682456494721&domain=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7EC4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C-X4BXV-2Y7PZMoXj7gOOiKqID73ZpIduxLvqkMkQsJAfEAEgo5fQhgFglYKJgpgHoAGcr_uoAsgBBeACAKgDAZgEAKoE1wJP0HSuc0GvllMUhzYl-zuVJIrraox2AaPqhIzW4FY1HsE0MJdCSuEGLdVZta7y84mka25uJVaVtNha7Oxidf8zaacOQiX2Hv5OlbTv_1Xht1XY0ZSIt_EJgzV1tJa-YoPr5b2dlTfAlcgiH19aASKiHgWEj4vjOPVtxxdyFuHywfOLIPd-_EjAQFJp2tLHxxo7zhz3Siv_rNTRpLUj8L3IN9TuCkHZFMOdD986oT_ORswXYsweUNLzNW4R5Edt6bpE2t24tSk2Z_NQOdn5UvnaotaJHwlq2PDwy2QIFXsv5hbi0B1LLKdWutCjGhvbL0awp6S3NpkxfzOBYO5QRJAoeRRpYCqJ63-OJHXENl4DhxX_NxbMYivwPPcRzyzvkAELEJEJo7E8Zrw1O6dqIQET2EjHCFtlDUmZK6EdWMhsQU7KITQHMOuikhVlyC5pnEJMZKHIhQMEwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=a3Fja8ZngaA&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&label=admute&ad_mt=0&acvw=sv%3D942%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2212,319,2450,742%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D10%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D10%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1563%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D951606330%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672896348226%26ptlt%3D1672896350242%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672896350087&sdkv=h.3.550.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQPMBUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNIkgFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video_ad_session
ym-tack.b-cdn.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/video_ad_session?KSP;desktop;;KSP_VIDEO;Chrome;108.0.5359.124;;9109380764924036;main_page
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-230.bunnyinfra.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame F61A 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
264388
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Jan 2023 03:59:22 GMT
expires
Tue, 02 Jan 2024 03:59:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=2275458081435335&bg=!BQalBkLNAAYDMoyoIzI7ACkAdvg8WuujkLPBFl5BKXbElKz5eYhgENdw6O2zp1CMgAmEzeLoHjfJZwIAAABlUgAAAAJoAQeZApoI4sKypesYkoGP9NrA9K5iFlzufK8ys4mtKR86IsxQEOfSsrzQJwJJ7a4k4rleN6ZE9qg9KoG4kxC1GY2P6LtfFZiGerTnlFLA1CXTE-kTjabKqEIOOXnW_9hkWkxxSDsO2r5VMckA9MztQ4S7Xa_OZdY7yZiGXIWFVM7h-Iddf3T3N45IL_rKzhkE9w4rmvzO2ObESYg4Csa0DzSQYPnBnIYm-zybksryzEsZd8NYEnIYQH8hfGDiM2PgdcbpsbvWF6XgEi_-CN1yh4rx3fRncEvQR3emwFg1XzeY0C2HQECZIPZnnLeAVtcLDhxDvkpIX0L2xj9oDcZFmqRNknREv9yYSzUumbbDleC1KST189FTJtfRKtKJHp3DQdt7GnVrEbzRyRdUuDdx7OhOFcDRnTn1Jv9m7Bg2gc16kXFn6ZO6pm5pshP-6Ta0IKuLXEgOSd-cYNJ7XwlIkN0CLVoBOwTgPcPG4fxEDqiGdVYkh7-E89IxCuuycT2Stwms1Wu3ffFe7Y5AsAog-1kAAdKsYp1_oCxihpfD8PPPIPxjh7kH2MEYWUQzJs1ny1NxewdJFOe1tAvmDPOA0bOeP-2OE3mg5Sv7-JrPUGz-4zpYfRAG4OCSI6d2PAnXBS8t2aFHkKzMOuLwb991k_ePg0nB0P6xSkZYRNfJyUavkxuUDxix0uVcH7aSkSoSOMfOrYP1LfmXOEnbuH1Svq7fEgeppvdPu9GqyqzLbOf8_RYZrcZdMTQDCJKpmUg-LOrg8XjbO9lq5jY_PaMUPhPpENKZipaZ_iJV-F_kqT2GvRy0nPM_x4gQM8-9Od111aUivb5zQSALIty7Sg25hgAif09YmvmBAA5-SI1sJDTSCuuu9Jgxl3v-XCAPKLY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame F61A 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:41:49 GMT
playback
www.youtube.com/api/stats/ Frame 7EC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44765701&el=adunit&cpn=OrOUZcGQwML1vQlL&docid=HnkmYZiju6c&visitordata=CgtNVHpObFZyZ2lwYw%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.201&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fua.korrespondent.net%2F&len=99.010&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=108.0.5359.124&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lcinakyx&c=8359092071123&slotId=4179546035561.5&met.4=hvd_lc.lcinakyx~hvd_ad.lcinakyx~hvd_mad.lcinakyx~hvd_admu.lcinakyx~hvd_src.lcinakyx&ps=423x238
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F61A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.550.0&bgai=Bm-19XV-2Y7PZMoXj7gOOiKqIDwAAAAA4AboFEwj6tbTF2K_8AhVbO-AKHXqoAUM&bg=!ubqluv7NAAYDMoyoIzI7ACkAdvg8WmnEitO9T0owHfbuRcPT5gzz04ZAdfcnlBkSPmuoPnN8RRG6QwIAAABUUgAAAAJoAQcKASWjaqGsV65kIgMHaqS_48IEP4zX_hjjPsi-LKahZ1DBtVNZtx1t8YDi4UYxyvfHahKJCz_bm43qQMi3u9jpO-pIGHOaBWOK2CZNQF2I0BaYOQEXikT6sT4nhrw4bwS28UREIrJ_8C18q4FvdKk3dHCzHClDTUeRPjfBU8uKc2wlm9Y5GcmuXrzqX19tx3bnIMdqJb34tBB-fu2w_ux8056PAQlPIqQW8eiZmufRrj_KFwt9UltKrh1SvXrcSn07XgFyjcNqRf3eHTvHX3SgFAaZTbHLHOPBFGh0Rble5b3l9X8eGY-htpx9RcQEU8s4dcu-cz2ouYNxkBq_wGXh40eZfxkGpglo8-f33rvFXabSEXlVMPO4RINJHdYTDKi14DrMXtoOyJkCRH9Hp_uWtYtiwaZtoC2kzz956LXb_TCUesVAFgfRCO-n3ewQPnxAmrg6wZZds4QXoGb7HISWSyLCOT2eDSOfSwcyatTgr6pq1NZK2GiGCz08SdU1IaFFFEstUy7zNA0R5NzvMeNsNw7--iJ1upqDQMIaoCzTzmtTyFRvvMmrRssllwyMft9993x91gKlquzoL2Yr_Gvq6-QCZmHFxkwFwvV9ct89MOJ8dEajMRlBBK43NSGwD3CVsLpB2ikzRauLF8R8xPmzbd32toXL6tyZbQuc8GN5X6T-OLKp2s4hFXX_5NGoNylLDQYeiQvFJAVKhXnC23FSqGD609-03l2vm2ulSvoO036NGxgEUbLTzOgmfk-lGQ4j9LX1wRTZpUYrwj9Xo6GsV0f_p5qShdVx0k3weajxlrkjLCSUmwdSrB8ovVHNJauiTJkB0k_-PAS3NKkeg_S2IAU0fFmhjqboPwGTVAF8IckEU5QGM9QVNoUj73BNXAqKaK4WBiyehkQ6nv_K4pGKv-FtecrVJfPoAn7Gs-069ex7FTRDmxUo8oiEmCqb0Y2b7sWF1YV99xeZTFwKXaMQmCL7s902PLFqIi_zYoo4RAQFlZ9-r22iNDMmRwhwkf-07V8unR_qNBkXiGbSBkN6NyjUsKDT21s7gma874KHWf3uXr787LxcdYVHGCYThqZ6lo6LQZhKEitLOezt77DX9fcaRTP3BQZnhzM1RZiO1VPyIEwd4GV8gtg0sUmgDwB5KeRq2hTS4wtnmRHYkIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame 2E57 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:50 GMT
d
ic.tynt.com/r/ Frame B475 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Thu, 05 Jan 2023 05:25:50 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
async_usersync.html
acdn.adnxs.com/dmp/ Frame B402 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44516
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:50 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 Jan 2023 17:03:48 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
7, 268239
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220075-HHN
X-Timer
S1672896351.711305,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 09CA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44515
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:50 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 Jan 2023 17:03:48 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
7, 265871
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1672896351.711858,VS0,VE0
/
onetag-sys.com/usync/ Frame 19CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame EAB0 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:50 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 94F3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117795
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 05:25:50 GMT
expires
Fri, 06 Jan 2023 14:09:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 56DC
Redirect Chain
  • https://csync.loopme.me/?pubid=11378&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8e1d98f6-adf0-4603-bbb0-a30a913a90ae&gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8e1d98f6-adf0-4603-bbb0-a30a913a90ae&gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 05 Jan 2023 05:25:50 GMT
Etag
6245242d4e90647b
Server
Adtelligent

Redirect headers

content-length
0
date
Thu, 05 Jan 2023 05:25:50 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8e1d98f6-adf0-4603-bbb0-a30a913a90ae&gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 14E0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117795
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 05:25:50 GMT
expires
Fri, 06 Jan 2023 14:09:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 7491 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:50 GMT
usync.js
eus.rubiconproject.com/ Frame EAB0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b2d8d487376553bd276e2d91652ea0a76c01fbc86f383d30656e38d40d042cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:50 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 21:35:34 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=58184
content-length
10067
expires
Thu, 05 Jan 2023 21:35:34 GMT
async_usersync
ib.adnxs.com/ Frame B402 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:50 GMT
AN-X-Request-Uuid
792ff1fd-718f-4949-b6f6-0e6687500f17
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ua.korrespondent.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 05 Jan 2023 05:25:49 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
502279
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=HNODHHw1Qllxa0VISURqQXJZWTNpMGdTbDdXRi82MHY5eUcyZlI5dkRpMGtEQnFYOUs1T2Y2V2t3V1BqQW9qMkZEUjhGbHE0WEFzak0yZDl5NUJNRnZYQlRFai9LNWVqWXl3UUg2QXdrQ1VJTVJUb2lZb3ZhckgxZTZ1cn...
450 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HNODHHw1Qllxa0VISURqQXJZWTNpMGdTbDdXRi82MHY5eUcyZlI5dkRpMGtEQnFYOUs1T2Y2V2t3V1BqQW9qMkZEUjhGbHE0WEFzak0yZDl5NUJNRnZYQlRFai9LNWVqWXl3UUg2QXdrQ1VJTVJUb2lZb3ZhckgxZTZ1cnJyOGZEMW1oV1FWR1hxOVJydmNxYnFxVnY2c2tPMkc1WnZjZjZuaEpEVFhSVFRQdzdTNlJxeUh0NERtLzIzcG44WFN4Mjd0QUJNUUw5L0xZU2JHMUhFOFZqMGVxUkUwSVJiOGZBbHVoNEJ6ZkM1SFN6QTRBbCt6STFGQ0ZoMXNKVEVBNXR4dXFTVW5xZk4zaXl1SFllWmRQTUJYa0lob2Y5L2xCakM5dHAwSlFBak8yWWpYMD18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7436339e9c616435803a63d0efe75ea4ccda17a421244ecd2c88ebce5c8925a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1805208
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=HNODHHw1Qllxa0VISURqQXJZWTNpMGdTbDdXRi82MHY5eUcyZlI5dkRpMGtEQnFYOUs1T2Y2V2t3V1BqQW9qMkZEUjhGbHE0WEFzak0yZDl5NUJNRnZYQlRFai9LNWVqWXl3UUg2QXdrQ1VJTVJUb2lZb3ZhckgxZTZ1cnJyOGZEMW1oV1FWR1hxOVJydmNxYnFxVnY2c2tPMkc1WnZjZjZuaEpEVFhSVFRQdzdTNlJxeUh0NERtLzIzcG44WFN4Mjd0QUJNUUw5L0xZU2JHMUhFOFZqMGVxUkUwSVJiOGZBbHVoNEJ6ZkM1SFN6QTRBbCt6STFGQ0ZoMXNKVEVBNXR4dXFTVW5xZk4zaXl1SFllWmRQTUJYa0lob2Y5L2xCakM5dHAwSlFBak8yWWpYMD18&cppv=2
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
321936
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6A8C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117795
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 05:25:50 GMT
expires
Fri, 06 Jan 2023 14:09:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 17EA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44516
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:50 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 Jan 2023 17:03:48 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
7, 265872
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1672896351.757389,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DC89 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117795
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 05:25:50 GMT
expires
Fri, 06 Jan 2023 14:09:05 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 91A8 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:50 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5A57 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1672896347500&gdpr=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pd
eu-u.openx.net/w/1.0/ Frame 16FD 		666 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9dae1075f280ebc826d1d5700465b237ae590906ab789dff02bc1a295ace6ed1

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
418
content-type
text/html
date
Thu, 05 Jan 2023 05:25:50 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDcwOTE1NTQzMTEyMjc4MTU2Mw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDcwOTE1NTQzMTEyMjc4MTU2Mw==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDcwOTE1NTQzMTEyMjc4MTU2Mw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 05 Jan 2023 05:25:50 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=e502ee25-8ffb-49ca-9149-3e937b6e91c1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=e502ee25-8ffb-49ca-9149-3e937b6e91c1
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:50 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

date
Thu, 05 Jan 2023 05:25:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=e502ee25-8ffb-49ca-9149-3e937b6e91c1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=821e5617-9d33-4f23-bc56-aed6a8c13bda&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=821e5617-9d33-4f23-bc56-aed6a8c13bda&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=821e5617-9d33-4f23-bc56-aed6a8c13bda&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1256908
content-length
0
expires
Thu, 05 Jan 2023 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7185035104266221712&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7185035104266221712&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:49 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7185035104266221712&gdpr=0&gdpr_consent=
Date
Thu, 05 Jan 2023 05:25:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
async_usersync
ib.adnxs.com/ Frame 09CA 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:50 GMT
AN-X-Request-Uuid
976e4d07-e220-4cd4-9d70-1b892fd2f4ef
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 91A8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b2d8d487376553bd276e2d91652ea0a76c01fbc86f383d30656e38d40d042cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:50 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 21:35:34 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=58184
content-length
10067
expires
Thu, 05 Jan 2023 21:35:34 GMT
async_usersync
ib.adnxs.com/ Frame 17EA 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:50 GMT
AN-X-Request-Uuid
f5a1933f-9862-4f73-9152-9c7bf3daedf4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
66f5704be34cbc1ffab276bedc17383c3135df4305e728ffe6378d10e87b14da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 94F3 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51989470&p=162179&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a8ac64da60836b2737c3e78283141cc234149b1840d8264205da0a4e8358546c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HNODHHw1Qllxa0VISURqQXJZWTNpMGdTbDdXRi82MHY5eUcyZlI5dkRpMGtEQnFYOUs1T2Y2V2t3V1BqQW9qMkZEUjhGbHE0WEFzak0yZDl5NUJNRnZYQlRFai9LNWVqWXl3UUg2QXdrQ1VJTVJUb2lZb3ZhckgxZTZ1cnJyOGZEMW1oV1FWR1hxOVJydmNxYnFxVnY2c2tPMkc1WnZjZjZuaEpEVFhSVFRQdzdTNlJxeUh0NERtLzIzcG44WFN4Mjd0QUJNUUw5L0xZU2JHMUhFOFZqMGVxUkUwSVJiOGZBbHVoNEJ6ZkM1SFN6QTRBbCt6STFGQ0ZoMXNKVEVBNXR4dXFTVW5xZk4zaXl1SFllWmRQTUJYa0lob2Y5L2xCakM5dHAwSlFBak8yWWpYMD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 05 Jan 2023 05:25:49 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
599773
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sd
eu-u.openx.net/w/1.0/ Frame 16FD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b5a63b6-5f5c-4e01-be27-94022feba0a2
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b5a63b6-5f5c-4e01-be27-94022feba0a2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:50 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x31 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b5a63b6-5f5c-4e01-be27-94022feba0a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:49 GMT
sd
us-u.openx.net/w/1.0/ Frame 16FD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=w1FRt8AEBuTYBlHikFcet5YHBbbYB1WxkwfNSnu_
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=w1FRt8AEBuTYBlHikFcet5YHBbbYB1WxkwfNSnu_
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=w1FRt8AEBuTYBlHikFcet5YHBbbYB1WxkwfNSnu_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 16FD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=951816736145919925
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=951816736145919925
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=951816736145919925
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 16FD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=f08b79dd-1e39-76a6-d6db-80af5d7d4a07&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 16FD 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGNlNGFhMTctZDc0ZS0yODAyLWMzM2ItZGExNjk3OWY4NDY3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 16FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECHd-JPOUdlGBSrgYXmvQr0&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECHd-JPOUdlGBSrgYXmvQr0&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECHd-JPOUdlGBSrgYXmvQr0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
692.json
id5-sync.com/g/v2/ 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/hb_738585_17161.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
6823fae2120a42019983e3aa4e8cb0f6d3f6cb5e2dcbd2ef155ca1dfabb8027d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Thu, 05 Jan 2023 05:25:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/ksp/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Jan 2023 05:25:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C906
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6b5a63b6-5f5c-4e01-be27-94022feba0a2&gdpr=0&gdpr_consent=
42 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6b5a63b6-5f5c-4e01-be27-94022feba0a2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 05 Jan 2023 05:25:50 GMT
Expires
Thu, 05 Jan 2023 05:25:49 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x32 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6b5a63b6-5f5c-4e01-be27-94022feba0a2&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 7C89
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:50 GMT
expires
Thu, 05 Jan 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
860510
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame F65A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5027029190840815360
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5027029190840815360
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5027029190840815360
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame EBCE 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=26324302-0D94-4CAE-9668-5F58D081266B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Jan 2023 05:25:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CDFMT2ACHSC2SDATZVF0
Pug
simage2.pubmatic.com/AdServer/ Frame 8600
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489809576130088528&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489809576130088528&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
7aefafca-1b42-44f2-ac7c-889f778f3d32
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:50 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489809576130088528&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 94F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JjJDAg2UTK6WaF9Y0IEmaw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:50 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=117795
accept-ranges
bytes
content-length
5554
expires
Fri, 06 Jan 2023 14:09:05 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 94F3 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=26324302-0D94-4CAE-9668-5F58D081266B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7849cbb16b1f9152-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 94F3 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.72
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 94F3
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2430886179
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=26324302-0D94-4CAE-9668-5F58D081266B
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=26324302-0D94-4CAE-9668-5F58D081266B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
via
1.1 google
last-modified
Thu, 05 Jan 2023 05:25:51 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=26324302-0D94-4CAE-9668-5F58D081266B
date
Thu, 05 Jan 2023 05:25:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 94F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjYzMjQzMDItMEQ5NC00Q0FFLTk2NjgtNUY1OEQwODEyNjZC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 94F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKv3VkVbdP3j0YIZtomrNhs&google_cver=1
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKv3VkVbdP3j0YIZtomrNhs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKv3VkVbdP3j0YIZtomrNhs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 94F3 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 04 Jan 2023 05:25:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 94F3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=951816736145919925
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=951816736145919925
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=951816736145919925
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 94F3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
track.adform.net/serving/unload/ Frame FAB2 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=951816736145919925@@60271187,5885085272233098236,100|1101|0|0|0|0|0|0|0||50|1|||||1|0|0|DVKN9r-qPfVcPlakbYq96VUUUOYZCHxwlyFF7si--Tf2SFxPEa-pSfL_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90009.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal90009.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
async_usersync
ib.adnxs.com/ Frame B402 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:51 GMT
AN-X-Request-Uuid
5f8763c9-6069-487a-b76b-914ec2438f5b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 09CA 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:51 GMT
AN-X-Request-Uuid
6f99e5f5-3186-4a62-a751-d1be2e816114
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 17EA 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:51 GMT
AN-X-Request-Uuid
49a98b76-d526-44d6-8485-4e7f5dd6bdf7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7EC4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJsY6SqEAUqgoMev7njv553Xiis_c2v7-OCWgqTZjigZzSCvQ7QZprQo-8wj2v4SZocjlriPPOVdMM82a-BbOhHqxZJAVsQxwEUjdEaBQ7LFhn6KC0SL8lvb9DE5mgWQ00l_oTP70EM2pTom3OK4lYMGmcKFl5wcFp&sai=AMfl-YT3v9foZ9tIUdRdwXHH9cyR1ARc1zkALMVFbNlepugPh3xHV9kQCF3X58YF7Ki_43KaveAI5L65aErW6aVCsr5-hXGGsT_ZPTaXqACpKdqWd0WYO6CaNKKfNtSuGg&sig=Cg0ArKJSzNSATW9rj329EAE&cid=CAQSOwDq26N9gR4P4eTHjz_LkYUu2bLkOQd1TPFNYFIqlYL5g0oTSQ8sBVEccVESfGvUbG4ddPe2NvCqueT1GAEgEw&id=lidarv&acvw=sv%3D942%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D965,1190,1190,1590%26tos%3D1807,219,0,0,0%26mtos%3D1807,2026,2026,2026,2026%26amtos%3D0,0,0,0,0%26mcvt%3D2026%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2438%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D612%26pst%3D412%26dur%3D99009%26vmtime%3D2341%26dtos%3D2026%26dtoss%3D1%26dvs%3D2026%26dfvs%3D1807%26dvpt%3D2428%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33558803%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1563%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D10,1,0,0,0%26avms%3Dexc%26qi%3D951606330%26psm%3D-2147483641%26psv%3D7%26psfv%3D6%26psa%3D0%26pnmm%3D1672896348226%26ptlt%3D1672896352669%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2026&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1672896350087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 94F3 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162179&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 14E0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8183971&p=162179&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dc511af72f496bc1bf4709ebc8568b3e30a0c088d0e3326840ab9dac0f5305d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 05 Jan 2023 05:25:52 GMT
content-length
1809
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 6A8C 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77707760&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b3458ac0dae1a2b61f103de1f78bb608f3054568df32092d0fce305ecb622df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame DC89 		374 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67326393&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
84ae1187eecddaa96c4013cf61ef074f518753f4ed4a913b2d56d7b251026161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 05 Jan 2023 05:25:53 GMT
content-length
374
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 0E01
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 05 Jan 2023 05:25:53 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 85CE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
42 B
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 05 Jan 2023 05:25:53 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 0ED3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6ehWm5S6R0ZwvQWKmDtlQlD_CsY
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6ehWm5S6R0ZwvQWKmDtlQlD_CsY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6ehWm5S6R0ZwvQWKmDtlQlD_CsY
Pug
image2.pubmatic.com/AdServer/ Frame DB3E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYWcwN0hiTDhBQUNCSi1IbkJmZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACag07HbL8AACBJ-HnBfg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACag07HbL8AACBJ-HnBfg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACag07HbL8AACBJ-HnBfg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4709155431122781563&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 05 Jan 2023 05:25:54 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
p
a.audrte.com/ Frame 14E0
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=26324302-0D94-4CAE-9668-5F58D081266B
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.80.38.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-38-94.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 05 Jan 2023 05:25:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 14E0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:56 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:56 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 14E0
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26324302-0D94-4CAE-9668-5F58D081266B&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26324302-0D94-4CAE-9668-5F58D081266B&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Thu, 05 Jan 2023 05:25:54 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26324302-0D94-4CAE-9668-5F58D081266B&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=92565cd5fda9d127/gdpr=0/ Frame 14E0
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=92565cd5fda9d127/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=92565cd5fda9d127/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Protocol
H2
Server
52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.28.15
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=92565cd5fda9d127/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 14E0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_3450da91-f336-4433-8de7-843f46b4f046&bsw_param=4ca8d75a-8253-4a8a-8455-c02c0d93e050&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 05 Jan 2023 05:25:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
26324302-0D94-4CAE-9668-5F58D081266B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 14E0 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/26324302-0D94-4CAE-9668-5F58D081266B?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:9af0:2701:a426:d747 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 14E0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26324302-0D94-4CAE-9668-5F58D081266B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9oYBZUlE2uXAli2Cp3Z9SrlodIHWQzg-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9oYBZUlE2uXAli2Cp3Z9SrlodIHWQzg-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9oYBZUlE2uXAli2Cp3Z9SrlodIHWQzg-~A&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 05:25:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 14E0 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 14E0 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 14E0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2430180155125739679&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2430180155125739679&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2430180155125739679&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
p
a.audrte.com/ Frame 6A8C
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=26324302-0D94-4CAE-9668-5F58D081266B
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.80.38.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-38-94.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 05 Jan 2023 05:25:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 6A8C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:56 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:56 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=26324302-0D94-4CAE-9668-5F58D081266B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 6A8C
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26324302-0D94-4CAE-9668-5F58D081266B&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26324302-0D94-4CAE-9668-5F58D081266B&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Thu, 05 Jan 2023 05:25:54 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=26324302-0D94-4CAE-9668-5F58D081266B&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame 6A8C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=80317ac91790bc96bab15f6c2957e869&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame D59E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 05 Jan 2023 05:25:53 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame F76C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 05 Jan 2023 05:25:53 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035104266221712&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 6A8C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d1b118ec-1b43-40cc-b001-9b0b5991e9bf&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4ca8d75a-8253-4a8a-8455-c02c0d93e050&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 05 Jan 2023 05:25:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
26324302-0D94-4CAE-9668-5F58D081266B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6A8C 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/26324302-0D94-4CAE-9668-5F58D081266B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:9af0:2701:a426:d747 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 6A8C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26324302-0D94-4CAE-9668-5F58D081266B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9oYBZUlE2uXAli2Cp3Z9SrlodIHWQzg-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9oYBZUlE2uXAli2Cp3Z9SrlodIHWQzg-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9oYBZUlE2uXAli2Cp3Z9SrlodIHWQzg-~A&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 05:25:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame A10C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1iV1U5HlRUBtm2U61-H6cVD_CsY
42 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1iV1U5HlRUBtm2U61-H6cVD_CsY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1iV1U5HlRUBtm2U61-H6cVD_CsY
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6A8C 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6A8C 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3A33
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACag07HbL8AACBJ-HnBfg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsas%252Cpm%26be...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACag07HbL8AACBJ-HnBfg&pid=558502&do...
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACag07HbL8AACBJ-HnBfg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=2&userid=4709155431122781563&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 05 Jan 2023 05:25:54 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACag07HbL8AACBJ-HnBfg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6A8C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2358122561087811743&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2358122561087811743&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2358122561087811743&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 537D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfYgAJS9kWkwAo&gdpr=0&gdpr_consent=&_test=Y7ZfYgAJS9kWkwAo
1 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfYgAJS9kWkwAo&gdpr=0&gdpr_consent=&_test=Y7ZfYgAJS9kWkwAo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 05 Jan 2023 05:25:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfYgAJS9kWkwAo&gdpr=0&gdpr_consent=&_test=Y7ZfYgAJS9kWkwAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220020-HHN
x-timer
S1672896354.099204,VS0,VE0
i.match
s.tribalfusion.com/z/ Frame CBFF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7849cbc5aa44bbaf-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7849cbc468dcbbaf-FRA
content-type
text/html
date
Thu, 05 Jan 2023 05:25:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
88
Pug
simage2.pubmatic.com/AdServer/ Frame 6A4E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 05 Jan 2023 05:25:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
generic
match.adsrvr.org/track/cmf/ Frame CA2D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1672896353991
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7011107387
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7011107387
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 05 Jan 2023 05:25:54 GMT
etag
RXa700a8d0135a4b69a32084e6b71e6604003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7011107387
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame F1B8 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Jan 2023 05:25:54 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-23c1dee199d3@version_1.531
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 0922 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 05 Jan 2023 05:25:54 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame CAD7 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:54 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7a00e6cbb93fc9d0/gdpr=0/ Frame F104
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7a00e6cbb93fc9d0/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7a00e6cbb93fc9d0/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7GPoEAlsTgaanUjhhRYMjRQa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:54 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.12.72

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7a00e6cbb93fc9d0/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7GPoEAlsTgaanUjhhRYMjRQa
cm
ipac.ctnsnet.com/int/ Frame E431 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 80ED
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1c47j4gb8ohh
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1c47j4gb8ohh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Thu, 05 Jan 2023 05:25:55 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1c47j4gb8ohh
lws
125
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4AB0
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:ABD98127C7004AF885174BFD946D5191&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:ABD98127C7004AF885174BFD946D5191&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 05 Jan 2023 05:25:53 GMT
expires
Wed, 04 Jan 2023 05:25:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:ABD98127C7004AF885174BFD946D5191&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 6A8C
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6673b07d-bc49-4c16-a398-54f50a7329bd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6673b07d-bc49-4c16-a398-54f50a7329bd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6673b07d-bc49-4c16-a398-54f50a7329bd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 05 Jan 2023 05:25:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 6A8C
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6489809576130088528
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6489809576130088528
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 05 Jan 2023 05:25:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.198; 80.255.10.198; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dbe74c5f-2afc-4978-addb-ac15b69f7d61
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6489809576130088528
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 017A 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:53 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
SPug
image4.pubmatic.com/AdServer/ Frame DC89
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b5a63b6-5f5c-4e01-be27-94022feba0a2
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b5a63b6-5f5c-4e01-be27-94022feba0a2
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 05 Jan 2023 05:25:53 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x35 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b5a63b6-5f5c-4e01-be27-94022feba0a2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:52 GMT
/
track.adform.net/serving/unload/ Frame FAB2 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=951816736145919925@@60271187,5885085272233098236,100|4702|0|0|0|0|0|0|0||214|1|||||1|0|0|DVKN9r-qPfVcPlakbYq96VUUUOYZCHxwlyFF7si--Tf2SFxPEa-pSfL_QlhaeLlf0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90009.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal90009.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
all
csm.eu.criteo.net/ Frame 8697 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0xLpfdjTZFobtDfJbI7w-Q1bT_YVpqjfJhHTidBiIKSpBkThAoxer-TPC2Jcvlpt2sk8KdkNslXg-58DKdNjXwBg8hCFv5_fBNgR4cD-BhlyW5i_hb-NkQoitBvdZs8XBZJeNlEjIq_lcEk_6xvThkxoC3-K7c2unE8Y7xPglD20B0JzmeVLaG3k_BmYVV7nFlTurQxZUVC1u7pzbEkfJy0lCQxJUVYGMm0Zqp-c9YrE7UYaa-N91VOjXxFB2TsrHBKGmw&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfWwAG4-wH_Z5iAAhhKlkp1-0PKngKVVVEWg&u=%7Cs8thjUDRHiHnaZRTC97csA5ktcyfLuecsY4xuAZFveU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRfM6ej-wSKSJdSonS0yYsBRzBwXQH996iMsJkXOoYFVYmTn832AN8DvzvBtukGdlQDLu-VOR-x04wBLOFf0ZeWo1E8W_xaETkrwMreZX5jmJK5JHBKYgjYvM8oay5xWhjZvSuM2-tHiECdpEq_qoVuQ7sYIDUGsO9h_0V65tbGQfWf8iPuh6eWeEni5TE-vzPWJHnG-M4ZRcNrE8ic5WGZDYM5lu164wyN1cUCe8eqAiDr3tF3-VjlBtE3HBVLI26k4QIAB63VNW6f6yuiTzqENP2vtjyp9AzZhLGi9RtFE_0JfaUyV8o0SlwY6RwHxiGJQFRzZvHwuJ6LbxTyOtJ7EnRXlIhhC7Hm-XBiKvKdKPRlTGgiSUNIGqnqUml1oWHd7AAcFnYLSGaX11BlApGKqaRwciw12RHgODICoD2RqxNhCfcg5KLAY297t2OxJFR2UoblEiS8R2h1lLHl-Pn_ouch2DqV3Qhc5x-9XlIG-Rf_53FmTqTmpADGUyVD0C5J4inZ4WCz494PVEDBvjL94BkEvFJ017nZ_IS9GM2taJWMiuR3hwjJiWCbNN688xIeSPPAiuvM1RFNP4QHhtMIIYP6920c1Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA_8DW1-2Y-zHG-K89u8PqsKhkA3JntKxXNWdkfdwwI23ARABIABglYKJgpgHggEXY2EtcHViLTM3NTU2NjIxOTczODYyNjnIAQmpAgZhoAiUyrE-qAMBqgTsAU_Qs-6VqImU5YJ7SrRNSSXTwhfEPi_O2TR0W3nIedTfy_DcM00vmwLbAo4f2X9KE8SJlTfevkY3FqGXl4FfGbzq6NgHRrzaC83vh7tIbWvD9AX4imAHuRG4xu5URPjl7mg4_YGH2xFtpR597fZCNNlRbCIuRK00GTGj4Fn8s0iZHLqSSZISWO2dWcUoj5uWlwMqOIwgUaP4z2n-kfSsvZ-TbO7pNusSRmFk1XzOQFvILOMnG59Ve0GfuoKK0DmPpHL-o9lvMpsjoH2ATImJETPwSNKGN_8zONr7JOEvtASVVb07wz14OJhiJTZngAalj7S_8_uewFegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1x7XhBoRIwYbYxvX3oJY92yVe-OQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7EC4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C-X4BXV-2Y7PZMoXj7gOOiKqID73ZpIduxLvqkMkQsJAfEAEgo5fQhgFglYKJgpgHoAGcr_uoAsgBBeACAKgDAZgEAKoE1wJP0HSuc0GvllMUhzYl-zuVJIrraox2AaPqhIzW4FY1HsE0MJdCSuEGLdVZta7y84mka25uJVaVtNha7Oxidf8zaacOQiX2Hv5OlbTv_1Xht1XY0ZSIt_EJgzV1tJa-YoPr5b2dlTfAlcgiH19aASKiHgWEj4vjOPVtxxdyFuHywfOLIPd-_EjAQFJp2tLHxxo7zhz3Siv_rNTRpLUj8L3IN9TuCkHZFMOdD986oT_ORswXYsweUNLzNW4R5Edt6bpE2t24tSk2Z_NQOdn5UvnaotaJHwlq2PDwy2QIFXsv5hbi0B1LLKdWutCjGhvbL0awp6S3NpkxfzOBYO5QRJAoeRRpYCqJ63-OJHXENl4DhxX_NxbMYivwPPcRzyzvkAELEJEJo7E8Zrw1O6dqIQET2EjHCFtlDUmZK6EdWMhsQU7KITQHMOuikhVlyC5pnEJMZKHIhQMEwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=a3Fja8ZngaA&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&label=video_skip_shown&ad_mt=5014&acvw=sv%3D942%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D2212,319,2450,742%26p0%3D2212,319,2450,742%26tos%3D2614,219,0,0,0%26mtos%3D2614,2833,2833,2833,2833%26amtos%3D0,0,0,0,0%26mcvt%3D2833%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5070%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1228%26pst%3D412%26dur%3D99009%26vmtime%3D5013%26is%3D33554450%26i0%3D33554450%26cs%3D50336019%26c%3D0%26c0%3D0%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2614,2833,2833,2833,2833%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1563%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D13,1,0,0,0%26avms%3Dexc%26qi%3D951606330%26psm%3D-2147483585%26psv%3D7%26psfv%3D6%26psa%3D0%26pnmm%3D1672896348226%26ptlt%3D1672896355301%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2833%26ss0%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1672896350087&sdkv=h.3.550.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQPMBUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNIkgFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 14E0 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162179&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 6A8C 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| Domain object| korr function| $ function| jQuery function| movePremiumBeforeTagOnMobile function| changeClass1 function| changeClass2 function| foundMistake function| FormDefaultButton object| jQuery191008530802766816059 object| selection number| H_DEV object| holderPlaces function| holder object| googletag object| vmpbjs object| vpb string| ua function| loadWeather function| FixScript1055 function| ajaxNews1055 undefined| rubrics undefined| href string| iS object| iD string| iT string| iH number| iI function| ABNS string| ABNSh object| ABNSl object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| vmpbjsChunk object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| gaplugins object| gaGlobal object| gaData function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b function| UserNotification function| loginWithFB function| ShowHiddenTop object| mql function| changeposition function| ShowHidden function| SetLocalStorage function| ajaxNews1064 string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| _jqjsp object| ggeac object| google_js_reporting_queue object| prl object| regeneratorRuntime object| mwayss object| adsbygoogle boolean| google_measure_js_timing number| bfsample object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| setImmediate function| clearImmediate function| Achernar object| pbjsChunk object| pbjs function| Swiper object| google_image_requests object| googleToken object| googleIMState function| processGoogleToken function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Criteo object| notsyCmd object| sas object| apntag object| _ADAGIO object| notsy_pbChunk object| notsy_pb function| notsyInitUnit boolean| yieldMasterScriptLoaded function| notsyInit function| notsyNewPlacementTagAdded function| notsyDisableUnit function| notsyDisableRefreshOnUnit function| notsyReEnableRefreshOnUnit function| notsyRemoveAllAds function| notsyDisableRefresh object| yieldMaster object| notsyAdVideo object| yieldMasterCmd object| yieldMasterVideo object| notsyAdVideoServices object| vttjs function| WebVTT function| videojs object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| VPAIDHTML5Client function| vpaid_video_flash_handler function| InLine__A function| videojsIma function| videojsContribAds object| closure_lm_653086 object| closure_lm_229324 object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| GoogleGcLKhOms object| Criteo_prebid_123

158 Cookies

Domain/Path Name / Value
.korrespondent.net/ Name: dcw
Value: 44
.korrespondent.net/ Name: _ga
Value: GA1.2.201022016.1672896347
.korrespondent.net/ Name: _gid
Value: GA1.2.60821454.1672896347
.korrespondent.net/ Name: _gat_gtag_UA_1609229_9
Value: 1
.i.ua/ Name: __cf_bm
Value: .amLLShsWFh95v1uU.nRH7VvSw5R9FTPU5SVCq0PFow-1672896346-0-Ab0xXPnOsh5gnQ4pvKA2rkTG30QRqdrmeNlyWlo2YOcu7WKULqqyp6LrDnwjqMCy6V1ulq85/8yN5uqjByiQs1I=
.cdn.umh.ua/ Name: AU
Value: d393e4cc5f344ab0
.ua.korrespondent.net/ Name: _ga
Value: GA1.3.201022016.1672896347
.ua.korrespondent.net/ Name: _gid
Value: GA1.3.60821454.1672896347
.ua.korrespondent.net/ Name: _dc_gtm_UA-1609229-30
Value: 1
ad.mox.tv/ Name: moxuuid
Value: 3580df2c-d076-48a1-95f1-a65a4dc74eb9
ad.mox.tv/ Name: _mwayss_zone_imp[1554][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[1554][frequencyPeriodEnd]
Value: 1672982746
ad.mox.tv/ Name: _mwayss_imp[15493][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15493][frequencyPeriodEnd]
Value: 1672982746
ad.mox.tv/ Name: _mwayss_camp_imp[4849][frequencyPeriodEnd]
Value: 1672982746
ad.mox.tv/ Name: _mwayss_imp[15495][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15495][frequencyPeriodEnd]
Value: 1672982746
ad.mox.tv/ Name: _mwayss_camp_imp[2822][frequencyPeriodEnd]
Value: 1672982746
ad.mox.tv/ Name: _mwayss_imp[12260][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[12260][frequencyPeriodEnd]
Value: 1672982746
ad.mox.tv/ Name: _mwayss_camp_imp[1946][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[1946][frequencyPeriodEnd]
Value: 1672982746
ua.korrespondent.net/ Name: _pbjs_userid_consent_data
Value: 2024371239917068
.korrespondent.net/ Name: _pubcid
Value: 23274684-b7be-4951-8c0d-4847395a79fa
a4p.adpartner.pro/ Name: apuid
Value: 62cd1005-1bf6-4ec7-aef2-a766c7229a54
.korrespondent.net/ Name: __gfp_64b
Value: aQMnaqy3c.LO1E7bM2Pml2gmVpFPKMmx6qZz_2SXhFv.S7|1672896346
.admanmedia.com/ Name: admtr
Value: 295c6609-b825-419c-afbd-53628058b0c1
.admanmedia.com/ Name: ac_r
Value: CS160
.korrespondent.net/ Name: __cf_bm
Value: h2Sw5FHyXnTVMQbDkflQnXkBVMvxFC5.MyhKgivpL3U-1672896347-0-AdqnP2jMUd4AEvAy2w10oJjyf2aN+4NfEAjvV8FSgxgHhlseh1Gvc8yJpNDgS23H5X+Rby7vRPpA5artkvfnrh60WwDgnhD9zUVQXXAlLjRLCJhE8SJHp/UHiU6Q7AkaNV4Kg7QOMz+wUj0TxM2rM/tW6w17mV+Q8b2aig3a+tFQInijK7dHDP4Jif/WPXYqHw==
.adtelligent.com/ Name: vmuid
Value: 6245242d4e90647b
.adtelligent.com/ Name: a737612
Value: 295c6609-b825-419c-afbd-53628058b0c1
.hit.gemius.pl/ Name: Gtest
Value: KlGddRMGQMGG-c2l7KhybqiissGMXP8c25nSG6uFgR47XBG.
.adtelligent.com/ Name: a307558
Value: 62cd1005-1bf6-4ec7-aef2-a766c7229a54
.hit.gemius.pl/ Name: Gdyn
Value: KlQY9MXGQMGG-c2l7KhybqiissGMXP8c25nSG6uFgR47FRxSG7RrGS6Gt48BFlMQYH8W8jBGqSRxSG8.
.prebid.a-mo.net/ Name: __amc
Value: 1_1672896347_1672896347
ad.mox.tv/ Name: _mwayss_zone_imp[784][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[784][frequencyPeriodEnd]
Value: 1672982747
ad.mox.tv/ Name: _mwayss_imp[15630][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15630][frequencyPeriodEnd]
Value: 1672982747
ad.mox.tv/ Name: _mwayss_camp_imp[3084][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3084][frequencyPeriodEnd]
Value: 1672982747
ad.mox.tv/ Name: _mwayss_imp[15387][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15387][frequencyPeriodEnd]
Value: 1672982747
ad.mox.tv/ Name: _mwayss_camp_imp[4849][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[15653][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15653][frequencyPeriodEnd]
Value: 1672982747
ad.mox.tv/ Name: _mwayss_camp_imp[2822][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[15649][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15649][frequencyPeriodEnd]
Value: 1672982747
ad.mox.tv/ Name: _mwayss_camp_imp[2821][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[2821][frequencyPeriodEnd]
Value: 1672982747
ad.mox.tv/ Name: _mwayss_imp[14849][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[14849][frequencyPeriodEnd]
Value: 1672982747
ad.mox.tv/ Name: _mwayss_camp_imp[4599][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4599][frequencyPeriodEnd]
Value: 1672982747
.rubiconproject.com/ Name: khaos
Value: LCINAIYB-W-CJA6
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EiQ13a2g/lV2+QFbWGgM44fR/rFJVNr6iLR1fqA5ZiZqg8rif7+8FQ5xmH4tzl3vFygToz3WRmMGGlCtH3bHFbQQXFQM5ICNxAdOKW1qRBjyg==
.korrespondent.net/ Name: __gads
Value: ID=302a8a81bf8b866e:T=1672896347:S=ALNI_MYtonvVfbBEA8brh3bqFJ_U4eu0ww
.korrespondent.net/ Name: __gpi
Value: UID=00000b9d5af143fb:T=1672896347:RT=1672896347:S=ALNI_MaqLgDmrzYIzAqXOlb10WuW6ivkyg
.openx.net/ Name: i
Value: 23274684-b7be-4951-8c0d-4847395a79fa|1672896347
.adnxs.com/ Name: icu
Value: ChgIq9pcEAoYASABKAEw277ZnQY4AUABSAEQ277ZnQYYAA..
.adnxs.com/ Name: uuid2
Value: 6489809576130088528
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 567940=5264965
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1313617845%3B%24ql%3DHigh%3B%24qpc%3D93138%3B%24qt%3D25_176_7906t%3B%24dma%3D0
.admixer.net/ Name: am-uid
Value: d5a9d30249694b5e9885577a521e1c61
.smartadserver.com/ Name: pid
Value: 4709155431122781563
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1313617845%3B%24ql%3DHigh%3B%24qpc%3D93138%3B%24qt%3D25_176_7906t%3B%24dma%3D0&c=1&l=778303439&lo=-234712989&lt=638084931475725496&o=1
.doubleclick.net/ Name: IDE
Value: AHWqTUmKj-cQWJ3_u6fXH74GHhfM2eZKtQN3B-I49H8jYBQHuMICOK4tj78SHL26lEQ
.3lift.com/ Name: tluid
Value: 1735573490047053847386
.adfarm1.adition.com/ Name: UserID1
Value: 7185035104266221712
.yahoo.com/ Name: A3
Value: d=AQABBFxftmMCEFYuP4Qfq-Js4RW7Jdzh84gFEgEBAQGwt2PAYwAAAAAA_eMAAA&S=AQAAAjM41FA6710Pf95qQm5m_qA
.bidswitch.net/ Name: tuuid
Value: 4ca8d75a-8253-4a8a-8455-c02c0d93e050
.bidswitch.net/ Name: c
Value: 1672896348
.bidswitch.net/ Name: tuuid_lu
Value: 1672896348
.w55c.net/ Name: wfivefivec
Value: 0MonhMCS1PdiLa5
.w55c.net/ Name: matchgoogle
Value: 5
.bidswitch.net/ Name: google_push
Value: AavPq0PbLmMwC1EkUGmiW_Yv-4USSx9QvxPL1Rm_IZaQeRSRm9bIGvFvkQLyh51v0g0WPCqTotw5h1ojJgsIY0DvgBuj4RuBq2u0
.mathtag.com/ Name: uuid
Value: 6b5a63b6-5f5c-4e01-be27-94022feba0a2
.smartadserver.com/ Name: Trk0
Value: Value=1722121&Creation=05%2f01%2f2023+05%3a25%3a48
.yandex.ru/ Name: yuidss
Value: 6955789171672896348
.yandex.ru/ Name: yandexuid
Value: 6955789171672896348
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 9713d9504bf56567
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6cbb98e6-60aa-4468-877b-08718faca2b0"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzI4OTYzNDg7MjswMjHcYplc2oqJRvZ9CZS0pIpMnV3zaexF1xF/zlAl/+I5uw==
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2974:u=1:x=1:i=1672896348:t=1672982748:v=2:sig=AQHcv6-g7eMF1daRZIprTOtmr8ezNY5d"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adform.net/ Name: C
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A9czQj16SkR1rjYPNMUVFrg
.adform.net/ Name: uid
Value: 951816736145919925
.adform.net/ Name: TPC
Value: 1672896349345
.criteo.com/ Name: uid
Value: 821e5617-9d33-4f23-bc56-aed6a8c13bda
.openx.net/ Name: pd
Value: v2|1672896350|gekin0vNiygu
.korrespondent.net/ Name: cto_bundle
Value: ZQnoZV9ESWw0blBrTTlMcFQlMkJHeUhxY1diZkxESkhuc2N5bGNiSVRkUWdwVXhaM0JLcmFLOEwxNDE0VFdkR1Q5ZnJhRiUyQjk4NSUyQnlCejZnbENpZ0FhVXNCUTFqRWVRaUU3JTJGOWh1SEpZY1BtVHNxWHQ2Q0xHRUFIa1REZ0EzQTIxWUlwT3pmaTlSaHlxOG4xRGtjbHRmcDJSV20lMkJRJTNEJTNE
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 26324302-0D94-4CAE-9668-5F58D081266B
.quantserve.com/ Name: mc
Value: 63b65f5e-dbce5-6ce67-ef0fe
.korrespondent.net/ Name: cto_bidid
Value: Y__j-l9BTHZpdjJCU2pGNXVtWHk5QU9KaGRhMHV4cG8lMkJ1JTJGS2hwa1hSQXZmdWYyemZWMmRMeDJnVGlDTmJxV0pVa3dIT1poam42MG9kTE1IM3lkM1F2NmpyY29JUnRGdjNQMjczeWhzUnFIVlNZdkRqcW9JRGNScGpmQ2xEb1R1RSUyQk1xcA
.adtelligent.com/ Name: a319130
Value: 8e1d98f6-adf0-4603-bbb0-a30a913a90ae
.zeotap.com/ Name: zc
Value: 7187fadd-5e05-42b7-408d-19100587c445
.weborama.fr/ Name: AFFICHE_W
Value: l4Ahu3QM1jqX23
.simpli.fi/ Name: suid
Value: ABD98127C7004AF885174BFD946D5191
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6b5a63b6-5f5c-4e01-be27-94022feba0a2&KRTB&16736-uid:6b5a63b6-5f5c-4e01-be27-94022feba0a2&KRTB&23019-uid:6b5a63b6-5f5c-4e01-be27-94022feba0a2&KRTB&23114-uid:6b5a63b6-5f5c-4e01-be27-94022feba0a2
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6489809576130088528&KRTB&23339-6489809576130088528
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-951816736145919925&KRTB&23263-951816736145919925
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKv3VkVbdP3j0YIZtomrNhs&KRTB&16514-CAESEKv3VkVbdP3j0YIZtomrNhs&KRTB&23025-CAESEKv3VkVbdP3j0YIZtomrNhs&KRTB&23386-CAESEKv3VkVbdP3j0YIZtomrNhs
.de17a.com/ Name: guid
Value: 1.5027029190840815360
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5027029190840815360
.pubmatic.com/ Name: pi
Value: 156813:4
.pubmatic.com/ Name: SyncRTB3
Value: 1674172800%3A35%7C1674086400%3A99_165_8_166_204_234_7_220_71_55_88_214_13_233_81_176_21_238_254_251_161_56_3_54_22_243%7C1675468800%3A203%7C1673740800%3A63%7C1673481600%3A223_15_2%7C1678060800%3A69
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1674086400%3A227_245_241_201_235_226_221_219_197%7C1672963200%3A174
.quantserve.com/ Name: d
Value: EIMBEQH9J_ijCJiTAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~298t:18z8~298t"
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1672917953930
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH&KRTB&19420-XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH&KRTB&22979-XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH&KRTB&23403-XXLmWl4nsQlGJeYPDnSpWggksltGJOJcDSThhXxH
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7185035104266221712&KRTB&23278-7185035104266221712&KRTB&23369-7185035104266221712
.fiftyt.com/ Name: fifid
Value: 38c83e6c-07d9-4555-6e5d-dcb1239a9dcc
.csync.loopme.me/ Name: viewer_token
Value: 143c81ee-92bf-42b1-9a17-7d81b36149cc
ads.playground.xyz/ Name: connect.sid
Value: s%3AwoteTAp2__FEHB9becyOETiipqcuNMnI.5aUzT67mp2oSWnaSRezbxXbUHbwyaRcuhE495HEiM8Y
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_3450da91-f336-4433-8de7-843f46b4f046
.ctnsnet.com/ Name: cid_0e67943aff8b43df986127b547c04c1c
Value: 1
.turn.com/ Name: uid
Value: 2358122561087811743
.pubmatic.com/ Name: SPugT
Value: 1672896352
.adsby.bidtheatre.com/ Name: __kuid
Value: 6673b07d-bc49-4c16-a398-54f50a7329bd.442110354
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a700a8d0-135a-4b69-a320-84e6b71e6604-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2358122561087811743&KRTB&23150-2358122561087811743
.bidr.io/ Name: bito
Value: AACag07HbL8AACBJ-HnBfg
.bidr.io/ Name: bitoIsSecure
Value: ok
.fiftyt.com/ Name: cs
Value: MTY3Mjg5NjM1NHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fM8Wy24Ikj1YkbUwmrHwVuKtdQFXBaIroZQMvYfIytmg
.fiftyt.com/ Name: fppm
Value: 20230105052554
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-4ca8d75a-8253-4a8a-8455-c02c0d93e050
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y7ZfYgAJS9kWkwAo
.onaudience.com/ Name: done_redirects104
Value: 1
.scoota.co/ Name: tuuid
Value: d1b118ec-1b43-40cc-b001-9b0b5991e9bf
.scoota.co/ Name: c
Value: 1672896354
.scoota.co/ Name: tuuid_lu
Value: 1672896354
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y7ZfYgAJS9kWkwAo&KRTB&22978-Y7ZfYgAJS9kWkwAo&KRTB&23194-Y7ZfYgAJS9kWkwAo&KRTB&23209-Y7ZfYgAJS9kWkwAo
.semasio.net/ Name: SEUNCY
Value: 85B34F34DB645015
.onaudience.com/ Name: cookie
Value: ab292bc57899d901
.onaudience.com/ Name: done_redirects161
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d6257553-91e5-4540-6d9b-653ad7e1fa71.etmvVHZh991dr8WSn9Z9iORE9f3VP8DbpJhilSn9LA0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1iV1U5HlRUBtm2U61-H6cVD_CsY.oSqAIo4wpGEWMUbdoSzjh4fKpVdxtZ16ffR4WxgCE20
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-1iV1U5HlRUBtm2U61-H6cVD_CsY&KRTB&23334-1iV1U5HlRUBtm2U61-H6cVD_CsY&KRTB&23417-1iV1U5HlRUBtm2U61-H6cVD_CsY&KRTB&23426-1iV1U5HlRUBtm2U61-H6cVD_CsY
.audrte.com/ Name: arcki2
Value: 492zEp-KwbhTYeZ5OboOCw0zw!20220908!1672896354254!ip#80.255.10.198
.audrte.com/ Name: arcki2_pubmatic
Value: 26324302-0D94-4CAE-9668-5F58D081266B!20220908!1672896354257
.tribalfusion.com/ Name: ANON_ID
Value: asnseFxZduB7RApTrruFl4vUX7NppRTZcAKWC974nGpZcZaFd8UZbf6476Nev5o5EqLiW0Hl43i2nZar2kBGuh3I30
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 196397a0d05eab62
.onaudience.com/ Name: done_redirects147
Value: 1
.smartadserver.com/ Name: csync
Value: 79:821e5617-9d33-4f23-bc56-aed6a8c13bda|127:AACag07HbL8AACBJ-HnBfg
.gammaplatform.com/ Name: _aGeoIp
Value: JP|Sendai
.gammaplatform.com/ Name: _aUID
Value: 1c47j4gb8ohh
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1c47j4gb8ohh&KRTB&23446-1c47j4gb8ohh
.pubmatic.com/ Name: PugT
Value: 1672896353
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACag07HbL8AACBJ-HnBfg

6 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=784&height=600&width=300&tld=korrespondent.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6250382261&adk=3893601191&adf=206048565&pi=t.ma~as.6250382261&w=300&lmt=1672896347&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896346955&bpp=2&bdt=746&idt=476&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8359092071123&frm=20&pv=1&ga_vid=201022016.1672896347&ga_sid=1672896347&ga_hid=160236804&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31071219%2C44780792%2C31071351&oid=2&pvsid=2275458081435335&tmod=500851907&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7QH6uS6d3a&p=https%3A//ua.korrespondent.net&dtd=481
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=26324302-0D94-4CAE-9668-5F58D081266B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7a00e6cbb93fc9d0/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7GPoEAlsTgaanUjhhRYMjRQa
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=92565cd5fda9d127/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2700e911ced61b442b893d038eedc522.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mox.tv
ad.turn.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
adx.adform.net
an.yandex.ru
ap.lijit.com
apps.sascdn.com
aud.pubmatic.com
beacon-fra2.rubiconproject.com
bgstats.mox.tv
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cat.fr.eu.criteo.com
cat.nl.eu.criteo.com
cdn.contentspread.net
cdn.jsdelivr.net
cdn.membrana.media
cdn.umh.ua
cdnjs.cloudflare.com
ced-ns.sascdn.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
cs.admanmedia.com
csi.gstatic.com
csm.eu.criteo.net
csskor.ill.in.ua
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
euw1.smartadserver.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
h.holder.com.ua
hal9000.redintelligence.net
hal90009.redintelligence.net
hbopenbid.pubmatic.com
i.holder.com.ua
ib.adnxs.com
ic.tynt.com
id.korrespondent.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
ipac.ctnsnet.com
jskor.ill.in.ua
kor.ill.in.ua
korrespondent.net
lb.eu-1-id5-sync.com
loada.exelator.com
ls.hit.gemius.pl
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
membrana-cdn.media
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pix.eu.criteo.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
player.adtcdn.com
player.adtelligent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.i.ua
r.scoota.co
rr3---sn-4g5ednld.googlevideo.com
rtb-csync.smartadserver.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
tags.mathtag.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
ua.korrespondent.net
ui.ill.in.ua
uipglob.semasio.net
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
www14.smartadserver.com
x.bidswitch.net
ym-tack.b-cdn.net
z.cdn.adtarget.market
z.cdn.umh.ua
104.18.2.81
104.96.145.246
138.199.37.230
138.201.63.149
141.94.171.215
141.94.240.141
141.95.98.65
142.250.180.226
146.0.227.110
146.59.30.100
147.75.85.234
15.197.193.217
151.101.194.49
151.101.65.108
159.65.194.197
162.19.138.117
167.71.9.19
178.250.0.160
178.250.2.146
178.250.2.148
178.250.2.151
18.185.180.247
185.172.90.252
185.184.8.90
185.29.132.246
185.29.134.244
185.64.189.110
185.64.189.112
185.64.189.229
185.64.190.81
185.86.138.121
185.86.139.57
185.89.210.244
185.89.211.12
193.29.200.140
193.29.200.151
193.29.200.154
193.29.200.157
195.5.165.20
198.148.27.139
198.47.127.19
2001:678:cb4:bbbb::11
212.32.253.229
212.8.250.83
213.155.156.167
213.19.147.44
216.52.2.48
23.35.236.201
2400:52e0:1e00::1055:1
2602:803:c003:200::41
2602:803:c004:200::152
2606:4700:10::6816:1957
2606:4700:20::681a:9a9
2606:4700::6810:5714
2606:4700::6810:7caf
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:1fb6
2607:f8b0:400c:c38::5e
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:5d::8
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:811::200e
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400d:802::2001
2a00:1450:400d:803::2003
2a00:1450:400d:808::2001
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9c
2a02:2638:1::13
2a02:2638:1::17
2a02:2638:1::1a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::8
2a02:2638::b
2a02:26f0:6c00::210:ba1b
2a02:26f0:f700:d::212:4f67
2a02:6b8::90
2a02:fa8:8806:12::1400
2a05:d018:d29:3605:9af0:2701:a426:d747
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.122.189.188
3.126.56.137
34.102.253.54
34.111.129.221
34.111.131.239
34.193.201.64
34.254.143.3
35.186.193.173
35.186.253.211
35.201.96.126
35.204.74.118
35.214.223.115
35.244.159.8
37.157.2.249
37.157.5.141
37.157.6.253
45.133.44.4
5.161.54.172
51.222.80.231
51.83.200.186
51.89.9.253
52.209.54.253
52.220.229.2
52.28.67.171
52.29.237.148
52.29.52.153
52.30.188.40
52.46.130.91
52.50.45.218
54.36.108.3
54.38.197.123
54.80.38.94
62.149.1.122
67.202.105.33
67.220.226.233
69.173.144.138
69.173.144.139
72.251.241.206
76.223.111.18
77.243.60.138
78.159.118.240
78.46.23.46
80.77.87.162
81.17.55.161
81.17.55.98
85.114.159.93
91.198.36.26
91.198.36.35
91.218.215.4
92.123.37.164
98.98.134.242
0078be67aaf882dd4cd6af79f261dd76b81250542fbd1b75f44f0ae38ac47583
039f119636265f82427e7e3e88ae85ed4695d5e2b505f2a0d1ff6408ae687b8c
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0661fcbff20234623597717e39e6fcd45c580395efa1aa82b0297ff7272c88fa
06791294f0ca74ee9ef7e57b62a7146f312e3e86f1bd8ced3b51e01de3dcec70
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0a8f7efbd95f4afdbade77c4e5d33f9b340e23e262c59791121c00547cc96cee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0fdade545083710ec2c14b2d97bcacf4254ade19d5b17213c37dcb086ff7ac2c
11449813770e57069d077ac0ad5beb3f7406204c87d961ba1b53c30dba58b3c9
11b7b963da331262ebb3bdc870947dbbf043be417fdcf5e237a8e1da16f77418
123cc1d2037e661a7407aa87e142e1739a1c150e7cf96da0296ef7ee54327cc6
1560cfa1deaf7443a0ed13098ce9bccbc2ca4460ab18757ddffd24e3418ec70e
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
163793b0136e364b44f65c3bcb3466d18c86375952d35d398caca02ee9ce36de
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1885450c0476075437b5f7356ec5dc33fa5179e850cc4dbf59c29f37744818f5
18ffedde6fd7c836769212f118780e54946783ba060fe4952455c562a7216ccd
196a86d240f0ad1ad368f169a1ed3b601c15cfda7503f5ccd0ba7df534ca57cc
1ade3fb8937782599e32e0a6cd8ed5eb4a7210ef268278fc1e3f511ea83a8bbf
1b7d54df0d6bd98fa7b739a6f2ae7afd37d313f31ccbb4724c5cb7144bd358f1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d12945e8815260a4d2b2dd486a2902bd40318192c64627ca4b49848aa939c39
1e707652012830c1500f85082769de49051cd57fa1cffc87100262bb46a7f7f4
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
214227a16b4ff571023cbfabe1a74a46b33fb30abbcd8d1a722ae12e3afeb794
2356de1d2ca4b622f2949c68f0659a08d577e86204c4700c439132c5164d17ba
235ba1a602b529f25526ef25a9a25b47ecadf44d567090132758160ea09a9b26
257ae897eb8307e45ebba08e4b65969625e876e20d3b99c9593f3e5bab3f7db0
2653614c0457a7f9f40d825e71f3234bfbab69a3024e96718347e59f896bb5d3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26dc9aca8f2ab8bbb58b5e9e5918988475e42f7cffad974698a71b2addc6ec5b
2791dcb76821658dce3165022548a9d1032f4c99efe7acfaafdd6327cbd88129
2859264cf885fc512a4033fde27f77b598fd8ab20e281a4999abb2418f6fd339
28a458241c298563c927dc67dc871bd0eed1d7b01ae37d86bebfab05921b1089
2a29a385c4123dcb600933b5ef307f1a9e30a3a48633c8e85781307e4c66903e
2aa38f694d0c317108f531ccc45f7914bc46d1d483073da07d7add3f09092ab9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b45c12254e4053b4c9470a6d0f2783ea8961b4aa2074c4009141804a9ad29d8
2ba522dbe91ca07ea8e0777ee923faec55ebe83a984bcc682b5211b3868b361d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3224cd51f4161d44547a1f5a57a5566582c3d6a690d2212af8a0a8739d0c8e0e
33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d
3449f421236175f31e5e18ebc2813cbfdd25cefb62708ae475ba6a6c12011d87
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37ada64efe4fc1e9f13520dbcfd410c3be687e607ff909b08dab0cbbe5744c81
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b9ffb60a3dc9ac99ad7043374b97d0c418e4dfc626152ec1b2346c3e866f7d3
3c57a76ffab9a7bf8bb3962e858e632ee6d788b3b77d4c5818e0b05466695518
3c914c5ec7768654dc4f35534b46d2da72708c4db16148a833ce1847b893f60a
3c9ed1a704d65c85ecc67b0add68595fd1b17ffd1cca1be2eadbe1a39127d931
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41212afc0616bb1bdb253c2803d89b4946d838dcbf7f53f34d701fff7976e67b
421d251f38fc878372dc77db199603c46eb47bc06292681277baef3057b17e75
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
433bbd46d6327d977d17f8123e30a1f7f8326e8d81bc9b8b73e4e15ef8e17aca
438dced13f377cbe768f7067bc447b8439817a702fdef683a9e826b2bebbcef2
4420ea692c662405840a6b76be19da76ecd585025bbdbcd4e8e44ad5ef6f6dc5
4551f93cad15c0b5e39f2fbffafc5d205ce1dce8aa9205c7ec077bc488c60282
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d
47fb80d01d144501a3c85ec46b97ac3a227d3f62fe45ebfb471bc7033e93fc6a
48517a9e498b7d417079c4f0a4be3ab0bf1747d077fbd44ea7db4450a0c2a4f2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b2d8d487376553bd276e2d91652ea0a76c01fbc86f383d30656e38d40d042cf
4c547f5619b0538da7afde371a48a5d471ae1e22de94545652e93084134664f7
4c6d0518b82f658b11bf55cb276e28d995879ef31c461f0db9348a3933aae44c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
502295ad56fe3027bdaa75c06c26a00f42b9922cd3eec775b976d9fb0992ae44
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55780628835031bd65b3fa4861a215288a307b470e1a624767c1a4f42e4534ac
558968b6feb769746563b5d7cc021cbcb899615ac739d8a8fc2b29e811c6402f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dfb0c2aa1b37a0b51127443c74062de5c896cb55001ad37dbfd55206da65cf
56780391ddd93a37506a3fb9436c43577bd89514af041cdace895f70b249e124
56cc563638546e25a5e97f58eed5dbf24cdadf7301033ae6e570452f40d7d19b
5780a68812f39ad98db9efe980b59c71d7fb5f1958a9bd445f1f1e62aea5ca33
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
58cdcc46c580c74777792a4a5301b05ac6c92f319d2f70b445e6a0fcc9d38934
5a9b96223920dadf0979807678b7570cc07d2fb7cea2a0143d369153eeca0bab
5bdff1e31c4267812733c8474c6622e0716c038c4ee345c40ad1c337b40ac45e
5d49e823385c871048e49fee52b7c313323bf5f1ddb63241726f15ff4d9046b7
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
5e74aaaf00469b92ba08038f76d2990c17d412e670f57d938f802f47e7ddd0d5
60aae86f80ee4aa05d946021545daa8a65d116424759e5c6c82d63a8e6dd4cfe
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6258de8cb218dbc19f35d85e2ee98e06c7943e5c9086456aeaf587fc217bd340
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6647a0e10af9621efe86fed73188af4616634410dc3ff2e26661627f32cc8f70
66654dcab43929e17cd72c307a93f3da9d7eba570a3b5cc4d4fd744a2a2a69f8
66f5704be34cbc1ffab276bedc17383c3135df4305e728ffe6378d10e87b14da
6823fae2120a42019983e3aa4e8cb0f6d3f6cb5e2dcbd2ef155ca1dfabb8027d
6c9093dd597b271c1ef727a66cb1f5958d475afeba07bef845fa26d14269eb95
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6cd7b62c3b6259face787eac59bc706010d3c8862fac2f4f8c5ee4bee444ca3b
6e5382e18d016ff4973bd20c09545ad90265ef2528177dd95c95fc3e22bfe710
6f4eb2c5048bce11d08ee5bbb48771b6c1ac1523e9eba6b43ab3de3e56b6a328
71290a2d1972e2fa3a41731d7297b5b1bfb2b54906d10f7f9f5c2c76f8387eec
718320417cdecc80c1ac84dbec09d347b23ed8bb65fc78b5922d3ab91ee040c7
72323ad074da00a905d03bffc7642f236a35aa5446c2fa1ecca5869c06595af1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
727f49b85469cbe1724a2c23e9cbdbe1eaef8cebfb3f4ab8168ad93c418216eb
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7436339e9c616435803a63d0efe75ea4ccda17a421244ecd2c88ebce5c8925a4
7472dc6e12344fb0a0f07d3d7dc576604a122f21e80a2f9463139b4daff4ddbd
75c28fb6d9751a17b19260658180bd5baf6cf9254ec736a43b3177d2583b9027
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77fa6784ba1c4fd642491e4b37294bc009369b9155d8bb3c7ac681d3fdf68f5c
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7c4691c428db49cff43f7ed3fb1984c069add10543755acfbf6e588ad3b61fa0
7c6bbdbc2956f7238a7c3d660352572b57115e2395264685193613a24857c44c
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
816d884ab37398c30e9fc614a96a8a4ec2a538d46b7b87cbbb52edacbc918ee2
8257da221b0d01bf5b45262f9ffa1e42b2777e58b529f270673494ee35c0446a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ab5047e820c4c9edf0823374a8a31e0119fae38f345a88caa81b46184dfe5d
84510fffe17fea544ae340bc9373b62106bfccc148f93e8ac4bbed045c64e9a2
8460872a2dc97551965a50d6f69a321e4e4dc5ffc8cb048fe5e49fc993857a47
84ae1187eecddaa96c4013cf61ef074f518753f4ed4a913b2d56d7b251026161
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fa04e69a6eebf71542b304a3dea085ecd9b4cd099a3b46695f29e253165283
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
864452b07e3930367ab8b5a434d75d14b46697b2248c53300ddc1a3f2bf2431a
8720ac889eca509f841c14192084ecb290535d710167bf2da82786f7c4e4865c
87b573ca8f940e2fbf828d87a415f81084aedab1e27eecc6d6109640031bf108
8822db0a6be1753a351f8763aed612e920daef51f9dd9ac2cfeaef59dc896411
895c88b770ad935d3cd2f05a2a61c3a01434c2fd3950737e65c6c4cd32295f86
898e180e28f0d79507e9383a6f58303043c24013cca819f7451381562f323093
89e0c888f3370962831869b407034daafaa6c60858e9f27b95275439c18697c9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8abf4e322198a4efb1dbd2cb694f25f59ec388be4ca4f672fc27192057777e08
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d759c131f8033b592583dacbe2c6e7084e9f0c33f1cf7f331278d4a7ba34b14
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f917db46db4180828a67d8dad1030866f64ba1f7f0a16c089a6c7f3d22fc141
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
90102a5b0d498a0928a1923216a5e922fa4dd138a5c7ecad85c6f5b6cdd6bdab
904408dd813b83b92532754d2c86ad72e0c9e9fc16b4feaff36e1ba8c86dbb0a
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91f6471f6d691a07494de655ba2717d0bc11b5dc421751a15891027f16defb03
94008ac1b103d53145e14663ce8aa0d6003dd9d0c1233589b3fb4e208aa056f7
94ee01b834f269901d7c4f0c0b2ae156d3c22f47af3cf12fc00dd10756df9baa
97a6bc1e37189dd5611ef2fbb065a066d38e8915c35506cd9122c7f85848b0a4
97d6a5b855af39208b95b7b0a1592ab6027e0152f4a8e9549a7bb51b13d384eb
9828d25ef1705f68eaabd01cce175fa6cea1a3187dc576d216913f57b40745b1
987544d69ee0587d6abfbb15df64a523d877b9a209973114eb5f4983faf3e319
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4a81b8702da0f5ed9489c64087a49723526701acbe8d667b0da9cac62c19e1
9d51e2bd1708ec4ea42f8031441056c5341a59274608e84def0d79969e43cb24
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dae1075f280ebc826d1d5700465b237ae590906ab789dff02bc1a295ace6ed1
9dbb324d67066a63144fea4d2ebf8ce411f4d3a381269cc5382347e12fd92b4d
9ed325bb4e1bd9f76da8039c87602d63b91e6963d6bf830e62d938a1b90cd133
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1f0cd9d254af40dc90716a04c761790f5b4371f60ab4f8ae83670f5002eda8a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3256b04b573be120eb8c8fb62bea9048ee1f03b60abcc0df6f526152b905600
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5051f275b34bded23e96a75d93cddae64b3f51247efd5f8ca1f572110a3fc2c
a58c45b495338481a91c73729bf3916ce6c7d8e9f0566c0e731a7a3da7dba81c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a76f24751c60482785cd5e36cbae38547164ec65fe473673074e08d6a8ecd895
a8ac64da60836b2737c3e78283141cc234149b1840d8264205da0a4e8358546c
aa850796db9400b694644339634f8708ffd14e3ac9843972954dcb4571dcb939
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
ac6854473a06bdf8d3add4b8ace1c53eba4bcf88c0df3adf78ed6243fab5a04e
ac865074db1731cbb32f6bece1e94a03ba10be667d82a0e02889c4007f871547
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adc8699a07b50b1ef7757edbc6be50d330697f0eee0ed7446e358cf82dfac49e
ae5327265bbba843da99133404e2d9279bef3c29e6399ff26a262f943c53deb5
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af6592d435a34ae2cbc384c908b2000e3a33f3c3d7bace1a84ba7880a8a80d9e
afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27333af05b570091fdd8aab4d0954598829078a43518ae8bf68a188d0121ace
b3458ac0dae1a2b61f103de1f78bb608f3054568df32092d0fce305ecb622df4
b373137e3f25d6ba88763bf357b34625ae79e7614cd02ae653b39a3cd7a65fc3
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5306bf00846a1d1b4bfb0b875371f47687f210e976254900069836dafd040af
b54c328d57640f55808863d1376eadfb1c402c56204f1e9b5f7e2c0d48c4ab76
b5eec69f83a33a2f3a612fc6e638ef0e08a2de8328d9f2c43a397c9d1147f604
b62b8abef0ed199e767aa2fa05912c37b41a0f4ec975d32272ec09d55940d80c
b66a0b006a7085e67e75317da43b0b68569dfd2f7bea033798195cfdbfaa93ae
b7fc4571cac3f9bba6a37436dea708880aaab7883783f6555a814ef587ba6406
b909fe4dd0891abb06de850210f368fa1750ca12e0b2d384c0e5528c19bb4fc2
b97623e85d1b1f723d972ef17df1203ddaeaf32bd8aa581ee7d3754a4b69d317
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc3b3dd0dea4a4cd7d8952359b4e76719500fd17e4b50d38b9fecf028c3f46d1
bc788950c34406808d0a6d40ee7d7a0a585a3cebcd266cb72b1a4a8a252f1331
bc9105637e42189728e4705411ca8eb35cae179871b57f4dc3f736289aa9bd05
bcab73e79e54f5f8b0cf77546f937aaf4aed60947fc1e4a7801813ed34728c4f
bcd0cd7d131396368ab07c7c6e63897dad1b92ff4b4ef32a7761a02ab48dd5a1
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf4f2d6e00637ad9bc3a640a14690a3e400b8d50da3b1942e411cf34a018ed7a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c306af4800d787c37f20c97706772c16af254c451a5ab8369cdc000dcbe9d069
c424aefd3075dfe493a1225dac35720fca9b90d31b502819b8cb2ac16efe6246
c5cad78844631f748de4f5526652f08ae1504dce421b6e8dcd796af07e639ac5
c66b6978e1b73f1f7cc61cf3ec4d8d4b14718fc51f12dbb4276c563a177f7286
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9de20ca15c161b2f4627cc2d7ebc06db541f548a6d8b650440ca9de25c622ff
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cafe2ccc723f38d12406fdcc2b9777f7f89363a39bbd09c91bb75876f24141fe
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cefac0898ee1d19ff1fc498113e6f7b81a0f5a6e63b3ae72106cde5d0454bc01
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbd2f7e0e6fad9b99a3dbeedc40c15df1a4d83d72bc27251698239990f735e5
d035a43db6aa75479b915c5688199be3f93f60a479c1df19ad8166b419ffc322
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d169a4b4bf7e00787e12931b5c2040d76f6995b3ba3f06050274b28644b47d86
d213970a5b57a0dfffec6c77c27ccf772040668eeb33298064dfb27315feb85f
d2a322adfb7a108dbc35e607fd01c7ebfa9dacd761e1da45a58e3414b4dca34a
d2fbad9636c1fb1ddc3e083984f2b5d3a955a32fdb6247876aabee203958e7dc
d764c0451887c56d82c4a83cc4a248d637611bf1963a4b0dfecc10cae3d238ca
daa9c1c00563b973df8c5dad719b8670a599a9465ba9bbac4d222c586b538571
dc511af72f496bc1bf4709ebc8568b3e30a0c088d0e3326840ab9dac0f5305d4
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
dd4fb84ef463207662efa03dbd05515afb3aee6a71fa7c5e56e7b0b13504a7b4
dd89c698f5518b8e74892fd52085772390a4cb078ff04939584650c0d3507c67
de19fc50db39806c89ff5c6d9dc50db7f4c1a7414b89124b3ec0b70a4487d299
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea8fbbd77c9ca2dae43026b68ddd46da2490d4f0138a7bd53e4181939f622c1
dee64cfa2b35f3939ac0361adb223c197bf701c412e6e13002f77d4cbd10bcbf
df081b65cb9384fb2d895c3d61ae82d0539fd694ccd6dfba8403b0e1b4ac3554
df9b40919d4c89ac47aa1f8e6fafaf0a1003eeb3054647300063a936abd173ab
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e12a2c1c361ea32bb1c2d85f2aa7bcf31380cc7bd8af1b71a9400a3aeb4faa99
e14c7395df7420386631df5de99376d4faacd7743a34860db231bac06b7a4f36
e285a682b03da689303b5c67f387ab0517ade17b3295d67b0568082b8dc42b7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e59ad0baa91c191f241e7dab8437d3b6ce5f262d0f16e5816a72ae505d10689f
e5a6847946776e66edd0b216204b5dfc711ab54e985168970aec209cb9d96312
e707787de39cf51760b733497ea2d80ed883ff253ada8df2854a14cfefb11754
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea1044945159787b97f096175f2249bc31ac60fbd500f8a7771ec12a349f8550
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eda53a126b9ad636ada21bc74b0e54c5dfa526083e7a876b17eb90061254d275
ee83c984c733b9c55a91f42e6cf39ba90c22bc0789296f4b7a5ec189ef24afbc
eec5b1943d3f7b4220a9b6f96c733ff80bd8a80c389927fbd017c4e250919517
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0047ee3299a2f20f42137991f05098936ae8629c97e0bbefa39d136130e5081
f1641e6a69d92d2953b6b2cad7f6c85ab9f0769d05697c8da0a91c7521c86820
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2c977552cc421fb87b59aeff237a28a451165db6bb2c1debd59f1392447eff3
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f58cfda56b062e9b72bf642c7ef744ab84932e1a77d3a32c60db08552cfcb418
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f61f44c6d0ea36d265d85185cfa78fc98f3312acee6764c82d5c445373cfea2d
f6382edc5547efecdf3436b0542e0b99e14c6587b43f9e1e5567483daf091409
fc4ed496dbfbe15b4b76827894045f3abd3718f08dd6b28f48e0965d62cbf83a
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fdbbb1faa15e41cd9417b5ac8ad144c3bde0c031f3e0e6a05a4bb1385c902e4b
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c
fe0734e778efc3e0b28e778bd852383cfec979540a86ce9ea5c2bb88f4d74400
fe8d8a20b860472eec7aa2d5fdb7e82345751fe77336c48b613c91bcc49e95be