urlscan.io logo urlscan.io
SecurityTrails logo

primerinforme.com Open in urlscan Pro
104.26.3.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1erinforme.com/
Effective URL: https://primerinforme.com/
Submission: On January 22 via api from ES — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 10 countries across 51 domains to perform 204 HTTP transactions. The main IP is 104.26.3.164, located in United States and belongs to CLOUDFLARENET, US. The main domain is primerinforme.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time primerinforme.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 104.21.1.8 13335 (CLOUDFLAR...)
3 192.0.76.3 2635 (AUTOMATTIC)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
24 104.26.3.164 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
6 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 151.101.2.137 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 3.129.250.65 16509 (AMAZON-02)
1 1 66.155.71.150 13768 (COGECO-PEER1)
3 52.57.69.138 16509 (AMAZON-02)
5 5 3.126.65.212 16509 (AMAZON-02)
6 6 142.250.186.162 15169 (GOOGLE)
1 99.83.189.147 16509 (AMAZON-02)
5 2.21.142.210 16625 (AKAMAI-AS)
6 151.139.128.11 20446 (HIGHWINDS3)
4 146.20.128.39 27357 (RACKSPACE)
12 146.20.128.59 27357 (RACKSPACE)
3 3 2001:678:cb4:... 56396 (AMOBEE)
4 143.204.95.188 16509 (AMAZON-02)
9 146.20.128.138 27357 (RACKSPACE)
2 37.157.6.245 198622 (ADFORM)
1 185.94.180.124 35220 (SPOTX-AMS)
4 3.122.136.79 16509 (AMAZON-02)
19 2.18.233.180 16625 (AKAMAI-AS)
2 2600:9000:236... 16509 (AMAZON-02)
1 7 37.252.172.37 29990 (ASN-APPNEX)
3 185.64.190.78 62713 (AS-PUBMATIC)
3 4 37.157.3.29 198622 (ADFORM)
2 2 213.155.156.168 1299 (TWELVE99 ...)
5 185.64.189.110 62713 (AS-PUBMATIC)
2 2 185.29.132.245 30419 (MEDIAMATH...)
6 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 198.47.127.20 62713 (AS-PUBMATIC)
3 3 51.210.112.63 16276 (OVH)
4 4 52.223.40.198 16509 (AMAZON-02)
2 2 52.215.102.174 16509 (AMAZON-02)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 169.50.137.184 36351 (SOFTLAYER)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 185.64.189.111 62713 (AS-PUBMATIC)
1 1 85.114.159.93 ()
2 2 35.201.96.126 ()
1 185.64.189.229 ()
1 2 77.243.60.138 ()
1 2a05:d018:d29... ()
2 2 18.156.0.31 ()
1 1 146.0.227.110 ()
1 2a02:fa8:8806... ()
1 3.139.192.142 ()
204 43
15    2606:4700:3033::ac43:b62d (United States)

ASN13335 (CLOUDFLARENET, US)
1erinforme.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    104.21.1.8 (None, )

ASN13335 (CLOUDFLARENET, US)
tags.newdreamglobal.com
3    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
5    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
24    104.26.3.164 (United States)

ASN13335 (CLOUDFLARENET, US)
primerinforme.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
5    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    52.57.69.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-69-138.eu-central-1.compute.amazonaws.com
a.vidoomy.com
5    3.126.65.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-65-212.eu-central-1.compute.amazonaws.com
x.bidswitch.net
6    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    99.83.189.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae6a0aaac8071ff4b.awsglobalaccelerator.com
stg.vidoomy.com
5    2.21.142.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
6    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
4    146.20.128.39 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
12    146.20.128.59 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
9    146.20.128.138 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
2    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
4    3.122.136.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
19    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
2    2600:9000:236e:3400:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
7    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
5    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    52.215.102.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
1    2a05:d018:d29:3602:136:97c8:e62d:2cb2 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
1    146.0.227.110 (None, )

ASN- ()
inv-nets.admixer.net
1    2a02:fa8:8806:12::1400 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    3.139.192.142 (None, )

ASN- ()
vid-io-cle.springserve.com
Apex Domain
Subdomains		 Transfer
38 pubmatic.com
vpaid.pubmatic.com — Cisco Umbrella Rank: 5222
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
image2.pubmatic.com — Cisco Umbrella Rank: 1032
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 848
vid.pubmatic.com — Cisco Umbrella Rank: 7994
aktrack.pubmatic.com — Cisco Umbrella Rank: 924
aud.pubmatic.com
222 KB
31 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 14910
v.lkqd.net — Cisco Umbrella Rank: 4281
cs.lkqd.net — Cisco Umbrella Rank: 3302 Failed
t.lkqd.net — Cisco Umbrella Rank: 9271
150 KB
24 primerinforme.com
primerinforme.com
2 MB
15 1erinforme.com
1erinforme.com
111 KB
13 doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 462
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
291 KB
9 newdreamglobal.com
tags.newdreamglobal.com — Cisco Umbrella Rank: 141090
282 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
8 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4833
c1.adform.net — Cisco Umbrella Rank: 608
3 KB
5 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
8 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
3 KB
5 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 18596
a.vidoomy.com — Cisco Umbrella Rank: 11100
stg.vidoomy.com — Cisco Umbrella Rank: 20823
7 KB
5 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438
114 KB
5 gstatic.com
fonts.gstatic.com
283 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
40 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 47
64 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
2 KB
4 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1127
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
40 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
3 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
1 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
1 KB
3 springserve.com
vpaid.springserve.com — Cisco Umbrella Rank: 8109
vid-io-cle.springserve.com
175 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
1 KB
3 wp.com
stats.wp.com — Cisco Umbrella Rank: 2822
pixel.wp.com — Cisco Umbrella Rank: 2494
6 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
637 B
2 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3412
cds.connatix.com — Cisco Umbrella Rank: 3516
245 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
72 KB
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 admixer.net
inv-nets.admixer.net
584 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 424
541 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
610 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 691
362 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 405
1 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
263 B
0 taboola.com Failed
trc.taboola.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 1rx.io Failed
sync.1rx.io Failed
0 ad4m.at Failed
ad4m.at Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 erne.co Failed
green.erne.co Failed
0 loopme.me Failed
csync.loopme.me Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 audrte.com Failed
a.audrte.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
204 51
Domain Requested by
24 primerinforme.com 1erinforme.com
primerinforme.com
15 1erinforme.com 1 redirects 1erinforme.com
12 cs.lkqd.net ad.lkqd.net
9 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.com
blank
9 t.lkqd.net ad.lkqd.net
9 tags.newdreamglobal.com 1erinforme.com
primerinforme.com
tags.newdreamglobal.com
7 ads.pubmatic.com vpaid.pubmatic.com
7 ib.adnxs.com 1 redirects vpaid.springserve.com
6 simage2.pubmatic.com ads.pubmatic.com
6 ad.lkqd.net 1erinforme.com
ad.lkqd.net
6 cm.g.doubleclick.net 6 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 ads.stickyadstv.com ad.lkqd.net
5 x.bidswitch.net 5 redirects
5 fundingchoicesmessages.google.com tags.newdreamglobal.com
securepubads.g.doubleclick.net
5 securepubads.g.doubleclick.net tags.newdreamglobal.com
securepubads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
5 www.google-analytics.com 1erinforme.com
www.google-analytics.com
primerinforme.com
4 match.adsrvr.org 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ads.adaptv.advertising.com ad.lkqd.net
vpaid.springserve.com
4 c.amazon-adsystem.com tags.newdreamglobal.com
c.amazon-adsystem.com
4 v.lkqd.net ad.lkqd.net
3 aktrack.pubmatic.com
3 pixel.onaudience.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 ad.turn.com 3 redirects
3 a.vidoomy.com 1erinforme.com
ad.lkqd.net
3 fonts.googleapis.com 1erinforme.com
primerinforme.com
2 ups.analytics.yahoo.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 vid.pubmatic.com vpaid.pubmatic.com
2 mwzeom.zeotap.com
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 vpaid.springserve.com ad.lkqd.net
2 adx.adform.net ad.lkqd.net
2 stats.wp.com 1erinforme.com
primerinforme.com
2 www.googletagmanager.com 1erinforme.com
primerinforme.com
2 ajax.googleapis.com 1erinforme.com
primerinforme.com
1 vid-io-cle.springserve.com vpaid.springserve.com
1 pubmatic-match.dotomi.com
1 inv-nets.admixer.net 1 redirects
1 pr-bh.ybp.yahoo.com
1 aud.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi
1 spl.zeotap.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 search.spotxchange.com ad.lkqd.net
1 stg.vidoomy.com
1 pixel-sync.sitescout.com 1 redirects
1 ads.vidoomy.com tags.newdreamglobal.com
1 cds.connatix.com
1 cd.connatix.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 pixel.wp.com primerinforme.com
1 pubads.g.doubleclick.net tags.newdreamglobal.com
0 trc.taboola.com Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 sync.1rx.io Failed ads.pubmatic.com
0 ad4m.at Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 green.erne.co Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 match.adsby.bidtheatre.com Failed
0 a.audrte.com Failed
0 match.prod.bidr.io Failed ads.pubmatic.com
0 sync.srv.stackadapt.com Failed ads.pubmatic.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
204 74

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
open.spotify.com
agenciarubik.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-12 -
2022-07-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
ad.lkqd.net
R3		 2021-12-02 -
2022-03-02		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.springserve.com
Amazon		 2021-04-30 -
2022-05-29		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh

This page contains 36 frames:

Primary Page: https://primerinforme.com/
Frame ID: AE0E169C6798D51DB8C2875F3C1F5862
Requests: 107 HTTP requests in this frame

Frame: https://cds.connatix.com/p/146963/connatix.playspace.dc.js
Frame ID: AB9936179AE9CD39236CD2A14E0A9920
Requests: 1 HTTP requests in this frame

Frame: https://tags.newdreamglobal.com/viewability/gtsur.newglobal.dfp.min.js?v=1.1.4.3
Frame ID: D8135E48A44A33A485C1BDB778580CE0
Requests: 3 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 27E14709CFE961AC19C0C4146A4B4961
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: A770B5A5DAAC8289F3451EA008CA6D02
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 1EAE20435A669B0FBDE67A9B47C8767C
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 28176B80A822FB223F399853C0C26654
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: BAC2A670950981D1DA0C0BF58AE33934
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 48B08E02C0CCD9DDFC1D2304662E094F
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 5453462BB7AA27B620FB7A7BE7167398
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 324D3E0A814C1B75CAF606EDC6D0BBD3
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C1094381C5D33ED7BCCDE70BF331E343
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 82DA365183B744108AE553324FB51017
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_99304143.js
Frame ID: 48804B6834315324B4686126E768B21F
Requests: 11 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Frame ID: B9EC7440D185C03683014A92FD7EED8C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D52342B8A8EB0FF9171181882AA3B8F8
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=04D52FB6-6642-4789-B6BE-6C153E86A92E
Frame ID: 608B542F0392EA8A631294FCF641A335
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4333243253603985210
Frame ID: 22A2DDAADE3B887A7A6EA4B9C6597D8A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f5bf61eb-4d05-4800-84f8-336fb7eee0d5&gdpr=0&gdpr_consent=
Frame ID: 5F4241059E748AD7051954B542DFDF8C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 93622C685D60C625FA29E7B57CFFB898
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Frame ID: 11C5C3AF591893951F2B6EF2B4B25540
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 28AC404B2890AEEBAD4E7B9EF6B40507
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7055817929376397455
Frame ID: 5902C07D7E162DDF0A6DEBA355227323
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 1DEC67362EDC39C505A8A610CBB06EB7
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11
Frame ID: 1848F50BFE24DD5710DF0CAAD5F43ECF
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: A6EFA67447CE9866B4EC3555AEAE76A8
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_99304143.js
Frame ID: FD0F200B8D3DD9E807D1D33B73C2BAEE
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628734,,
Frame ID: 3D53AE097CFCC5345884E043C3882828
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 60084A49D24A35619E0F81695DC8A94A
Requests: 2 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: 76CE6C59EAF365F7B1C3EEBC13B502AD
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm
Frame ID: 765136FB82A2DD8E63CF8FF001AA000E
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4B077063F18B6864F01DD0BC65A02748
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: F39D1CA921CCE5F8FD84ECCB16CF53A2
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Frame ID: E04C8473787E192D3646ED9FEDC72246
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: B0E6BD932F9835745A7878E4DE711697
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Frame ID: AA6B5C06410949EE426C0B11C653CFDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Primer Informe - Última información sobre Venezuela

Page URL History Show full URLs

  1. http://1erinforme.com/ HTTP 301
    https://1erinforme.com/ Page URL
  2. https://primerinforme.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

204
Requests

83 %
HTTPS

25 %
IPv6

51
Domains

74
Subdomains

43
IPs

10
Countries

4208 kB
Transfer

9760 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1erinforme.com/ HTTP 301
    https://1erinforme.com/ Page URL
  2. https://primerinforme.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://1erinforme.com/ HTTP 301
  • https://1erinforme.com/
Request Chain 66
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/146963/connatix.playspace.dc.js
Request Chain 76
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 77
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=945760086.41723261135125896.6204556 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=945760086.41723261135125896.6204556 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&google_hm=MzFjYTA5NjYtY2U0Mi00ZmU2LThiYTAtZDNkYjNiOTcxYmE1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&google_hm=MzFjYTA5NjYtY2U0Mi00ZmU2LThiYTAtZDNkYjNiOTcxYmE1&google_tc= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGSkoArsRHxV5whvkzvtkak&google_cver=1&ssp=vidoomy&bsw_param=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5
Request Chain 102
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2591270178361167074
Request Chain 107
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2375097396247383266
Request Chain 125
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2591270178361167074
Request Chain 156
  • https://c1.adform.net/serving/cookie/match?party=14&cid=04D52FB6-6642-4789-B6BE-6C153E86A92E HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=04D52FB6-6642-4789-B6BE-6C153E86A92E
Request Chain 157
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4333243253603985210
Request Chain 158
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f5bf61eb-4d05-4800-84f8-336fb7eee0d5&gdpr=0&gdpr_consent=
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BNUvtmZCR4m2vmwVPoapLg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 161
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=63c161eb-4d05-4f00-bece-9c05f26217c9
Request Chain 162
  • https://pixel.onaudience.com/?partner=214&mapped=04D52FB6-6642-4789-B6BE-6C153E86A92E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=b1a72ac9-ca63-46da-b886-497dee0775ae&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3b7f55e2b9b97b1ff7e78282fd28e437 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=57647adb9008777b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86527967-b67f-49c7-493c-06ca0e0d31d0&reqId=5eb465ea-231c-4b23-7b5c-c581b7c32731&zcluid=57647adb9008777b&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGjpgN-Gw26wlfzOoGJYnMU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86527967-b67f-49c7-493c-06ca0e0d31d0&reqId=5eb465ea-231c-4b23-7b5c-c581b7c32731&zcluid=57647adb9008777b&zdid=1332
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDRENTJGQjYtNjY0Mi00Nzg5LUI2QkUtNkMxNTNFODZBOTJF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMjDpG2WJipzg7ofusQImIs&google_cver=1
Request Chain 166
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7730428933004856591
Request Chain 167
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b1a72ac9-ca63-46da-b886-497dee0775ae
Request Chain 168
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5746621694371645460&gdpr=0&gdpr_consent=
Request Chain 169
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8BwTkPJJRsfrTEbC9RhblqMfTsvrGkPB8B_WqDt0
Request Chain 177
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7055817929376397455
Request Chain 181
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=04D52FB6-6642-4789-B6BE-6C153E86A92E&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=04D52FB6-6642-4789-B6BE-6C153E86A92E&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=04D52FB6-6642-4789-B6BE-6C153E86A92E&addseg=19,36,42
Request Chain 182
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=04D52FB6-6642-4789-B6BE-6C153E86A92E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=04D52FB6-6642-4789-B6BE-6C153E86A92E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 186
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=04D52FB6-6642-4789-B6BE-6C153E86A92E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=04D52FB6-6642-4789-B6BE-6C153E86A92E&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A_8aPdxE2uUo0R_1JFJA1Z.eoFq3Z5E-~A&gdpr=0&gdpr_consent=
Request Chain 187
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3D31ca0966-ce42-4fe6-8ba0-d3db3b971ba5%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=f000cafc0a0449ccaea9b0a49a0f8c01&ssp=pubmatic&bsw_param=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 188
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2591270178361167074&gdpr=0&gdpr_consent=&us_privacy=

204 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
1erinforme.com/
Redirect Chain
  • http://1erinforme.com/
  • https://1erinforme.com/
100 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0e90aefc745c11a7f2e430791d1c389e8e7470e4b3357cbf69bae327dced50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-type
text/html; charset=UTF-8
link
<https://1erinforme.com/wp-json/>; rel="https://api.w.org/"
vary
X-Forwarded-Proto,Accept-Encoding
cache-control
max-age=1800
cf-cache-status
MISS
last-modified
Sat, 22 Jan 2022 00:17:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UArTRqVWN1TVlX7MKAWZNhuU9DMqzetY3YS5j1beSosePplDi6XqttdSHcIkOxKD8ofASu3QQfjU5dRpvW4CQJMejmbnJ89c6ymwic%2B6Jq%2BtjW9Tq6k6FxhqrvLWDcb45vZTvV4ngc%2BaZXHYVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d1498e60e837052-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Sat, 22 Jan 2022 00:17:04 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 22 Jan 2022 01:17:04 GMT
Location
https://1erinforme.com/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlbJk1ie8Prl1Q4HPRVZhL4jUfr1bwe1A0O8wv%2F7gZOzeQhkMsP8U%2BkzGeHkSmbAa%2FH5MREWD7OHnqR9M43Xjl%2F%2BhGla29vIkNl9drd%2BvEU5n2WgpbjZH7hazMybMLPkE%2FBasBo8LnChmj%2BIZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6d1498e5cb9b2bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lazyload.min.js
1erinforme.com/wp-content/plugins/w3-total-cache/pub/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Aug 2020 19:46:00 GMT
server
cloudflare
age
25429
etag
W/"1883-5ac269f09e659-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRCquwEz1fwPAcENvJJumtwAX%2FR8OTU0B%2BXE2zsmM5fp9%2BuotBJuGZalXJh8Smtseo7XAa76pqYMaEOCkJrjFI8jjJzJyEU9d70dvWxAUA9mjvUXMq8nKzw8C4L1ojwfnnFikH8yOwYosfsYfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498eb09537052-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 11:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30082
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Jan 2023 11:52:59 GMT
style.min.css
1erinforme.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 00:13:27 GMT
server
cloudflare
age
74029
etag
W/"13abe-5cd67aa5e766b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF9eS6Ma%2Bct%2B51FUHMF3D0PMOUs6QhD%2F9YWDR9kGZsmUOCXX%2BxEZHNbCFsEPIkOWSWZ6PVnLj6AxdL8S%2F7AnHzOYndJPNkEDPsyA2JcQTDCKxh3F1wswCBO%2BWaEMe5BbISfSYBgv9B2VqOVspw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498eb09557052-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mediaelementplayer-legacy.min.css
1erinforme.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 00:13:29 GMT
server
cloudflare
age
68491
etag
W/"2bf8-5cd67aa7c3f72-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kkbt4Hyc3mGOiiytslLm21JRva6WICNIjn%2FCHm0ph3WzjGd%2BskuCc3e7dJomDCz4NtgrDVMSJtOzvjgjRmqNQDxlYHMdSKAEIKegAfjvtMXboDR6B66Fx85TB8Rp2eKBXgdY%2Fz8Es6R%2Fjm9dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498eb09587052-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-mediaelement.min.css
1erinforme.com/wp-includes/js/mediaelement/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.3
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Aug 2020 17:03:25 GMT
server
cloudflare
age
7893
etag
W/"105a-5ac245997aaa1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B7mnAVIURWiwDn8%2Fohbnz66y8kq2jsgS0canvZ7PrFH2XoV%2Bs52dIKdTzsOwp7ZLcx4i%2BHdmp%2B3r01lSSckK%2BuDiKrpEJ0tMIJh4jDoLTJZJHYF2daY8TsAUwrpi9cwfUUadRCNr9twE1KSGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498eb095b7052-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
1erinforme.com/wp-content/themes/pilar/ 		166 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-content/themes/pilar/style.css?ver=3.0.0
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d2e78812141cb6bd52550584bee81e8e52038a8e1c0d9c0b40c38e652d7aec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7893
cf-polished
origSize=210577
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 15 Oct 2021 15:05:36 GMT
server
cloudflare
etag
W/"33691-5ce658710044a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzfkPzhJt1T4EB2cLrdiM2QrDwLD1QzMhczUSB8iKTzeC0ltEE1j%2FtCqqfUxME1x2MN6%2B0rk6P3lUTXkerSMDjxrA7NuO2Q874r7I5yZlRi5NKvnyvc7Qpng2qho8rFx3dNPLl0lAn5M27safg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6d1498eb095f7052-FRA
cf-bgj
minify
jetpack.css
1erinforme.com/wp-content/plugins/jetpack/css/ 		85 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.3
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f9c1995de9f92f05f1a5cd0c4987e359e1aa41613bb6a33f9c82837b29e6d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68491
cf-polished
origSize=87188
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 16 Nov 2021 00:04:49 GMT
server
cloudflare
etag
W/"15494-5d0dcac8a958a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAuGza6T9f9th8cBZaxgrL3vIsIAEI52ZuU8LS1THmhSUegaE4hKvG6FCVUGv5ChRq5ZIAkIdFIZ4L8TlRHLFMaAMGD2uvdXsraOoeYR4kqKhj3EZnJBDJc50RFiac%2FtfCBHU05vjYHhmsTtpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6d1498eb09617052-FRA
cf-bgj
minify
frontend.min.js
1erinforme.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.11.0
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Aug 2020 18:32:05 GMT
server
cloudflare
age
25429
etag
W/"2452-5ac2596b5060e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeDguRh9wbliJlloQ5y6FUDbBOKXSg7qT1K0YYTDMumBBvtji4%2Bi2XoZzyrqdNuxbgepTbNemZeS5NhbMrgSf5IKOF4cBc8Ug9sqMLj5y8ZPrsGWbn2nrOQh%2B8%2FelqNAp1MH%2BYwh3EQkQozu7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498eb09637052-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138118488-1
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c88251802154dc5a8cb0f1b3ac376f1f31caf87bfafda223d6d08e5b287f248a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36460
x-xss-protection
0
last-modified
Sat, 22 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 Jan 2022 00:17:05 GMT
newglobal.sdk.min.js
tags.newdreamglobal.com/admanager/ 		172 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec4761b5338ebd36dcb9580993b807c5d118288969bb8506838ccdde545ddb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:50:16 GMT
server
cloudflare
age
4662
etag
W/"61d64ad8-2af70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrkDqtIIwqIlyeoengsV1qNSXO8Ghw%2B7eqGD%2Fkmy2RBA8nbads8OiVWa6sVw5pmFMJj9YF5QyiuIMzBKffuyiWXVmoPWsNc6HG97dbjnWiQTR7qd%2Fb2k%2F8QcGthtHx1BPoD%2BXN522BA%2Fag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800, s-maxage=86400, stale-while-revalidate=86400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ec4d234a74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invisible.js
1erinforme.com/cdn-cgi/challenge-platform/h/b/scripts/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762f66303e01aa7afb8f8fc76ade21eb9cc85b884387fdd85c431d7118bb0b7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dquiMsk5%2FnSB49dqvItP1kNqMAP570XoPcv%2BrE4zcGtBCSHfCRXi0PVVJ%2FNsbjzVONr68OE8dQh1OVHVsnY8mHkA5E%2BtHyljD21gKpw6Px4C5yjoQ6GJ%2FccFNQ%2F%2BSqFfexZIiUSzrmTZcdaN%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6d1498ec7817703d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
navigation.js
1erinforme.com/wp-content/themes/pilar/js/ 		2 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-content/themes/pilar/js/navigation.js?ver=3.0.0
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd4bc836d0098cb7ddf7a664549351e2b5abce0ded9638da659f81c5bc09361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2614
cf-polished
origSize=3431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 03 Oct 2021 00:24:18 GMT
server
cloudflare
etag
W/"d67-5cd67d12e0c67-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsmiyU58efxb0D76rOWgqpBSkMYrKl31GlF%2FwZKimgJWd9njGNwhj2LafE49F%2BmX%2BWAfmkQMReeLr6nZjtEu%2BHmFtucqdE6AgAGLvayVqijvIcHP79%2BlxwvDe4wkTV%2BtRzMt7pq78HL6PdXckw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6d1498eb09667052-FRA
cf-bgj
minify
intersection-observer.js
1erinforme.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 16 Nov 2021 00:04:52 GMT
server
cloudflare
etag
W/"2394-5d0dcacbb59f3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DraCNFC6qmXi4wkJGiCz4cgAZqc9Eyv0DoLG0SVFXV4QC1VqMya7B5LTNWVbLraMgzO%2FuFXPJTUP6bgt9CcPZ%2BLZWljigqwjK6A9XXSUjgDaNmy3WwTe9vZbqjS6KDROBtKXekgwGNzUOdA5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6d1498eb09697052-FRA
cf-bgj
minify
lazy-images.js
1erinforme.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2614
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 16 Nov 2021 00:04:52 GMT
server
cloudflare
etag
W/"98f-5d0dcacbb4a53-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiY0xwIXPuZ05j5yEEVy9uTznSy1iEfa7JHRrThGri8gYoAyiArNTbzf0m%2BB0x2%2B4TLM8Ap1rm%2FO08bIPyPjAjL%2Fu0FyeVXBNzPzBfKO2XVJH5PPWFkC4RFsNbhtnFu5tRSEhz%2FFMdvgxiLxjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6d1498eb096b7052-FRA
cf-bgj
minify
wp-embed.min.js
1erinforme.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Apr 2021 06:34:45 GMT
server
cloudflare
age
7893
etag
W/"592-5bffd0f2293c3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnHoM4leGcuWwbnhF2HMD%2FDEoVgRJi6PkTpJMIo5FmfxHKzAqpFVh2Si%2B1gZhC26DE9UeQIu2D%2FFmgHPr1m4AjeKKYb%2BawL0dEpIMfLpx3USGOzgbJgY9ZfCzFmDioLFSiIrJzmfBZNf01W%2F6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498eb19707052-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e-202203.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202203.js
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 08 Jan 2023 23:52:53 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
734
date
Sat, 22 Jan 2022 00:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 22 Jan 2022 02:04:52 GMT
wp-emoji-release.min.js
1erinforme.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1erinforme.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 00:13:29 GMT
server
cloudflare
age
84471
etag
W/"4705-5cd67aa7c8d92-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGAqWmzSOTeF4CIXqIyT%2FCDNHqWxP4LuDJJTXY4oaRO4ZZ2AqpqOy5hMC0q6bfs1ZT11lWhxh8ntXvUiZ9PMK91r%2FhNwcIr0xWTlQrMeeZlBEKROLzq9ia00Lx%2BZLUhHq1lWPHerp2bs%2F9RUkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ed499b703d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400;600&display=swap
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/wp-content/themes/pilar/style.css?ver=3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ff858de88882671b18166107eef09e7d4b58232d720c6db7bf04077b5565d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 Jan 2022 00:17:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 22 Jan 2022 00:17:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Jan 2022 00:17:06 GMT
statuses
primerinforme.com/wp-json/wp/v2/ 		406 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-json/wp/v2/statuses?origin=https://1erinforme.com
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34780
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
vary
Origin,Accept-Encoding
link
<https://primerinforme.com/wp-json/>; rel="https://api.w.org/"
x-robots-tag
noindex
last-modified
Fri, 21 Jan 2022 14:37:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
GET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUPzBqdBgK6%2BoaYxblCLLdTOUi38sZSjY2GQMggwWy6dgUL2Jb2%2FH9PWdlWJB9sUZZ%2FG%2FSnu7gvrn0dDiTmsx5jypQvxi1HZ%2BOxpm4p75m6IbGOETSRYk8J6m%2BxRRGVQHz5h"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://1erinforme.com
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6d1498ed9a834333-FRA
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Primary Request /
primerinforme.com/ 		100 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
677fa624ee7d85b17464e79a29d0398b3199babaa3a4003251e7004187d7704a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1erinforme.com/

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-type
text/html; charset=UTF-8
link
<https://primerinforme.com/wp-json/>; rel="https://api.w.org/"
vary
X-Forwarded-Proto,Accept-Encoding
cache-control
max-age=1800
cf-cache-status
HIT
age
26
last-modified
Sat, 22 Jan 2022 00:16:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3VbvPP%2BkxV1yShau2N7GMMHveCKw7toyvLuCHNxFvoqBHB46GBvTXqOJQrvcCZ1bYBGX8awS5yYwsc1eVJNZ9XtdYRQGgir6uR5SxN0KwfloMGexbP7mNnTAg6XAIh77evW"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d1498edd9405b38-FRA
content-encoding
br
linkid.js
www.google-analytics.com/plugins/ua/ 		0
0
lazyload.min.js
primerinforme.com/wp-content/plugins/w3-total-cache/pub/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Aug 2020 19:46:00 GMT
server
cloudflare
age
46413
etag
W/"1883-5ac269f09e659-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IH3rn3OI%2FuXEEIgAZtihWCsiEkwzw4IxtJpBwArlHtW6Ch%2B6qdho%2FRju9zqGQHGWsNKsPSprRj2%2Fu8gDXrxCOjp2poBIAnobglJHlRybRjbgfHQN4XDpq1uX2rsY0ese29fZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ee199f5b38-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 11:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30082
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Jan 2023 11:52:59 GMT
style.min.css
primerinforme.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 00:13:27 GMT
server
cloudflare
age
46413
etag
W/"13abe-5cd67aa5e766b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AYXNTMHxjsrr0%2FNfneHS4vl9kvnTAOT2rh19HMdNCKJhbr1vMB%2FOVPMi3N%2FwXNI0g2e0CSj22iArA7iw8ucYzSEJ%2BrNaGrJ957PzAJIcoG3OgcpB8Lq6uzSfI9F7Kruaaxu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ee19a35b38-FRA
mediaelementplayer-legacy.min.css
primerinforme.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 00:13:29 GMT
server
cloudflare
age
79481
etag
W/"2bf8-5cd67aa7c3f72-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzyYaP95ArQafG7KmKGqxMA2Rk3FTIQVTyH9VkCcBK%2FtS0%2B55CzSvjyfrw747A1IC04tqnk5CdIr6ty1FddFX4hKIWJI9rp4teofNGJ%2FZ1MYdeAlVlKtkBXN2mzC1fTwpYEB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ee19a55b38-FRA
wp-mediaelement.min.css
primerinforme.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.3
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Aug 2020 17:03:25 GMT
server
cloudflare
age
46413
etag
W/"105a-5ac245997aaa1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PuVijWCPormDcgGiCeYScNU0Iie%2FuHRH8dmzQ%2B3gSYMF0wBnI5tBLtMSDgxyTkI1S4DScGtWneONsWaaXcRaH%2F79D0%2B8XIZCLiDrd8Ltph%2BhPQYhNu%2FmN5mI5jmpH%2FRnFPM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ee19a65b38-FRA
style.css
primerinforme.com/wp-content/themes/pilar/ 		166 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-content/themes/pilar/style.css?ver=3.0.0
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d2e78812141cb6bd52550584bee81e8e52038a8e1c0d9c0b40c38e652d7aec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46413
cf-polished
origSize=210577
last-modified
Fri, 15 Oct 2021 15:05:36 GMT
server
cloudflare
etag
W/"33691-5ce658710044a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imMveEDw6i8K8GY2KhS5Uvf2FkmZa6Biwu2%2Fqal9FnNM9imIzdUrAWtFCj3H5BVPDikKypaSa%2BGjNjh%2B%2F6XDIEoHZ1yQnIyT16WgVKZE%2BMyCRRL2YckgRYWHq7%2FRyGZaGdIL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6d1498ee19a75b38-FRA
cf-bgj
minify
jetpack.css
primerinforme.com/wp-content/plugins/jetpack/css/ 		85 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.3
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f9c1995de9f92f05f1a5cd0c4987e359e1aa41613bb6a33f9c82837b29e6d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38256
cf-polished
origSize=87188
last-modified
Tue, 16 Nov 2021 00:04:49 GMT
server
cloudflare
etag
W/"15494-5d0dcac8a958a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtqxOQ6LDYkcEW862SuzcSpFVS8eT6diO%2BTVLlGqEPad%2FQcmynQuITvKByqOZS3Xau6eZpujym%2BexQU6L1FwJ4AjZwbB9Q70KAcQnF44FuFMNwoBj187YxAEzJAMBjb73Aqw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6d1498ee19a95b38-FRA
cf-bgj
minify
frontend.min.js
primerinforme.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.11.0
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Aug 2020 18:32:05 GMT
server
cloudflare
age
86116
etag
W/"2452-5ac2596b5060e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wX4x85R%2BFWX7RIA%2FsnHAlLFoFpWMsdLPnVx1rz2dBghDHqeLkuz6S%2BGDPJUqDsWkfjCvAuH4iJtp2MSjyLczPibbUbisAgbu%2BN1D24DwPW3nl9LEqgPE0Plq6LM6QBw%2B7nLj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ee19aa5b38-FRA
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138118488-1
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a987b3e26dc60a6e0c017c0cf810047e0532f9922c79d581e3c90ec3bade67d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36457
x-xss-protection
0
last-modified
Sat, 22 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 Jan 2022 00:17:06 GMT
newglobal.sdk.min.js
tags.newdreamglobal.com/admanager/ 		172 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec4761b5338ebd36dcb9580993b807c5d118288969bb8506838ccdde545ddb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:50:16 GMT
server
cloudflare
age
4663
etag
W/"61d64ad8-2af70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlJIdqVZFSeylz5%2Fezff2Y2xRrpQNiLwCtOozKeXqoQ0iDgQlSngvasEceiDaG8ArKbtArGNfh5njeNAiX5gsAUa7fPCrvJp594vRD5L6wccgL89UWW%2BJAMde8jg2Ue9iB%2FXiQa12O77VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800, s-maxage=86400, stale-while-revalidate=86400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498eee9f06939-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
navigation.js
primerinforme.com/wp-content/themes/pilar/js/ 		2 KB
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-content/themes/pilar/js/navigation.js?ver=3.0.0
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd4bc836d0098cb7ddf7a664549351e2b5abce0ded9638da659f81c5bc09361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38256
cf-polished
origSize=3431
last-modified
Sun, 03 Oct 2021 00:24:18 GMT
server
cloudflare
etag
W/"d67-5cd67d12e0c67-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLOceQ7sQ%2FVIiVuEBWgharsq1eVsXqlMv%2BeOB3DTuWwESTKU47yfcc%2FYqMXR5FwadujiX%2Fo1Lgmblhi2FcanD9dC8flZII9Oyp3exLDE%2FyAuTkk%2BKkYww3%2Bsi8Gng517m526"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6d1498ee29ac5b38-FRA
cf-bgj
minify
intersection-observer.js
primerinforme.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Nov 2021 00:04:52 GMT
server
cloudflare
age
46413
etag
W/"2394-5d0dcacbb59f3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUeE0uWHpQDM5%2FCDpbYsfR1qaBlozoautqr4aI3%2BcpVq6evyuKhw%2BDpIMRp9g%2FihMSfNjm%2Bm%2BMO%2BJ7ZrTzSepyKyfvW%2Bv6HMxbyEfr03HpdqxjFPO1M%2BCIj8ypfE3fMool0w"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ee29ad5b38-FRA
cf-bgj
minify
lazy-images.js
primerinforme.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Nov 2021 00:04:52 GMT
server
cloudflare
age
11913
etag
W/"98f-5d0dcacbb4a53-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4nrsGCz1jtdw8Q63jhpRdpBuanmcNbDeARoT8EpdiLZ9v7KoMS4jaRQEvgZQ%2BPa%2BT8gYR0qjV%2FtvEFHH5Vd0l1kPhdKqsm4iUVE9Utk%2FTqg%2BMkgiKa05Agn4cYq6PUG4D4l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ee29b25b38-FRA
cf-bgj
minify
wp-embed.min.js
primerinforme.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Apr 2021 06:34:45 GMT
server
cloudflare
age
46413
etag
W/"592-5bffd0f2293c3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a78cUe8IZsgYUCwskwEtpOzdq7Am1UQ2GAjaZ%2F8zo8%2FE%2BQOtvL%2FKoHwvC%2BIjXU%2B6oQmnIuS0wXuq6J2Z7Rm%2Bi8t%2BFWqjhFGhgzFaKa0E09vJdPUmH3RC%2FgHRwimv9aMQY0l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ee29be5b38-FRA
e-202203.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202203.js
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 08 Jan 2023 23:52:53 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
734
date
Sat, 22 Jan 2022 00:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 22 Jan 2022 02:04:52 GMT
wp-emoji-release.min.js
primerinforme.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://primerinforme.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 00:13:29 GMT
server
cloudflare
age
46413
etag
W/"4705-5cd67aa7c8d92-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7UfNikfHE6wokhv0UMmZTyrIkOb7LtjnfZXydAnEHqO%2Bh4vQC2IvOomOWOxf2Yw60WF93h2mZfcPYBJP3NymVj5B3V3Xm3%2BgpTqOv9NNW2yoYWvzh5%2F32qxy6kLZmNwv8%2B%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498ef7b6f5b38-FRA
css2
fonts.googleapis.com/ 		3 KB
525 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400;600&display=swap
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/wp-content/themes/pilar/style.css?ver=3.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ff858de88882671b18166107eef09e7d4b58232d720c6db7bf04077b5565d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 23:54:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 22 Jan 2022 00:17:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Jan 2022 00:17:06 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 22 Jan 2022 01:03:47 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7a474078409d4121e25fa50625207e01c1c039662e022ab7894ab1275c3eaba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce1b6eccc5f9d6224e9b6c675c8201ca69763f6af25a8d8a044a27851d204e9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16c90374efa8b713495a69b3547b2d5fe21d661c592f480e675726a567135190

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
374c24f275c13355a1dd873e100504ac463467c6016c010ed5ee596d9027d4db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v14/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v14/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://primerinforme.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 05:29:37 GMT
x-content-type-options
nosniff
age
240449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33620
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:46:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 05:29:37 GMT
newglobal.sdk.min.js
tags.newdreamglobal.com/admanager/ 		172 KB
51 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec4761b5338ebd36dcb9580993b807c5d118288969bb8506838ccdde545ddb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 01:50:16 GMT
server
cloudflare
age
4663
etag
W/"61d64ad8-2af70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeKsTo24U8LVbk38TbS3p3283lOe5QDHMNHke3qN8vKAdBy9i7CCU4eCTFNlgJUmKClibXzN3F2DESd9XNJorz0PKxA3PnEZCpB0cBjEznHGbxPoj0e%2BwOP4U8XgQ2JSGdWZNV0IVTld1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800, s-maxage=86400, stale-while-revalidate=86400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498efcbd06939-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adx
pubads.g.doubleclick.net/gampad/ 		2 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/1014896/geoip&sz=88x31&tile=2&dpt=1&c=4356201642810888682
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e11066131581f19cd6717950c6483495007f3daab3b91dff4d07cd2619a3fba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6
x-xss-protection
0
google-lineitem-id
4496728011
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138217650401
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://primerinforme.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=88200626&post=0&tz=-4&srv=primerinforme.com&host=primerinforme.com&ref=https%3A%2F%2F1erinforme.com%2F&fcp=0&rand=0.6651426012364721
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 22 Jan 2022 00:17:06 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-143310116-1&cid=745265234.1642810626&jid=1686687941&gjid=1557179606&_gid=652700534.1642810626&_u=aGBAgUAjCAAAAE~&z=1069993743
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://primerinforme.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 22 Jan 2022 00:17:06 GMT
content-type
text/plain
access-control-allow-origin
https://primerinforme.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=49451537&t=pageview&_s=1&dl=https%3A%2F%2Fprimerinforme.com%2F&dr=https%3A%2F%2F1erinforme.com%2F&ul=en-us&de=UTF-8&dt=Primer%20Informe%20-%20%C3%9Altima%20informaci%C3%B3n%20sobre%20Venezuela&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUAjCAAAAG~&jid=534679525&gjid=2121592677&cid=745265234.1642810626&tid=UA-138118488-1&_gid=652700534.1642810626&_r=1&gtm=2ou1j0&z=2025391237
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://primerinforme.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://primerinforme.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=49451537&t=pageview&_s=1&dl=https%3A%2F%2Fprimerinforme.com%2F&dr=https%3A%2F%2F1erinforme.com%2F&ul=en-us&de=UTF-8&dt=Primer%20Informe%20-%20%C3%9Altima%20informaci%C3%B3n%20sobre%20Venezuela&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjC~&jid=1686687941&gjid=1557179606&cid=745265234.1642810626&tid=UA-143310116-1&_gid=652700534.1642810626&z=1149572769
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jan 2022 07:43:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59609
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo.svg
primerinforme.com/wp-content/themes/pilar/assets/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/themes/pilar/assets/logo.svg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e729069a417a8c4b586640684ec4e68148dcd957970bffa1f7cc15148bceb882

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 00:24:18 GMT
server
cloudflare
age
33904
etag
W/"121e-5cd67d12e5a87-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSG8KliXeSA0n9iAvASE8cLDnr08cpJEKz4O8xUhD3znZ%2F14u57gsWTWE%2Be7iw6zwye0f%2FRtFpnGOyH4L1j72EGZ6lexwDuZIRKu7wyw1qMugTwJ3XEGVFrWu3YA2RLan2dG"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498f01c695b38-FRA
Saab_arrestado_primerinforme.jpg
primerinforme.com/wp-content/uploads/2021/11/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/uploads/2021/11/Saab_arrestado_primerinforme.jpg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ea3e1e1c9d94a2789f1131947629240ecff4a8d2712feee4341a8c2cbf69ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39957
content-length
54054
last-modified
Wed, 03 Nov 2021 00:17:59 GMT
server
cloudflare
etag
"d326-5cfd757a7e04a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohvqd47VDenxMVE0giE9sVldSufoa1%2BnvRFj%2BZ80%2BqIajFY8ITZTGmXT5YCmFDUNHCKFPXNsUZNswkuk6E2hhxfCFcyQEIuctwJoYHXUh3tNAFN%2B7iqXHLk5rj1bazQ%2F5rwa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6d1498f01c6a5b38-FRA
cf-bgj
h2pri
LOPEZ_BELLO_PRIMERINFORME.jpg
primerinforme.com/wp-content/uploads/2022/01/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/uploads/2022/01/LOPEZ_BELLO_PRIMERINFORME.jpg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca90a80b95d16f2436ead46636bd4bac374e0a28fd75c4a2f20cabc3a5acee70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16424
content-length
22035
last-modified
Thu, 20 Jan 2022 18:06:07 GMT
server
cloudflare
etag
"5613-5d6075b38552e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1qmtty5ii3hUns5x5jVO7PzGR3AXjlrklS2K3Y9%2FXHTNe1qP%2FIcF5fkU1UbfNfvn2PEcJcETOZCyL%2FIXjOCbYpbafkL0aqKjU3%2FNjGmK6%2BSmSMe9nD0e%2FdylmxAZib4o0ZX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6d1498f01c6b5b38-FRA
cf-bgj
h2pri
DC_CABELLO_PRIMERINFORME.jpg
primerinforme.com/wp-content/uploads/2022/01/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/uploads/2022/01/DC_CABELLO_PRIMERINFORME.jpg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e69300586f1d02b274e403801ed44f9be74ac9a279e5559431dd75ab2a31d48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27322
content-length
27099
last-modified
Thu, 20 Jan 2022 15:37:51 GMT
server
cloudflare
etag
"69db-5d6054907a061"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35E%2FSeZD%2BUc0%2FjBMwBP%2FBSUCMyDooO2%2FhitXRb43PnkOD1bMWhul9gPbl%2BgfQ13pOZmdbtwjxT4g5k%2Fz3LCwJ8VQulT6uYfsXD4uNj80G92SkUIqD8WXlaXm8web5S9iON5k"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6d1498f01c6d5b38-FRA
cf-bgj
h2pri
ALEX_SAAB_CORDOBA_PIEDAD_PRIMERINFORME.jpg
primerinforme.com/wp-content/uploads/2021/10/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/uploads/2021/10/ALEX_SAAB_CORDOBA_PIEDAD_PRIMERINFORME.jpg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e4827ea548c4e9a60bd7aa4c1eae0dd9c7b0d4f2fa0627cb781bb36cfa8c13b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29767
content-length
56546
last-modified
Wed, 20 Oct 2021 18:46:28 GMT
server
cloudflare
etag
"dce2-5cecd322c0d9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TFsrW%2Bpj9ejmiZVN%2B14fRWWqy7XbY5eqN578Ul7kvEER0mabhQOiO%2FznCenpWBckGUlThOs5pqsCT5plVlN6S1uqyfStl1mCIv7WvtdAK0ekxdUKFdGjKvQT8blDw5a7%2Fe3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6d1498f01c6e5b38-FRA
cf-bgj
h2pri
NINA_VENEZOLANA_MEXICO_EEUU_RIO_GRANDE_PRIMERINFORME-e1642628219811.jpg
primerinforme.com/wp-content/uploads/2022/01/ 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/uploads/2022/01/NINA_VENEZOLANA_MEXICO_EEUU_RIO_GRANDE_PRIMERINFORME-e1642628219811.jpg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795f39e721862274ea26a057642325c485281f988a91fb2581b565fcd19eff90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57475
content-length
184847
last-modified
Wed, 19 Jan 2022 21:36:59 GMT
server
cloudflare
etag
"2d20f-5d5f62f824379"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4NfYTTVhAdctCp04j%2BXUXrqQ7LNuihG%2FctG%2Bv4%2Bf0LSdYQYkBNSl%2BySLWiYgK92JQCMAMm3oqjon1MmYKshtPz31Y6wjbe7dt5CufqswRldqG2Hhj7bd7DnqawCnl67Irij"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6d1498f01c6f5b38-FRA
cf-bgj
h2pri
MADURO_KARIM_KHAN_1_PRIMERINFORME-scaled.jpg
primerinforme.com/wp-content/uploads/2021/11/ 		603 KB
604 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/uploads/2021/11/MADURO_KARIM_KHAN_1_PRIMERINFORME-scaled.jpg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5682881b5ce1d3a19fa81fc4be0bcec33980f4ecc72228f6ec339d412d3b65ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9441
content-length
617469
last-modified
Thu, 04 Nov 2021 00:08:29 GMT
server
cloudflare
etag
"96bfd-5cfeb53887928"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNVhZwYYb2i3qAFRync6sLdtuWFLZVLOFeW1xhNhopgKWgP1jGZY6qQmbPHeQ3IjzUbej%2BXBNyniWLOEjybJzCE3LTIMYYFg%2Fq3i6U7mPkWJBHVlXCm7klK2HTdMN2t6j1YR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6d1498f01c705b38-FRA
cf-bgj
h2pri
ESPIAS_RUSOS_MILITARES_COLOMBIANOS_FRONTERA_PRIMERINFORME.jpg
primerinforme.com/wp-content/uploads/2022/01/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/uploads/2022/01/ESPIAS_RUSOS_MILITARES_COLOMBIANOS_FRONTERA_PRIMERINFORME.jpg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030c6d4045956930d5b9231b69a1f7d555625933bef4464202284207a35e1f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
616
content-length
174809
last-modified
Fri, 21 Jan 2022 23:02:25 GMT
server
cloudflare
etag
"2aad9-5d61f9cc3a905"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EvlrgFgM2KFixoDy44b6KN7jBcB7Pb0G9hLK3DRihQZJ3HuIa9CGDkGW09otJ7015pUW6XEnsdLPr2tGnayo7GqEICSlZAxvPAxt9bmSyEegDEjTliTcfUBjUucTb%2Fa4JWO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6d1498f01c725b38-FRA
cf-bgj
h2pri
MINISTRO_DE_PUTIN_SERGEI_LAVROV_PRIMERINFORME.jpg
primerinforme.com/wp-content/uploads/2022/01/ 		530 KB
531 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/uploads/2022/01/MINISTRO_DE_PUTIN_SERGEI_LAVROV_PRIMERINFORME.jpg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9670006d56317442f76c06d27fa377a86269d4ea79d5c11408acd245f9dfaf94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5016
content-length
542299
last-modified
Fri, 21 Jan 2022 21:48:36 GMT
server
cloudflare
etag
"8465b-5d61e94c2736f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrwr7btq8dqhSh8bGdCkYvu2MmSE5hJFrCEL%2Fkot2u8aSD3TsP4ImxANkGYIkFT%2BzG2ZBCPOF4ESqQD%2FmJmZXec7K46SkXLkKXQ9Y0VQhdu857kEFsk7J52zK2B8yX6mNQ45"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6d1498f01c735b38-FRA
cf-bgj
h2pri
BLINKEN_LAVROV_RUSIA_BASES_MILITARES_VENEZUELA_PRIMERINFORME.jpg
primerinforme.com/wp-content/uploads/2022/01/ 		342 KB
343 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primerinforme.com/wp-content/uploads/2022/01/BLINKEN_LAVROV_RUSIA_BASES_MILITARES_VENEZUELA_PRIMERINFORME.jpg
Requested by
Host: primerinforme.com
URL: https://primerinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b60e34433d0826922b91dbb70565d5437ba532b97de8a85d87faac303dc8d65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22078
content-length
350084
last-modified
Fri, 21 Jan 2022 17:13:28 GMT
server
cloudflare
etag
"55784-5d61abcc860b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6qMgZjfnVtlzDqJ5f8vgd2VNeIOC4rez2XHOmt4zl2syarAQSKAGzP8bd9YNVSvOD7AIBmv7CUMSVNw12ubnD3dVaDA8EDIq6N08MyCJbbK5W%2FAcFyulLHYUehg97Olw93x"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6d1498f01c765b38-FRA
cf-bgj
h2pri
primerinforme.com-rm-ds.js
tags.newdreamglobal.com/admanager/cfg/ 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/admanager/cfg/primerinforme.com-rm-ds.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cad39e065a228660443e63ecd1d2a839c25e634400954c6afa83e8a3e62fbe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-max-age
1728000
etime
0.0001 s
access-control-allow-methods
GET,POST,OPTIONS,HEAD,DELETE,PUT
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 21 Jan 2022 21:38:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDJqhsYsjHxzpiFQAaHYg9Wa17m%2BwZY4gQPNSivsdxFS9GUzPRPuHnKIyFiQkPRYXei%2FRZLQNTENfitJ4dWGZWpn5bsZo28iUBfXAK2LJa%2FSGrA3hlJTTcQmGFZ0DXZgdAlyXTGj3KxJgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Server, Content-Length, Content-Range, Date
cache-control
max-age=300, s-maxage=1800, must-revalidate, stale-while-revalidate=3600, stale-if-error=3600
x-server
ndg-t
x-service
primerinforme.com
access-control-allow-credentials
true
cf-ray
6d1498f12d7f6931-FRA
access-control-allow-headers
DNT,X-CustomHeader,Origin,Keep-Alive,User-Agent,Content-Type, Accept,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Pragma
expires
Sat, 22 Jan 2022 00:22:07 GMT
stickynonload.js
tags.newdreamglobal.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/stickynonload.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d25cdb8fcd743018954ccbdec1701c7cf814243719132103e8d6b39634dbf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59506
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 13 May 2021 17:07:08 GMT
server
cloudflare
etag
W/"609d5cbc-dbf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g66cKCAB6uTmj5yR1XxoOxdGFL4rLh6K0bmKOdAwap6EZeUD%2BcBQPSvZnUKssLhnRZZKQy6xm2Qw51rkTm%2FcaADpxTxs9CNrlgHVes6gv9bNdfjwu3HKo3gvl9cBf0sNp5F4JoJtse3Lng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
cf-ray
6d1498f3cc316939-FRA
cf-bgj
minify
connatix.playspace.dc.js
cds.connatix.com/p/146963/ Frame AB99
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/146963/connatix.playspace.dc.js
1 MB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/146963/connatix.playspace.dc.js
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72ed4d558f24ed39effa6c190ff5a956b6885f8cb84c355c1e6a3571a62b98c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 09:24:06 GMT
age
53469
etag
"77988c1bbcb5056303a4cef3c2b9ceda"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
250402

Redirect headers

location
https://cds.connatix.com/p/146963/connatix.playspace.dc.js
date
Sat, 22 Jan 2022 00:17:07 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
server
Kestrel
accept-ranges
bytes
content-length
0
gtsur.newglobal.dfp.min.js
tags.newdreamglobal.com/viewability/ Frame D813 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/viewability/gtsur.newglobal.dfp.min.js?v=1.1.4.3
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d96c6856c8a602689084ed5558f3dde1453c67762a47d347869f9c13444fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Aug 2021 23:03:01 GMT
server
cloudflare
age
24976
etag
W/"610dbfa5-2cca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHBY8FJikZe3Bm7slVZx4iYqFWkP9BEDa5BnMrBwwAkwLbb1MrDXhgrE6oqZaHhQAKyAggDIivmPH1oxXs7ZTx51ABhoDyHQDlP%2B32liCqnukUvWh81PdN6MZ7KocJJi9IN8MhrQ0s2f0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d1498f3dc5d6939-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D813 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
c23e1ac09981f482a8e986029bb865a4ad954540e785f04c3367bfc30f62601b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26997
x-xss-protection
0
server
sffe
etag
"1109 / 973 of 1000 / last-modified: 1642808442"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 22 Jan 2022 00:17:07 GMT
primer.js
tags.newdreamglobal.com/fc/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/fc/primer.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7de4dd417f1666364339c17cbcaaf3b8c615f5a7072c3e54be66ea8ae3d4480f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58267
cf-polished
origSize=9743
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 18 Dec 2020 20:06:32 GMT
server
cloudflare
etag
W/"5fdd0bc8-260f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTPWPcPK12SzAw3FKwCjote8Waf4iLMbUQeu2WKQ36%2FPWjmYM7CIyLW673QykT0EuTzGMEDIRk07bVOaFmG3jY9B1mYClT%2BXAhoVuDGBURxqNvxlJAhJxlbmHTlcYBpCvmhzxi86sitR8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
cf-ray
6d1498f3ec686939-FRA
cf-bgj
minify
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9da88e942e6aee489526e53e74f2eebe0788e57037a3056a4e883014f326d7d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
AGSKWxViYesaGNZgU67C0DBQETJI3NBsf9zOibr6U9aNRy-vPvFMAD5JgPGKj_RaoENbhqNGm9O3fRsek17pn-0mcVc=
fundingchoicesmessages.google.com/f/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxViYesaGNZgU67C0DBQETJI3NBsf9zOibr6U9aNRy-vPvFMAD5JgPGKj_RaoENbhqNGm9O3fRsek17pn-0mcVc=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/fc/primer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9318a745972f39730fead8f17edb269f9961a47f6df0c73db0b5558557e75b13
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KtRioqaSa1M0DTpSl5GJwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KtRioqaSa1M0DTpSl5GJwA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-KtRioqaSa1M0DTpSl5GJwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KtRioqaSa1M0DTpSl5GJwA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
primerinformeve_17827.js
ads.vidoomy.com/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/primerinformeve_17827.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
bd37d8d70a6e6a90c926ac503b4cf910d62348fb0ca3b5d031ee8af71217956b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:07 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5403
pubads_impl_2022011408.js
securepubads.g.doubleclick.net/gpt/ Frame D813 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
0530384d8115b9411cd4fac3bad2e6565ab2ddf9c866c86b1422a65dfccb3980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 23:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120805
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 00:18:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Jan 2023 23:46:05 GMT
AGSKWxXz6lcKmZCqZKpNROBYEO_Q__uppNTsab3ikDsXF-Be_UjN8YBCbNrsYfSoqEYB99LZgdCFu1W7Ty_aV6C2R3Y=
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXz6lcKmZCqZKpNROBYEO_Q__uppNTsab3ikDsXF-Be_UjN8YBCbNrsYfSoqEYB99LZgdCFu1W7Ty_aV6C2R3Y=?pvid=E2FA7126-5B2D-4E05-A5DD-BCBE954FBFDA&anonid=14BBC6F6-A208-431E-B041-2C29046F3144
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Je69o0mtxD8.es5.O/d=1/rs=AJlcJMydvUjzwfiAPOM_kfGnu3NwwQbXmw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s/oAYJizwrHZA2EoM+QV/g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-s/oAYJizwrHZA2EoM+QV/g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://primerinforme.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://primerinforme.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-s/oAYJizwrHZA2EoM+QV/g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-s/oAYJizwrHZA2EoM+QV/g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVa2h7aeRt4e2hpHK1e4ffNHBHvhGnlcyOSICpGu_OaA13fPf4UBLOzUC3WEOLYjtTF8sssXXmHmVRqnQnRdtE=
fundingchoicesmessages.google.com/f/ 		270 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVa2h7aeRt4e2hpHK1e4ffNHBHvhGnlcyOSICpGu_OaA13fPf4UBLOzUC3WEOLYjtTF8sssXXmHmVRqnQnRdtE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQyODEwNjI3LDQ2ODAwMDAwMF0sIkUyRkE3MTI2LTVCMkQtNEUwNS1BNURELUJDQkU5NTRGQkZEQSIsIjE0QkJDNkY2LUEyMDgtNDMxRS1CMDQxLTJDMjkwNDZGMzE0NCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3ByaW1lcmluZm9ybWUuY29tLyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Je69o0mtxD8.es5.O/d=1/rs=AJlcJMydvUjzwfiAPOM_kfGnu3NwwQbXmw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa23ea58c0ac02a560e937352bcc927e56233c8f7d2f8d36f327ba87b47cff51
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JzVRs2xp56hqhxcReYLIQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-JzVRs2xp56hqhxcReYLIQg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JzVRs2xp56hqhxcReYLIQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-JzVRs2xp56hqhxcReYLIQg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie
a.vidoomy.com/api/rtbserver/ Frame 27E1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-type
image/gif
content-length
43
content-encoding
none
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Sat, 22 Jan 2022 00:17:07 GMT
server
AC1.1
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=945760086.41723261135125896.6204556
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=945760086.41723261135125896.6204556
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&google_hm=MzFjYTA5NjYtY2U0Mi00ZmU2LThiYTAtZDNkYjNiOTcxYmE1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&google_hm=MzFjYTA5NjYtY2U0Mi00ZmU2LThiYTAtZDNkYjNiOTcxYm...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGSkoArsRHxV5whvkzvtkak&google_cver=1&ssp=vidoomy&bsw_param=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5
Protocol
H2
Server
52.57.69.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5
Date
Sat, 22 Jan 2022 00:17:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ve
stg.vidoomy.com/api/rtbserver/ 		9 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg.vidoomy.com/api/rtbserver/ve?ad_type=Video&adomain=&c=SE&category=&crid=17827&deal=&domain=primerinforme.com&dsp=&dsp_ssp=&dt=1&gdpr=&gdprcs=&os=&p=&p_id=1&s=a&seat=1&size=&sspid=0&sync=0&zid=0&uimp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.189.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6a0aaac8071ff4b.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-length
9
vary
Origin
content-type
application/json
auto-user-sync
ads.stickyadstv.com/ 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:07 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1642810627289085-535
Expires
Sat, 22 Jan 2022 00:17:07 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
c23e1ac09981f482a8e986029bb865a4ad954540e785f04c3367bfc30f62601b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26997
x-xss-protection
0
server
sffe
etag
"1109 / 462 of 1000 / last-modified: 1642808442"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 22 Jan 2022 00:17:07 GMT
formats.js
ad.lkqd.net/vpaid/ Frame A770 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1642810627.cds013.am5.hn,1642810627.cds264.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 1EAE 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: 1erinforme.com
URL: https://1erinforme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1642810627.cds013.am5.hn,1642810627.cds264.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
css
fonts.googleapis.com/ 		54 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.wTrOxvgCq5g.es5.O/d=1/rs=AJlcJMyhEsIQuPp0TmKFNKnyIICo3o8oDA/m=iabtcfv2wallscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
731692cdbcd1b62abb9b6847629cc1154818f072069b6193cb968c11c851149a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 Jan 2022 00:17:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 22 Jan 2022 00:17:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Jan 2022 00:17:07 GMT
pubads_impl_2022011408.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
0530384d8115b9411cd4fac3bad2e6565ab2ddf9c866c86b1422a65dfccb3980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 23:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120805
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 00:18:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Jan 2023 23:46:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		166 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=primerinforme.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
03174599ab2cd340325e5ae49ec868e13b942e44b625114525ee03cf0e533b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
0
expires
Sat, 22 Jan 2022 00:17:07 GMT
prebid5.8.0.js
tags.newdreamglobal.com/admanager/ 		377 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/admanager/prebid5.8.0.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
639ef6500a5ec04531a495d9331bac9c0b0b69db342787cc09685208eb7f101c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4384
cf-polished
origSize=386165
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 12 Aug 2021 13:31:16 GMT
server
cloudflare
etag
W/"611522a4-5e475"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXJjhHAwBsVV3zNDJmYkILZsseq3L8y0JYrpLEpFNq79ta1nAz1Gcf5jFqyMqcj8LDPE4S%2BZreycO5VN1%2FKpneCMc76ysiqIdPFn%2FBYfWyjgWYfiuk%2F0IsMgnasHO1fmk%2BT6f1%2BJp4tWoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
cf-ray
6d1498f72a6a6939-FRA
cf-bgj
minify
AGSKWxVWdpgKv6ZLyZHbfF2Vnh6Cwo20fjwtt3XiIJm5lo_f-zQHvoBuZULDG86Ogzbib4dQl3oyV8ASy8l9A82FT4tJ3hdLw20lJSf7_PR0dp7slH9nMwx3LQbtCLT4ZEfwFig0-nlPeSXQFeyc1B4nLAI5TAWzXErnEGrAG-BZcZyvAs9lC3n4IQpT29Mt
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVWdpgKv6ZLyZHbfF2Vnh6Cwo20fjwtt3XiIJm5lo_f-zQHvoBuZULDG86Ogzbib4dQl3oyV8ASy8l9A82FT4tJ3hdLw20lJSf7_PR0dp7slH9nMwx3LQbtCLT4ZEfwFig0-nlPeSXQFeyc1B4nLAI5TAWzXErnEGrAG-BZcZyvAs9lC3n4IQpT29Mt?dmid=583c8dbee1696ef7
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.wTrOxvgCq5g.es5.O/d=1/rs=AJlcJMyhEsIQuPp0TmKFNKnyIICo3o8oDA/m=iabtcfv2wallscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OODeFVB8lEC8P6a6DtJ6Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OODeFVB8lEC8P6a6DtJ6Ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://primerinforme.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://primerinforme.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OODeFVB8lEC8P6a6DtJ6Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OODeFVB8lEC8P6a6DtJ6Ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 2817 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1642810627.cds013.am5.hn,1642810627.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame A770 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1150120&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fprimerinforme.com%2F&dnt=0&c1=&c2=1&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c5=&c6=56318&rnd=34076696&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.39 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e64f9ea38cacfeeb2968dcd27d1d9527e3e8ae8d15ce7a7007ffeb39c5f07fb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1354
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v121/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v121/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://primerinforme.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:29:21 GMT
x-content-type-options
nosniff
age
276466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121784
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 19:29:21 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://primerinforme.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 00:14:34 GMT
x-content-type-options
nosniff
age
259353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 00:14:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://primerinforme.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 00:14:34 GMT
x-content-type-options
nosniff
age
259353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 00:14:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://primerinforme.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 00:14:34 GMT
x-content-type-options
nosniff
age
259353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 00:14:34 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame BAC2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1642810627.cds013.am5.hn,1642810627.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 1EAE 		180 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1150121&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fprimerinforme.com%2F&dnt=0&c1=&c2=1&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c5=&c6=56318&rnd=92167181&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.39 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
hd60.js
tags.newdreamglobal.com/service/ 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/service/hd60.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=primerinforme.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29729f4ac95c84dc7bdd3f075cc654ebebf1e4a0ce34bf229ae2210232c2ae6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5016
cf-polished
origSize=40868
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 05 Oct 2021 15:53:08 GMT
server
cloudflare
etag
W/"615c74e4-9fa4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VB3tFmMMLnj7ULX6hiIGRCy%2BfnOETLEcG%2F5WxSO9BSiCmTYDee8TvFCmKXiMb6RwWmkfuLeP6JqOX0dtS1ZqdyEyGSNXchyGKrWXpw01njNmxaWZGhdXT%2BBJwSQZuG99ks5%2BINF6rltLtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=600, s-maxage=3600, stale-while-revalidate=3600, must-revalidate
cf-ray
6d1498f7fc036939-FRA
cf-bgj
minify
110220698
fundingchoicesmessages.google.com/i/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/110220698?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8eac0bdc693df10f7dec87f23c5155bc9531496296318496dcafbb4a6686cb0f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-G+ckkO4R5LBhaqfe16DvUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-G+ckkO4R5LBhaqfe16DvUQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-G+ckkO4R5LBhaqfe16DvUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-G+ckkO4R5LBhaqfe16DvUQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 2817 		0
0
cs
cs.lkqd.net/ Frame 2817 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2817 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2817 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2817
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2591270178361167074
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2591270178361167074
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2591270178361167074
pragma
no-cache
date
Sat, 22 Jan 2022 00:17:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame BAC2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame BAC2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame BAC2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame BAC2 		0
0
cs
cs.lkqd.net/ Frame BAC2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2375097396247383266
0
0
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/service/hd60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
289
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1FSFKXYJ31ZKD51XWGJ1
date
Sat, 22 Jan 2022 00:12:18 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
JkevU66rdiffQBs34YymmuC4d0vPhnwCGfdU7RC8EmZ5dGRD79GtTg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fprimerinforme.com&pubid=9ebc2692-db4b-4928-9f77-ac72f583423b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 19:43:24 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
server
Server
age
16422
x-cache
Hit from cloudfront
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
zQsGd897ahVNi7K1qqLO6DTa95rOup_pxRBgnSDDQjNQlG3-HlIc4w==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fprimerinforme.com%2F&pr=https%3A%2F%2F1erinforme.com%2F&pid=5ZUqT700FD4gT&cb=0&ws=1600x1200&v=7.72.0&t=3000&slots=%5B%7B%22sd%22%3A%22ngb_si2381%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22076230490%2Fstickybottom%22%7D%2C%7B%22sd%22%3A%22ngb_si2093%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22076230490%2FBox2%22%7D%2C%7B%22sd%22%3A%22ngb_si1753%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22076230490%2FBox1%22%7D%2C%7B%22sd%22%3A%22ngb_si1729%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22076230490%2FFlat1%22%7D%5D&schain=1.0%2C1!newdreamglobal.com%2C31%2C1%2C%2C%2C&pubid=9ebc2692-db4b-4928-9f77-ac72f583423b&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
RFB2FEN670D7YMY5X0DD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://primerinforme.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
mIDRKjAqO5NUWZP8reNna3wNJb3c4gxZq1Pfr7QE7Y5FYw7Pee4VEA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 02:58:21 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
76727
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
I0x6SqlnTMaBAj6smoOq9t10rRJ5tUpl93bzz2x-B1XVVOS8JQy9uw==
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.138 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://primerinforme.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://primerinforme.com
t
t.lkqd.net/ Frame 48B0 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.138 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://primerinforme.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://primerinforme.com
t
t.lkqd.net/ Frame 5453 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.138 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://primerinforme.com
date
Sat, 22 Jan 2022 00:17:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 324D 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1642810628.cds013.am5.hn,1642810628.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame C109 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1642810628.cds013.am5.hn,1642810628.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 324D 		126 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1150120&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fprimerinforme.com%2F&dnt=0&c1=&c2=1&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c5=&c6=56318&rnd=34076696&m=&rtv=1&thost=primerinforme.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.39 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
13eef8ae4745d75187fbdd10cb075db269002d9617bda41542901ccaca63f423

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
7327
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1150120&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fprimerinforme.com%2F&dnt=0&c1=&c2=1&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c5=&c6=56318&rnd=34076696&m=&rtv=1&thost=primerinforme.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.39 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://primerinforme.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:08 GMT
content-length
0
access-control-allow-origin
https://primerinforme.com
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame C109 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C109 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C109 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C109 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C109
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2591270178361167074
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2591270178361167074
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2591270178361167074
pragma
no-cache
date
Sat, 22 Jan 2022 00:17:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 82DA 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.138 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://primerinforme.com
date
Sat, 22 Jan 2022 00:17:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.138 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://primerinforme.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://primerinforme.com
/
adx.adform.net/adx/ 		65 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fprimerinforme.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://primerinforme.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/xml
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
rtb
a.vidoomy.com/api/rtbserver/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=977008787&w=400&h=225&skip=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F97.0.4692.71%20Safari%2F537.36&l=EN&dt=2&c=DE&pid=56318&sid=&sname=&d=primerinforme.com&sp=https%3A%2F%2Fprimerinforme.com%2F&coppa=&gdpr=1&gdprcs=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://primerinforme.com
date
Sat, 22 Jan 2022 00:17:08 GMT
access-control-allow-credentials
true
vary
Origin
access-control-expose-headers
X-Vd-C
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fprimerinforme.com%2F&cb=1773328953&player_width=400&player_height=225&regs[gdpr]=1&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C15303739454594225843402937567%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 22 Jan 2022 00:17:08 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000412
X-SpotX-Timing-SpotMarket
0.006831
X-SpotX-Timing-Page-Mux
0.000186
X-SpotX-Timing-Page-Require
0.000323
X-fe
025
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
Content-Length
77
X-SpotX-Timing-Page
0.014588
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003354
Last-Modified
Sat, 22 Jan 2022 00:17:08 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.006831
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://primerinforme.com
X-SpotX-Timing-Page-Misc
0.003447
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000008
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
adx.adform.net/adx/ 		65 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fprimerinforme.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://primerinforme.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/xml
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1450516526&gdpr=1&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fprimerinforme.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56318&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://primerinforme.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C45942258434029375672067256203%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
58a749c35a0a40eb0d4f1306c3e2b36e8a285eaf840db6c88db4cbaccf567d09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
604
expires
Sat, 22 Jan 2022 00:17:08 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		990 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C4594225843402937567437443388%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
43f0929b168ee969d89806845cd3d2f25ed4f37a9de8c6aea3b4b12b3b64d8e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
604
expires
Sat, 22 Jan 2022 00:17:08 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C45942258434029375671927799403%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b77237055fb1a7c3add9fcd45ea27f9e49c46d9ce75a77df892fe3568ed10e1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:08 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
605
expires
Sat, 22 Jan 2022 00:17:08 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C1670801494594225843402937567,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
40580a2475f5f7759e47b83e875e7916d3d58fa64112cd72dfeb64b3c48744f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:08 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1156
x-sticky-vk
1642810628753029-413
Expires
Sat, 22 Jan 2022 00:17:08 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=1&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C4594225843402937567299658240%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
767e33fedbb11bffeca2a12b41d185555821f99f054c70dc172b031d4c53a2c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:08 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1642810628800021-530
Expires
Sat, 22 Jan 2022 00:17:08 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=1&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C4594225843402937567662713612%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bfdee0ff05a5ad28f08e984cdced9e70371cc506ccd730e4150f76bc40d362ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:08 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1642810628889002-359
Expires
Sat, 22 Jan 2022 00:17:08 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=1&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C45942258434029375671874561331%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
84a7544145a053767b8c7d0b62f71367aa2f355ea32312d9979f9bdc59a8e9b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:08 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1192
x-sticky-vk
1642810628546067-506
Expires
Sat, 22 Jan 2022 00:17:08 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=975555342&gdpr=1&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fprimerinforme.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56318&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://primerinforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://primerinforme.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.138 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://primerinforme.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://primerinforme.com
t
t.lkqd.net/ Frame 82DA 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.138 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://primerinforme.com
date
Sat, 22 Jan 2022 00:17:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_99304143.js
vpaid.springserve.com/production/ Frame 4880 		499 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_99304143.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:3400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05759c56fd37bf9c521547bd3ece71410a9410379afa4a1d72efe91ce638ab32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:02:11 GMT
content-encoding
br
last-modified
Fri, 14 Jan 2022 15:52:40 GMT
server
AmazonS3
age
634499
etag
W/"11eb39eae297f2408c060c04a8104958"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
1rjmfAJ986r6JatDdbOobwYXzlWFxFLl798UjPwyz5Hx4d9afY64eA==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 4880 		961 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9fa66943c1b03cd114263038f87d8ec320e4eab2ab0ad86a56db2180c9657344

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:09 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
588
expires
Sat, 22 Jan 2022 00:17:09 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 4880 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
872bc6be26a81f9e8600939dc7c72f1fbfa223471062aefdd05cc179ecd24e75
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:09 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a25fcb7f-ee30-4e5a-ae98-171d5e7d806f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 4880 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6a409718c9ef62b0d53023b66aee7eeec1a1702966c83b01b0ae7107dfe263a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:09 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
04393bd8-47f2-46c6-b11e-4df00f9fa343
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 4880 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://primerinforme.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 4880 		165 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
956013579e5ae4211d83e9906baf6435c158ebac83c85d8293891f9fb427226a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:09 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c339748a-1132-49b8-adaf-284719a5ae5c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
165
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame B9EC 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame D523 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=17599
expires
Sat, 22 Jan 2022 05:10:28 GMT
date
Sat, 22 Jan 2022 00:17:09 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B9EC 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 05:13:08 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-9687-5d547824a78f1"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=17599
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13928
expires
Sat, 22 Jan 2022 05:10:28 GMT
t
t.lkqd.net/ Frame 82DA 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.138 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://primerinforme.com
date
Sat, 22 Jan 2022 00:17:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.138 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://primerinforme.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://primerinforme.com
PugMaster
image6.pubmatic.com/AdServer/ Frame D523 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73915303&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a8dc48e583a5ae3ac6049fdd11a165f1c1c0812c3c3f0d00619dace400048618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 608B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=04D52FB6-6642-4789-B6BE-6C153E86A92E
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=04D52FB6-6642-4789-B6BE-6C153E86A92E
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=04D52FB6-6642-4789-B6BE-6C153E86A92E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:09 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 22 Jan 2022 00:17:09 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=04D52FB6-6642-4789-B6BE-6C153E86A92E
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 22A2
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4333243253603985210
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4333243253603985210
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:08 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug015:0:357
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4333243253603985210
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 5F42
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f5bf61eb-4d05-4800-84f8-336fb7eee0d5&gdpr=0&gdpr_consent=
42 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f5bf61eb-4d05-4800-84f8-336fb7eee0d5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:09 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug014:0:395
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Sat, 22 Jan 2022 00:17:09 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f5bf61eb-4d05-4800-84f8-336fb7eee0d5&gdpr=0&gdpr_consent=
Expires
Sat, 22 Jan 2022 00:17:08 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 9362 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sat, 22 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
418471
strict-transport-security
max-age=31536000; preload;
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D523
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BNUvtmZCR4m2vmwVPoapLg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=99851
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 23 Jan 2022 04:01:20 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D523
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=63c161eb-4d05-4f00-bece-9c05f26217c9
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=63c161eb-4d05-4f00-bece-9c05f26217c9
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 22 Jan 2022 00:17:09 GMT
Server
MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=63c161eb-4d05-4f00-bece-9c05f26217c9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 22 Jan 2022 00:17:08 GMT
mw
mwzeom.zeotap.com/ Frame D523
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=04D52FB6-6642-4789-B6BE-6C153E86A92E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=b1a72ac9-ca63-46da-b886-497dee0775ae&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3b7f55e2b9b97b1ff7e78282fd28e437
  • https://spl.zeotap.com/?zdid=1332&zcluid=57647adb9008777b
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86527967-b67f-49c7-493c-06ca0e0d31d0&reqId=5eb465ea-231c-4b23-7b5c-c581b7c32731&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGjpgN-Gw26wlfzOoGJYnMU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86527967-b67f-49c7-493c-06ca0e0d31d0&reqId=5eb465ea-231c-4b23-7b5c-c58...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGjpgN-Gw26wlfzOoGJYnMU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86527967-b67f-49c7-493c-06ca0e0d31d0&reqId=5eb465ea-231c-4b23-7b5c-c581b7c32731&zcluid=57647adb9008777b&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d149906186142e7-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGjpgN-Gw26wlfzOoGJYnMU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86527967-b67f-49c7-493c-06ca0e0d31d0&reqId=5eb465ea-231c-4b23-7b5c-c581b7c32731&zcluid=57647adb9008777b&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D523
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDRENTJGQjYtNjY0Mi00Nzg5LUI2QkUtNkMxNTNFODZBOTJF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 22:54:33 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0025:0:427
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D523
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMjDpG2WJipzg7ofusQImIs&google_cver=1
42 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMjDpG2WJipzg7ofusQImIs&google_cver=1
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:387
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMjDpG2WJipzg7ofusQImIs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D523 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 21 Jan 2022 00:17:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D523
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7730428933004856591
42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7730428933004856591
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:324
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:09 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7730428933004856591
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D523
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b1a72ac9-ca63-46da-b886-497dee0775ae
42 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b1a72ac9-ca63-46da-b886-497dee0775ae
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:473
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b1a72ac9-ca63-46da-b886-497dee0775ae
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame D523
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5746621694371645460&gdpr=0&gdpr_consent=
42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5746621694371645460&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:362
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:09 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8f0861fd-2e05-4254-93b1-0db008244971
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5746621694371645460&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D523
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8BwTkPJJRsfrTEbC9RhblqMfTsvrGkPB8B_WqDt0
42 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8BwTkPJJRsfrTEbC9RhblqMfTsvrGkPB8B_WqDt0
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:394
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8BwTkPJJRsfrTEbC9RhblqMfTsvrGkPB8B_WqDt0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame B9EC 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,&us_privacy=&cb=1642810629546&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fprimerinforme.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fprimerinforme.com%252F&vwndref=https%3A%2F%2F1erinforme.com%2F&vc=2&js=1&sec=1&kltstamp=2022-1-22%200:17:10&ranreq=0.47692089373850677&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://primerinforme.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 4880 		961 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ea28c52585ce74a10f963510b8bab43262f9fd0ae912bd514b3d9bd38224131a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:10 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Sat, 22 Jan 2022 00:17:10 GMT
track
aktrack.pubmatic.com/ Frame 4880 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1642810629&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
content-length
0
content-type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 11C5 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 28AC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=17598
expires
Sat, 22 Jan 2022 05:10:28 GMT
date
Sat, 22 Jan 2022 00:17:10 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 11C5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 05:13:08 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-9687-5d547824a78f1"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=17598
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13928
expires
Sat, 22 Jan 2022 05:10:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 28AC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38600378&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f45f369d5b5004dd5a55ce0d5d3653a3581c605902d2f04f6e3795f9099ccc69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2034
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 5902
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7055817929376397455
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7055817929376397455
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 22 Jan 2022 00:17:10 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug027:0:467
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 22 Jan 2022 00:17:10 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7055817929376397455
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 1DEC 		0
0
sync
sync.srv.stackadapt.com/ Frame 1848 		0
0
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame A6EF 		0
0
Artemis
aud.pubmatic.com/AdServer/ Frame 28AC
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=04D52FB6-6642-4789-B6BE-6C153E86A92E&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=04D52FB6-6642-4789-B6BE-6C153E86A92E&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=04D52FB6-6642-4789-B6BE-6C153E86A92E&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=04D52FB6-6642-4789-B6BE-6C153E86A92E&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Sat, 22 Jan 2022 00:17:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=04D52FB6-6642-4789-B6BE-6C153E86A92E&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 28AC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=04D52FB6-6642-4789-B6BE-6C153E86A92E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=04D52FB6-6642-4789-B6BE-6C153E86A92E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=04D52FB6-6642-4789-B6BE-6C153E86A92E&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:07 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:07 GMT
frontend-id
7
location
/pubmatic/1/info2?sType=sync&sExtCookieId=04D52FB6-6642-4789-B6BE-6C153E86A92E&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 28AC 		95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=04D52FB6-6642-4789-B6BE-6C153E86A92E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d1499076b0e42e7-FRA
access-control-allow-headers
*
content-length
95
match
a.audrte.com/ Frame 28AC 		0
0
04D52FB6-6642-4789-B6BE-6C153E86A92E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 28AC 		43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/04D52FB6-6642-4789-B6BE-6C153E86A92E?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:136:97c8:e62d:2cb2 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 28AC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=04D52FB6-6642-4789-B6BE-6C153E86A92E&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=04D52FB6-6642-4789-B6BE-6C153E86A92E&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A_8aPdxE2uUo0R_1JFJA1Z.eoFq3Z5E-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A_8aPdxE2uUo0R_1JFJA1Z.eoFq3Z5E-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A_8aPdxE2uUo0R_1JFJA1Z.eoFq3Z5E-~A&gdpr=0&gdpr_consent=
date
Sat, 22 Jan 2022 00:17:10 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 28AC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=f000cafc0a0449ccaea9b0a49a0f8c01&ssp=pubmatic&bsw_param=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:498
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=31ca0966-ce42-4fe6-8ba0-d3db3b971ba5&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sat, 22 Jan 2022 00:17:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 28AC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2591270178361167074&gdpr=0&gdpr_consent=&us_privacy=
1 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2591270178361167074&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:449
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2591270178361167074&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 22 Jan 2022 00:17:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 28AC 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=04D52FB6-6642-4789-B6BE-6C153E86A92E&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:10 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 28AC 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 11C5 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,&us_privacy=&cb=1642810630250&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fprimerinforme.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fprimerinforme.com%252F&vwndref=https%3A%2F%2F1erinforme.com%2F&vc=2&js=1&sec=1&kltstamp=2022-1-22%200:17:10&ranreq=0.3365772018677169&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628733,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://primerinforme.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 4880 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=a123daed&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://primerinforme.com
date
Sat, 22 Jan 2022 00:17:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 4880 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1642810630&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
content-length
0
content-type
text/html
truncated
/ Frame 324D 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_99304143.js
vpaid.springserve.com/production/ Frame FD0F 		499 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_99304143.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:3400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05759c56fd37bf9c521547bd3ece71410a9410379afa4a1d72efe91ce638ab32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:02:11 GMT
content-encoding
br
last-modified
Fri, 14 Jan 2022 15:52:40 GMT
server
AmazonS3
age
634501
etag
W/"11eb39eae297f2408c060c04a8104958"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
UITaHJYZ81_8znR0VEnAy2RbB8IJ5NN6voIedBsl4MrCYHV0nArPGg==
track
aktrack.pubmatic.com/ Frame 4880 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1642810629&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:11 GMT
content-length
0
content-type
text/html
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame FD0F 		961 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628734,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d9d44561b2ce9127e1fb84a4f37f7a75149fd95da55e56a90004c521dbbbc00b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 00:17:11 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://primerinforme.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Sat, 22 Jan 2022 00:17:11 GMT
prebid
ib.adnxs.com/ut/v3/ Frame FD0F 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d378b3556fa423b4147f38d02a0da736c4ee05a76aa36fe043cbed5292d2d8e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:11 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a5a5e20a-52ac-4a1b-bc91-fd4a023b9b5a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame FD0F 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ac3135364f2c64c340695fdd5f97a274d8153cb8bd5832077744d054cd4c0144
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:11 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2387c2b5-0ceb-4302-8989-12dfe26766fc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame FD0F 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://primerinforme.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame FD0F 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ccc28e859c26cff812000574c23f81b742b10046de4d51d494a831d9da0a3152
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 00:17:11 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5b802753-5811-4b2b-9ccb-087f438f87ef
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://primerinforme.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 3D53 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628734,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:11 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6008 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628734,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=17597
expires
Sat, 22 Jan 2022 05:10:28 GMT
date
Sat, 22 Jan 2022 00:17:11 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3D53 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fprimerinforme.com%2F&schain=1.0,1!vidoomy.com,56318,1,1642810628734,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:11 GMT
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 05:13:08 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-9687-5d547824a78f1"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=17597
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13928
expires
Sat, 22 Jan 2022 05:10:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6008 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87557821&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:17:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1606
content-type
text/html; charset=UTF-8
/
csync.loopme.me/ Frame 76CE 		0
0
cm
green.erne.co/pubmatic/ Frame 7651 		0
0
i.match
a.tribalfusion.com/ Frame 4B07 		0
0
dpe
ad4m.at/ad/ Frame F39D 		0
0
pubmatic&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame E04C 		0
0
cookiesync
core.iprom.net/ Frame B0E6 		0
0
rtb-h
trc.taboola.com/sg/pubmatic-ssp-network/1/ Frame AA6B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/plugins/ua/linkid.js
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2375097396247383266
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=04D52FB6-6642-4789-B6BE-6C153E86A92E
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Domain
green.erne.co
URL
https://green.erne.co/pubmatic/cm?
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
ad4m.at
URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync
Domain
trc.taboola.com
URL
https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| $ function| jQuery string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout function| gaOptout string| GoogleAnalyticsObject function| __gaTracker object| _wpemojiSettings object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| monsterinsights_frontend function| MonsterInsights object| MonsterInsightsObject string| current_domain string| mainDomain object| re_test undefined| http function| gtag object| dataLayer object| google_tag_manager object| _0xe99f object| googletag object| gtsur undefined| Cookies object| jetpackLazyImagesL10n object| wp object| _stq number| w3tc_lazyload object| lazyLoadOptions function| st_go function| linktracker_init object| wpcom function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| twemoji function| cnxps object| t object| n object| a object| e object| r function| __d3lUW8vwsKlB__ object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked object| ZDFkMDhiZjc5ZjkxZGEyMGxvYWRlcl9qcw== string| ZDFkMDhiZjc5ZjkxZGEyMGNhY2hlZF9qcw== object| googlefc string| __fcexpdef object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| eHost string| vvia string| vvib string| vvic string| vvid string| vvie string| vvif string| vvig string| vvih string| vvii string| vvij string| vvik string| vvil string| vvim string| vvin function| callPlayers function| __tcfapi_8928924878912 object| lkqdSettings object| vpaidLoader object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__ object| ggeac object| google_js_reporting_queue function| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO object| mnet undefined| google_measure_js_timing number| PREBID_REFRESH_TIMEOUT boolean| execPreBid object| hbAdunitsFilter boolean| STREAM_PREBID object| apstagSlots object| adUnits function| execHB function| fetchHeaderBids function| _getGPTSlots function| _getRefreshHBSlots function| _displayGPTSlots function| ndgDefineSlotsDFP function| initPubstack object| apstag object| pbstck object| Pubstack boolean| apstagLOADED object| lkqd object| mobile_blocked_mfs function| lkqd_http_response

56 Cookies

Domain/Path Name / Value
.1erinforme.com/ Name: _ga
Value: GA1.2.900916215.1642810626
.1erinforme.com/ Name: _gid
Value: GA1.2.2060710954.1642810626
.primerinforme.com/ Name: _ga
Value: GA1.2.745265234.1642810626
.primerinforme.com/ Name: _gid
Value: GA1.2.652700534.1642810626
.primerinforme.com/ Name: _gat
Value: 1
.primerinforme.com/ Name: _gat_gtag_UA_138118488_1
Value: 1
ads.stickyadstv.com/ Name: UID
Value: 38692087847f5f5044b23d6e8ff317ea
ads.stickyadstv.com/ Name: sessionId
Value: d840a88440d97c206eedd9351e16afc2
.bidswitch.net/ Name: tuuid
Value: 31ca0966-ce42-4fe6-8ba0-d3db3b971ba5
.bidswitch.net/ Name: c
Value: 1642810627
.bidswitch.net/ Name: tuuid_lu
Value: 1642810627
.doubleclick.net/ Name: IDE
Value: AHWqTUnsuDiBZlCp7RSeCxQB0H4-jaDxaCjfhEU-0WHg5euo_GNL2yEPCFkzbSqA5d4
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjMxY2EwOTY2LWNlNDItNGZlNi04YmEwLWQzZGIzYjk3MWJhNSIsImV4cGlyZXMiOjE2NDU0MDI2Mjh9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2NDU0MDI2Mjd9fX0=
.turn.com/ Name: uid
Value: 2591270178361167074
.spotxchange.com/ Name: audience
Value: a32ef6fb-7b18-11ec-8656-11372f1a0006
.adnxs.com/ Name: icu
Value: ChgI1dN1EAoYASABKAEwhZqtjwY4AUABSAEQhZqtjwYYAA..
.adnxs.com/ Name: uuid2
Value: 5746621694371645460
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 04D52FB6-6642-4789-B6BE-6C153E86A92E
.quantserve.com/ Name: d
Value: EMQBCwGhJfijAA
.quantserve.com/ Name: mc
Value: 61eb4d05-a0035-de289-75362
.mathtag.com/ Name: uuid
Value: 63c161eb-4d05-4f00-bece-9c05f26217c9
.simpli.fi/ Name: suid
Value: 00824E57CF3A46339AF1BAF298BD33A1
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5746621694371645460&KRTB&23339-5746621694371645460
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-8BwTkPJJRsfrTEbC9RhblqMfTsvrGkPB8B_WqDt0&KRTB&19420-8BwTkPJJRsfrTEbC9RhblqMfTsvrGkPB8B_WqDt0&KRTB&22979-8BwTkPJJRsfrTEbC9RhblqMfTsvrGkPB8B_WqDt0
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMjDpG2WJipzg7ofusQImIs&KRTB&16514-CAESEMjDpG2WJipzg7ofusQImIs&KRTB&23025-CAESEMjDpG2WJipzg7ofusQImIs
.onaudience.com/ Name: cookie
Value: 57647adb9008777b
.onaudience.com/ Name: done_redirects147
Value: 1
.adform.net/ Name: uid
Value: 7730428933004856591
.de17a.com/ Name: guid2
Value: 1.4333243253603985210
.adsrvr.org/ Name: TDID
Value: b1a72ac9-ca63-46da-b886-497dee0775ae
.pubmatic.com/ Name: SPugT
Value: 1642810629
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7730428933004856591&KRTB&23263-7730428933004856591
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f5bf61eb-4d05-4800-84f8-336fb7eee0d5&KRTB&16736-uid:f5bf61eb-4d05-4800-84f8-336fb7eee0d5&KRTB&23019-uid:f5bf61eb-4d05-4800-84f8-336fb7eee0d5&KRTB&23208-uid:f5bf61eb-4d05-4800-84f8-336fb7eee0d5
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4333243253603985210
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjm0POB0tGuOhAFGAUgASgCMgsI_J7arejRrjoQBTgB
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b1a72ac9-ca63-46da-b886-497dee0775ae&KRTB&22918-b1a72ac9-ca63-46da-b886-497dee0775ae&KRTB&23031-b1a72ac9-ca63-46da-b886-497dee0775ae
.onaudience.com/ Name: done_redirects104
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 3b7f55e2b9b97b1ff7e78282fd28e437
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME4yTzM1TTVKskyyNE8yTEszTzW3MLIwSksxskg1MTZnAILE176sIBoKAFtvCpw%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIfO3LCqSgAAAVIgGf"
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: 86527967-b67f-49c7-493c-06ca0e0d31d0
.zeotap.com/ Name: zsc
Value: %2605%8C%80p%A0%D5%91%80s%F8%C1%E5X%98c%DA%8F%081o%D8%09%7B%EFww%AA%07%29%F8x%E1%F2%0D%2B%1At%8E%E1%B4d%BC%FC%E9k%F8%D6%FD%D6%3Du%E0%B9%0F%E14%EA%3C%3A%25%A5Y%D0%A4%BC%AE8l%FE%C0O%96%D9V%0Ez%91%8C%7FMf
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156498:3
.pubmatic.com/ Name: DPSync3
Value: 1644019200%3A219_201_221_226_227_235_197%7C1642896000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1644019200%3A220_3_161_71_81_7_8_22_21_166_56_13_233_54%7C1644105600%3A35%7C1643673600%3A63%7C1645401600%3A203%7C1643414400%3A223_15_2
.adfarm1.adition.com/ Name: UserID1
Value: 7055817929376397455
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2591270178361167074
.pubmatic.com/ Name: PugT
Value: 1642810630

1 Console Messages

Source Level URL
Text
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1erinforme.com
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
ad.lkqd.net
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
aud.pubmatic.com
c.amazon-adsystem.com
c1.adform.net
cd.connatix.com
cds.connatix.com
cm.g.doubleclick.net
core.iprom.net
cs.lkqd.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
green.erne.co
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.wp.com
pr-bh.ybp.yahoo.com
primerinforme.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
search.spotxchange.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
stats.g.doubleclick.net
stats.wp.com
stg.vidoomy.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.lkqd.net
tags.newdreamglobal.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
a.audrte.com
a.tribalfusion.com
ad4m.at
core.iprom.net
cs.lkqd.net
csync.loopme.me
green.erne.co
match.adsby.bidtheatre.com
match.prod.bidr.io
sync-tm.everesttech.net
sync.1rx.io
sync.srv.stackadapt.com
t.lkqd.net
trc.taboola.com
www.google-analytics.com
104.21.1.8
104.26.3.164
142.250.181.226
142.250.186.162
143.204.95.188
146.0.227.110
146.20.128.138
146.20.128.39
146.20.128.59
151.101.2.137
151.139.128.11
169.50.137.184
178.250.2.151
18.156.0.31
185.29.132.245
185.64.189.110
185.64.189.111
185.64.189.229
185.64.190.78
185.64.190.80
185.94.180.124
192.0.76.3
198.47.127.20
2.18.233.180
2.21.142.210
2001:678:cb4:bbbb::11
213.155.156.168
2600:9000:236e:3400:15:6f6c:b180:93a1
2606:4700:10::6816:1957
2606:4700:3033::ac43:b62d
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c04::9c
2a02:fa8:8806:12::1400
2a05:d018:d29:3602:136:97c8:e62d:2cb2
3.122.136.79
3.126.65.212
3.129.250.65
3.139.192.142
35.201.96.126
37.157.3.29
37.157.6.245
37.252.172.37
51.210.112.63
52.215.102.174
52.223.40.198
52.57.69.138
66.155.71.150
77.243.60.138
85.114.159.93
99.83.189.147
030c6d4045956930d5b9231b69a1f7d555625933bef4464202284207a35e1f73
03174599ab2cd340325e5ae49ec868e13b942e44b625114525ee03cf0e533b46
0530384d8115b9411cd4fac3bad2e6565ab2ddf9c866c86b1422a65dfccb3980
05759c56fd37bf9c521547bd3ece71410a9410379afa4a1d72efe91ce638ab32
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
13eef8ae4745d75187fbdd10cb075db269002d9617bda41542901ccaca63f423
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
16c90374efa8b713495a69b3547b2d5fe21d661c592f480e675726a567135190
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
29729f4ac95c84dc7bdd3f075cc654ebebf1e4a0ce34bf229ae2210232c2ae6a
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
374c24f275c13355a1dd873e100504ac463467c6016c010ed5ee596d9027d4db
3e69300586f1d02b274e403801ed44f9be74ac9a279e5559431dd75ab2a31d48
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec4761b5338ebd36dcb9580993b807c5d118288969bb8506838ccdde545ddb4
40580a2475f5f7759e47b83e875e7916d3d58fa64112cd72dfeb64b3c48744f9
43f0929b168ee969d89806845cd3d2f25ed4f37a9de8c6aea3b4b12b3b64d8e0
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c0e90aefc745c11a7f2e430791d1c389e8e7470e4b3357cbf69bae327dced50
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd4bc836d0098cb7ddf7a664549351e2b5abce0ded9638da659f81c5bc09361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5682881b5ce1d3a19fa81fc4be0bcec33980f4ecc72228f6ec339d412d3b65ac
56d25cdb8fcd743018954ccbdec1701c7cf814243719132103e8d6b39634dbf1
58a749c35a0a40eb0d4f1306c3e2b36e8a285eaf840db6c88db4cbaccf567d09
58d96c6856c8a602689084ed5558f3dde1453c67762a47d347869f9c13444fd4
5b60e34433d0826922b91dbb70565d5437ba532b97de8a85d87faac303dc8d65
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cad39e065a228660443e63ecd1d2a839c25e634400954c6afa83e8a3e62fbe5
639ef6500a5ec04531a495d9331bac9c0b0b69db342787cc09685208eb7f101c
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
677fa624ee7d85b17464e79a29d0398b3199babaa3a4003251e7004187d7704a
6a409718c9ef62b0d53023b66aee7eeec1a1702966c83b01b0ae7107dfe263a9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6e4827ea548c4e9a60bd7aa4c1eae0dd9c7b0d4f2fa0627cb781bb36cfa8c13b
72ed4d558f24ed39effa6c190ff5a956b6885f8cb84c355c1e6a3571a62b98c5
731692cdbcd1b62abb9b6847629cc1154818f072069b6193cb968c11c851149a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
762f66303e01aa7afb8f8fc76ade21eb9cc85b884387fdd85c431d7118bb0b7e
767e33fedbb11bffeca2a12b41d185555821f99f054c70dc172b031d4c53a2c0
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
795f39e721862274ea26a057642325c485281f988a91fb2581b565fcd19eff90
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7de4dd417f1666364339c17cbcaaf3b8c615f5a7072c3e54be66ea8ae3d4480f
7ff858de88882671b18166107eef09e7d4b58232d720c6db7bf04077b5565d89
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a7544145a053767b8c7d0b62f71367aa2f355ea32312d9979f9bdc59a8e9b3
872bc6be26a81f9e8600939dc7c72f1fbfa223471062aefdd05cc179ecd24e75
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8eac0bdc693df10f7dec87f23c5155bc9531496296318496dcafbb4a6686cb0f
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91ea3e1e1c9d94a2789f1131947629240ecff4a8d2712feee4341a8c2cbf69ba
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9318a745972f39730fead8f17edb269f9961a47f6df0c73db0b5558557e75b13
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
956013579e5ae4211d83e9906baf6435c158ebac83c85d8293891f9fb427226a
9670006d56317442f76c06d27fa377a86269d4ea79d5c11408acd245f9dfaf94
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9da88e942e6aee489526e53e74f2eebe0788e57037a3056a4e883014f326d7d5
9fa66943c1b03cd114263038f87d8ec320e4eab2ab0ad86a56db2180c9657344
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4f9c1995de9f92f05f1a5cd0c4987e359e1aa41613bb6a33f9c82837b29e6d8
a8dc48e583a5ae3ac6049fdd11a165f1c1c0812c3c3f0d00619dace400048618
a987b3e26dc60a6e0c017c0cf810047e0532f9922c79d581e3c90ec3bade67d3
a9d2e78812141cb6bd52550584bee81e8e52038a8e1c0d9c0b40c38e652d7aec
aa23ea58c0ac02a560e937352bcc927e56233c8f7d2f8d36f327ba87b47cff51
ac3135364f2c64c340695fdd5f97a274d8153cb8bd5832077744d054cd4c0144
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b77237055fb1a7c3add9fcd45ea27f9e49c46d9ce75a77df892fe3568ed10e1e
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0
bd37d8d70a6e6a90c926ac503b4cf910d62348fb0ca3b5d031ee8af71217956b
bfdee0ff05a5ad28f08e984cdced9e70371cc506ccd730e4150f76bc40d362ae
c23e1ac09981f482a8e986029bb865a4ad954540e785f04c3367bfc30f62601b
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c88251802154dc5a8cb0f1b3ac376f1f31caf87bfafda223d6d08e5b287f248a
ca90a80b95d16f2436ead46636bd4bac374e0a28fd75c4a2f20cabc3a5acee70
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9
ccc28e859c26cff812000574c23f81b742b10046de4d51d494a831d9da0a3152
ce1b6eccc5f9d6224e9b6c675c8201ca69763f6af25a8d8a044a27851d204e9c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d378b3556fa423b4147f38d02a0da736c4ee05a76aa36fe043cbed5292d2d8e7
d9d44561b2ce9127e1fb84a4f37f7a75149fd95da55e56a90004c521dbbbc00b
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e11066131581f19cd6717950c6483495007f3daab3b91dff4d07cd2619a3fba1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64f9ea38cacfeeb2968dcd27d1d9527e3e8ae8d15ce7a7007ffeb39c5f07fb4
e729069a417a8c4b586640684ec4e68148dcd957970bffa1f7cc15148bceb882
ea28c52585ce74a10f963510b8bab43262f9fd0ae912bd514b3d9bd38224131a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f45f369d5b5004dd5a55ce0d5d3653a3581c605902d2f04f6e3795f9099ccc69
f7a474078409d4121e25fa50625207e01c1c039662e022ab7894ab1275c3eaba