m.dir.bg Open in urlscan Pro
194.145.63.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Submission Tags: falconsandbox
Submission: On November 15 via api (November 15th 2021, 7:43:55 am UTC) from US — Scanned from DE

Summary HTTP 384 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 111 IPs in 15 countries across 98 domains to perform 384 HTTP transactions. The main IP is 194.145.63.11, located in Sofia, Bulgaria and belongs to DIRBG-AS, BG. The main domain is m.dir.bg.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 11th 2021. Valid for: a year.

This is the only time m.dir.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	194.145.63.11 194.145.63.11	8860 (DIRBG-AS) (DIRBG-AS)
31	2606:4700:20:... 2606:4700:20::ac43:47c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	116.202.11.240 116.202.11.240	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 4	78.128.6.42 78.128.6.42	31083 (TELEPOINT) (TELEPOINT)
3	188.40.118.169 188.40.118.169	24940 (HETZNER-AS) (HETZNER-AS)
10	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2600:9000:215... 2600:9000:2156:f000:11:2a6a:9480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:4a00:16:f82a:8600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	143.204.98.26 143.204.98.26	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.34 143.204.98.34	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
15	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
13	143.204.98.29 143.204.98.29	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2.16.186.26 2.16.186.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:607	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
3 7	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:20:... 2606:4700:20::681a:a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	44.231.252.170 44.231.252.170	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba69	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	199.187.193.165 199.187.193.165	47043 (SMARTADSE...) (SMARTADSERVER)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1 1	185.86.137.113 185.86.137.113	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a02:26f0:170... 2a02:26f0:1700:6::17d5:a18e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
7	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	52.210.129.48 52.210.129.48	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.7 143.204.101.7	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	54.36.109.48 54.36.109.48	16276 (OVH) (OVH)
1	136.243.76.13 136.243.76.13	24940 (HETZNER-AS) (HETZNER-AS)
3	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.0.173 178.250.0.173	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
2	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:9000:215... 2600:9000:2156:9a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
5 6	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
8 10	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	52.51.58.216 52.51.58.216	16509 (AMAZON-02) (AMAZON-02)
1 1	18.168.102.56 18.168.102.56	16509 (AMAZON-02) (AMAZON-02)
1 1	52.19.29.184 52.19.29.184	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 8	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
6	52.19.63.112 52.19.63.112	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1 24	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 3	34.248.11.216 34.248.11.216	16509 (AMAZON-02) (AMAZON-02)
1 1	162.55.6.213 162.55.6.213	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.251.245.179 72.251.245.179	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 1	94.23.73.243 94.23.73.243	16276 (OVH) (OVH)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
3 3	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 2	52.17.84.146 52.17.84.146	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 2	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 3	18.195.72.140 18.195.72.140	16509 (AMAZON-02) (AMAZON-02)
2 2	194.190.76.38 194.190.76.38	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	15169 (GOOGLE) (GOOGLE)
1	34.254.122.11 34.254.122.11	16509 (AMAZON-02) (AMAZON-02)
1	54.228.184.61 54.228.184.61	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2602:803:c004... 2602:803:c004:200::155	26667 (RUBICONPR...) (RUBICONPROJECT)
2	88.99.70.21 88.99.70.21	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3038::6815:ead6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.255.254 18.195.255.254	16509 (AMAZON-02) (AMAZON-02)
10	34.253.43.221 34.253.43.221	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	93.159.228.11 93.159.228.11	200107 (KL-EXT) (KL-EXT)
2	2600:9000:215... 2600:9000:2156:1a00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2 2	18.196.197.61 18.196.197.61	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.158 38.27.122.158	174 (COGENT-174) (COGENT-174)
1 1	34.194.7.56 34.194.7.56	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.227.93.166 3.227.93.166	14618 (AMAZON-AES) (AMAZON-AES)
384	111

2 194.145.63.11 (Sofia, Bulgaria)

ASN8860 (DIRBG-AS, BG)
PTR: id.dir.bg

m.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:20::ac43:47c9 (United States)

ASN13335 (CLOUDFLARENET, US)

static.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.11.240 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.240.11.202.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.128.6.42 (Bulgaria) 1 redirects

ASN31083 (TELEPOINT, BG)
PTR: ip-6-42.telehouse.bg

gabg.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.40.118.169 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.169.118.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:f000:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5931236223f5dd945ad5f01e61afe94b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4a00:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-26.fra50.r.cloudfront.net

734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-34.fra50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

cmp-consent-tool.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net

likevertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-26.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:607 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.220.100 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.241.23 (United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ads.projectagoraservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.231.252.170 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-252-170.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba69 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.projectagora-adtag-library.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.165 (Canada)

ASN47043 (SMARTADSERVER, CA)

www5.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.113 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:6::17d5:a18e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.129.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-7.fra50.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.109.48 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.76.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.76.243.136.clients.your-server.de

tm.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.216 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.173 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

3pd.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.246 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

sshowads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.58.216 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-58-216.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.102.56 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.29.184 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-29-184.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.63.52.121 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad20.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.19.63.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-63-112.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.248.11.216 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-11-216.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.213 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.179 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia) 1 redirects

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.73.243 (Lisbon, Portugal) 1 redirects

ASN16276 (OVH, FR)
PTR: ip243.ip-94-23-73.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.59.148.16 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.84.146 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.182 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.72.140 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-72-140.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.38 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp10.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.184.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-184-61.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-fra2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.70.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.70.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ead6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.144 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.255.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-255-254.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.253.43.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.159.228.11 (Russian Federation)

ASN200107 (KL-EXT, RU)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1a00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.197.61 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-197-61.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.7.56 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-7-56.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.93.166 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-93-166.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	pubmatic.com 1 redirects ads.pubmatic.com image6.pubmatic.com sshowads.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com aktrack.pubmatic.com simage4.pubmatic.com	129 KB
34	rubiconproject.com 5 redirects ads.rubiconproject.com smarttag.rubiconproject.com eus.rubiconproject.com beacon-fra2.rubiconproject.com token.rubiconproject.com s.update.rubiconproject.com pixel.rubiconproject.com Failed	121 KB
33	dir.bg m.dir.bg static.dir.bg	1 MB
27	doubleclick.net 8 redirects securepubads.g.doubleclick.net pubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	445 KB
24	privacymanager.io gdpr-wrapper.privacymanager.io gdpr.privacymanager.io 734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io geo.privacymanager.io cmp-consent-tool.privacymanager.io	529 KB
22	googlesyndication.com 5931236223f5dd945ad5f01e61afe94b.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	195 KB
21	criteo.net static.criteo.net pix.eu.criteo.net csm.eu.criteo.net	85 KB
15	ampproject.org cdn.ampproject.org	306 KB
14	criteo.com gum.criteo.com bidder.criteo.com 3pd.criteo.com dis.criteo.com ads.eu.criteo.com cat.nl.eu.criteo.com widget.nl.eu.criteo.com	114 KB
14	adnxs.com 5 redirects secure.adnxs.com ams1-ib.adnxs.com cdn.adnxs.com ib.adnxs.com acdn.adnxs.com	65 KB
13	likevertising.com likevertising.com	56 KB
10	google-analytics.com www.google-analytics.com	21 KB
9	ad-srv.net 2 redirects tm.ad-srv.net ad.ad-srv.net ad20.ad-srv.net	9 KB
7	cpx.to p.cpx.to s.cpx.to	9 KB
7	zeotap.com spl.zeotap.com mwzeom.zeotap.com	2 KB
6	adsrvr.org 5 redirects match.adsrvr.org	3 KB
6	adform.net 2 redirects s1.adform.net adx.adform.net c1.adform.net	27 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads.yahoo.com Failed sp.analytics.yahoo.com Failed	2 KB
5	google.com 2 redirects adservice.google.com www.google.com	2 KB
5	gemius.pl 1 redirects gabg.hit.gemius.pl ls.hit.gemius.pl	15 KB
4	bidswitch.net 3 redirects x.bidswitch.net pool.grid-data.bidswitch.net	2 KB
4	smartadserver.com 2 redirects www5.smartadserver.com ww1097.smartadserver.com sync.smartadserver.com rtb-csync.smartadserver.com Failed	2 KB
4	projectagora-adtag-library.com cdn.projectagora-adtag-library.com	238 KB
4	themoneytizer.com ads.themoneytizer.com	199 KB
4	onthe.io cdn.onthe.io tt.onthe.io	18 KB
3	onaudience.com 2 redirects pixel.onaudience.com	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	881 B
3	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com secure-gl.imrworldwide.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	taboola.com sync-t1.taboola.com Failed trc.taboola.com match.taboola.com	654 B
2	awin1.com 1 redirects www.awin1.com	1 KB
2	contentspread.net cdn.contentspread.net	2 KB
2	adhigh.net 2 redirects px.adhigh.net	872 B
2	simpli.fi 1 redirects um.simpli.fi	1 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	rlcdn.com api.rlcdn.com id.rlcdn.com	329 B
2	id5-sync.com 1 redirects id5-sync.com	2 KB
2	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	10 KB
2	adpone.com hb.adpone.com	186 KB
2	projectagoraservices.com ads.projectagoraservices.com	8 KB
2	adtrue.com cdn.adtrue.com exchange.adtrue.com	4 KB
2	sascdn.com ced.sascdn.com ced-ns.sascdn.com	51 KB
2	gstatic.com fonts.gstatic.com	43 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
2	googletagservices.com www.googletagservices.com	63 KB
2	facebook.com www.facebook.com	397 B
2	google.de adservice.google.de www.google.de	800 B
2	facebook.net connect.facebook.net	113 KB
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	645 B
1	bnmla.com match.bnmla.com	114 B
1	adtdp.com ad.as.amanad.adtdp.com	845 B
1	kaspersky.com media.kaspersky.com	48 KB
1	cdn-adtrue.com cdn-adtrue.com	1001 B
1	adleadevent.com adtrack.adleadevent.com	528 B
1	gumgum.com rtb.gumgum.com	238 B
1	playground.xyz 1 redirects ads.playground.xyz	467 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	turn.com 1 redirects ad.turn.com	518 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	deepintent.com match.deepintent.com	44 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	erne.co 1 redirects green.erne.co	325 B
1	iprom.net 1 redirects core.iprom.net	519 B
1	adgrx.com cm.adgrx.com	408 B
1	ad4m.at ad4m.at	915 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	casalemedia.com as-sec.casalemedia.com r.casalemedia.com Failed	431 B
1	agkn.com 1 redirects aa.agkn.com	381 B
1	quantcount.com rules.quantcount.com	1 KB
1	indexww.com js-sec.indexww.com	13 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	onetag-sys.com onetag-sys.com	823 B
1	leadplace.fr tag.leadplace.fr	6 KB
1	tmyzer.com c.tmyzer.com	270 B
1	themoneytizer.net g.themoneytizer.net	271 B
1	googletagmanager.com www.googletagmanager.com	45 KB
0	revcontent.com Failed trends.revcontent.com Failed
0	smaato.net Failed s.ad.smaato.net Failed
0	media.net Failed contextual.media.net Failed
0	3lift.com Failed eb2.3lift.com Failed
0	yandex.ru Failed an.yandex.ru Failed
0	kargo.com Failed crb.kargo.com Failed
0	tpmn.co.kr Failed ad.tpmn.co.kr Failed
0	addthis.com Failed cw.addthis.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	mgid.com Failed cm.mgid.com Failed
0	mediawallahscript.com Failed partner.mediawallahscript.com Failed
0	tapad.com Failed pixel.tapad.com Failed
384	98

	Domain	Requested by
31	static.dir.bg	m.dir.bg static.dir.bg
16	simage2.pubmatic.com	ads.pubmatic.com ads.eu.criteo.com likevertising.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com m.dir.bg cdn.ampproject.org
15	static.criteo.net	likevertising.com ads.eu.criteo.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
15	cmp-consent-tool.privacymanager.io	gdpr.privacymanager.io cmp-consent-tool.privacymanager.io
13	likevertising.com	m.dir.bg likevertising.com
13	securepubads.g.doubleclick.net	m.dir.bg securepubads.g.doubleclick.net likevertising.com www.googletagservices.com
10	s.update.rubiconproject.com	m.dir.bg s.update.rubiconproject.com
10	cm.g.doubleclick.net	8 redirects
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com m.dir.bg
8	image2.pubmatic.com	1 redirects ads.pubmatic.com
8	ads.pubmatic.com	likevertising.com ads.pubmatic.com exchange.adtrue.com
7	secure.adnxs.com	3 redirects likevertising.com secure.adnxs.com sshowads.pubmatic.com ads.eu.criteo.com
6	eus.rubiconproject.com	smarttag.rubiconproject.com eus.rubiconproject.com likevertising.com
6	s.cpx.to	p.cpx.to likevertising.com
6	mwzeom.zeotap.com	spl.zeotap.com
6	match.adsrvr.org	5 redirects js-sec.indexww.com
5	token.rubiconproject.com	5 redirects
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	pixel.rubiconproject.com	ads.eu.criteo.com
4	csm.eu.criteo.net	ads.eu.criteo.com
4	ad20.ad-srv.net	ad.ad-srv.net
4	ad.ad-srv.net	2 redirects tm.ad-srv.net ad.ad-srv.net
4	cdn.projectagora-adtag-library.com	ads.projectagoraservices.com cdn.projectagora-adtag-library.com
4	image6.pubmatic.com	ads.pubmatic.com
4	ads.themoneytizer.com	likevertising.com ads.themoneytizer.com
4	www.google.com	2 redirects m.dir.bg tpc.googlesyndication.com
4	gdpr-wrapper.privacymanager.io	www.googletagmanager.com gdpr.privacymanager.io cmp-consent-tool.privacymanager.io
4	gabg.hit.gemius.pl	1 redirects m.dir.bg gabg.hit.gemius.pl
3	beacon-fra2.rubiconproject.com	likevertising.com
3	x.bidswitch.net	3 redirects ads.eu.criteo.com likevertising.com
3	pixel.onaudience.com	2 redirects ads.pubmatic.com
3	sync.mathtag.com	3 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	sync-tm.everesttech.net	3 redirects
3	smarttag.rubiconproject.com	ads.rubiconproject.com
3	adx.adform.net	1 redirects s1.adform.net
3	ads.rubiconproject.com	likevertising.com sshowads.pubmatic.com m.dir.bg
3	ams1-ib.adnxs.com	secure.adnxs.com cdn.adnxs.com
3	gum.criteo.com	secure.adnxs.com ads.themoneytizer.com static.criteo.net ads.eu.criteo.com
3	tt.onthe.io	cdn.onthe.io
2	pm.w55c.net	2 redirects
2	pix.eu.criteo.net	ads.eu.criteo.com
2	widget.nl.eu.criteo.com	ads.eu.criteo.com
2	aktrack.pubmatic.com	likevertising.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	secure-gl.imrworldwide.com	ads.eu.criteo.com
2	www.awin1.com	1 redirects ad.ad-srv.net
2	sync.smartadserver.com	1 redirects likevertising.com
2	cdn.contentspread.net	ad.ad-srv.net
2	ads.eu.criteo.com	smarttag.rubiconproject.com
2	px.adhigh.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects ads.eu.criteo.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	loada.exelator.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	dis.criteo.com	ads.pubmatic.com likevertising.com
2	d5p.de17a.com	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	dpm.demdex.net	2 redirects
2	ib.adnxs.com	2 redirects
2	sshowads.pubmatic.com	ads.pubmatic.com
2	id5-sync.com	1 redirects likevertising.com
2	bidder.criteo.com	static.criteo.net
2	hb.adpone.com	likevertising.com
2	ads.projectagoraservices.com	likevertising.com smarttag.rubiconproject.com
2	googleads.g.doubleclick.net	m.dir.bg
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	securepubads.g.doubleclick.net likevertising.com
2	geo.privacymanager.io	gdpr.privacymanager.io
2	734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io	gdpr.privacymanager.io 734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io
2	www.facebook.com	m.dir.bg
2	connect.facebook.net	m.dir.bg connect.facebook.net
2	m.dir.bg	static.dir.bg
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	match.bnmla.com	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	id.rlcdn.com
1	ad.as.amanad.adtdp.com	ads.eu.criteo.com
1	ads.yahoo.com	ads.eu.criteo.com
1	media.kaspersky.com	ad.ad-srv.net
1	pool.grid-data.bidswitch.net	likevertising.com
1	cdn-adtrue.com	exchange.adtrue.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	rtb.gumgum.com	ads.pubmatic.com
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pixel.quantserve.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	green.erne.co	1 redirects
1	core.iprom.net	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	as-sec.casalemedia.com	js-sec.indexww.com
1	acdn.adnxs.com	likevertising.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	1 redirects
1	aa.agkn.com	1 redirects
1	api.rlcdn.com	js-sec.indexww.com
1	rules.quantcount.com	secure.quantserve.com
1	3pd.criteo.com	static.criteo.net
1	cdn.adnxs.com	secure.adnxs.com
1	tm.ad-srv.net	secure.adnxs.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	spl.zeotap.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	ced-ns.sascdn.com	likevertising.com
1	ww1097.smartadserver.com	1 redirects
1	c.tmyzer.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	www5.smartadserver.com	ced.sascdn.com
1	exchange.adtrue.com	m.dir.bg
1	s1.adform.net	likevertising.com
1	cdn.adtrue.com	likevertising.com
1	ced.sascdn.com	likevertising.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.google.de	m.dir.bg
1	stats.g.doubleclick.net	www.google-analytics.com
1	gdpr.privacymanager.io	gdpr-wrapper.privacymanager.io
1	5931236223f5dd945ad5f01e61afe94b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ls.hit.gemius.pl	gabg.hit.gemius.pl
1	pubads.g.doubleclick.net	m.dir.bg
1	www.googletagmanager.com	m.dir.bg
1	cdn.onthe.io	m.dir.bg
0	sync-t1.taboola.com Failed	ads.eu.criteo.com
0	trends.revcontent.com Failed	ads.eu.criteo.com
0	rtb-csync.smartadserver.com Failed	ads.eu.criteo.com
0	s.ad.smaato.net Failed	ads.eu.criteo.com
0	contextual.media.net Failed	ads.eu.criteo.com
0	r.casalemedia.com Failed	ads.eu.criteo.com
0	eb2.3lift.com Failed	ads.eu.criteo.com
0	an.yandex.ru Failed	ads.eu.criteo.com
0	crb.kargo.com Failed	ads.eu.criteo.com
0	ad.tpmn.co.kr Failed	ads.eu.criteo.com
0	cw.addthis.com Failed	ads.eu.criteo.com likevertising.com
0	sp.analytics.yahoo.com Failed	ads.eu.criteo.com
0	sync.outbrain.com Failed	ads.eu.criteo.com
0	cm.mgid.com Failed	ads.eu.criteo.com
0	partner.mediawallahscript.com Failed	ads.eu.criteo.com
0	pixel.tapad.com Failed	ads.eu.criteo.com
384	161

This site contains links to these domains. Also see Links.

Domain
www.idealcandidate.bg
covid.dir.bg
games.dir.bg
impressio.dir.bg
greentransition.bg
podcast.dir.bg
urbn.dir.bg
auto.dir.bg
www.lostbulgaria.com
clubs.dir.bg
kino.dir.bg
zodiac.dir.bg
tv.dir.bg
trip.dir.bg
vkusotii.dir.bg
vremezamen.dir.bg
webreport.bg
ticket.dir.bg
www.facebook.com
www.linkedin.com
www.instagram.com
twitter.com
www.youtube.com
dnes.dir.bg
webmail.dir.bg
company.dir.bg

Subject Issuer	Validity	Valid
*.dir.bg Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-11-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-08` - `2022-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2021-05-06` - `2022-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gdpr.privacymanager.io Amazon	`2021-05-24` - `2022-06-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
likevertising.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.adtrue.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-08-14`	2 years	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.themoneytizer.com GoGetSSL RSA DV CA	`2021-02-14` - `2022-03-17`	a year	crt.sh
paadserver.projectagora.info R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
cdn.projectagora-adtag-library.com R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
c.tmyzer.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
ad-srv.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-03` - `2022-02-02`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-06` - `2022-03-06`	2 years	crt.sh
update.rubiconproject.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-12` - `2021-12-10`	3 months	crt.sh
*.as.amanad.adtdp.com Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh

This page contains 71 frames:

Primary Page: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Frame ID: A7926D3062B9D5FFF7142D18A9C32D66
Requests: 72 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 0FA54A015697C4F502ABA1C5AAAC5136
Requests: 1 HTTP requests in this frame

Frame: https://5931236223f5dd945ad5f01e61afe94b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B7DD73CA4929C85E29C3BFDD5DB0E59F
Requests: 1 HTTP requests in this frame

Frame: https://734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io/1/portal.html
Frame ID: F6D65635A64376668B928B9A4AA85777
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E5E834558237FB57CEE86FEB34A749CD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B872C76EE6734B6ABBB070FF80995A6
Requests: 2 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: BCC72BA949AA61D83A3ABBF89B033B6E
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMSmxM6dOQvjOAatje3qaUANCqSt4L3FFZXxa16JobGZwHQt403lsZIXp5BxP-LNLXZ7jEQk-SE-A5Fb199GV6s3yLeG4jTK8zh-ICYM8nA7QGoDrjtzhIw_sjWP9Ezr4WdBQQo3CuLaFpq72f0zUnZkFBtU4mj2OpVhZYs4Eelq52U0H9zDDnjSrNEAiPsrIjhRd06A42Y4JIqyqcmc1rogNMxRh1CQabaT7z-0q6vj6zhMx5webEyynj1T6ZXiy8i2na9wj5gqTUgiszrtSYrBCAKycd9QS5cr66bXwn5-x71DxQTQZ8GMcZPuNepA&sig=Cg0ArKJSzDejNu4j694mEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6435B59C431C2AA2D1869F8B13D20EFC
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 703BEC04EE28E5E369AAE621CBA233DC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 981BB26742291DABE54D688960A97B0A
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 6625F01D929178F85422315CF6EB34F2
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 24C7F08E72C263936966E82C2C87C56A
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 60620D87B45F6C06A8BF0D02DBCEC9A1
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=1e6afb65dbb2642c13614239d0724d071&cb=3391741636962229648
Frame ID: 7D36BB1FF60D9E055965200E241BA84E
Requests: 3 HTTP requests in this frame

Frame: https://likevertising.com/async_usersync?i=or4a09mbyy4djkim55&a=04548596bf9f47cf77f399bdbc682cd67&cb=8043521636962229649
Frame ID: ED55F7464FF5AD32B43F73EB9943DAC1
Requests: 1 HTTP requests in this frame

Frame: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=ff51dd3928bf7791e097ecd0fa3f43387&cb=4167371636962229650
Frame ID: 58930FC8CEE9D115C07D2FAAA1A2AD83
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=3f365a130536d068c3dd8aedaf5efba05&cb=2147061636962229651
Frame ID: A980AA88E6F943A0A461D730C1D3D772
Requests: 4 HTTP requests in this frame

Frame: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=1a4b5c1837eb943f929239dccfd3a9209&cb=6680681636962229653
Frame ID: 0295B5A801BAF9A4F6EDE8FCD6EB555B
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=fa23da017e8678c7ec77e9b00cc3549b5&cb=5589161636962229655
Frame ID: 78579943B2953869FE7B61143CD5FAF7
Requests: 5 HTTP requests in this frame

Frame: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656
Frame ID: E84B1720A690275D0813F3C6B1A0D456
Requests: 29 HTTP requests in this frame

Frame: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=24aa3466f91095a53cca0d9d2de939f55&cb=0996361636962229657
Frame ID: 9436E8D9811110908492FF8AE059C48A
Requests: 4 HTTP requests in this frame

Frame: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=4771a71a974d11dafd726c348f619b729&cb=0332291636962229659
Frame ID: CF49E844C0F34F7FFABEAE97C81DD1B0
Requests: 10 HTTP requests in this frame

Frame: https://likevertising.com/async_usersync?i=or4a09mbyy4djkim55&a=1228cfa31908600e0cb804fa2271636a1&cb=2177791636962229659
Frame ID: 049D475621E99908E600C94C2F28E733
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/send?i=or4a09mbyy4djkim55&a=979f14aa57863de0e659848470182adb1&cb=4018791636962229660
Frame ID: A2B874D78E20D28D976D38F47189A40F
Requests: 9 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=15702&ref=https%3A%2F%2Fm.dir.bg%2F&cb=1152278217&timeZone=0&adWidth=300&adHeight=250&loc=https://m.dir.bg/
Frame ID: 62EEB2BD0CAA09964FCD4C5CACA21571
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1636962230051
Frame ID: 876599ED1BA2C23BEB3130F4B65DD10A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: AE836C12BF010D2EC3584607D4F971E2
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=m.dir.bg&gdpr=1&gdpr_consent=
Frame ID: 3AF3AA45A0ABD162FB69C4DFFD156A0D
Requests: 1 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/17210.js
Frame ID: CFF79176081823463C40E624BCAE1639
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F7804A28BC757FF924863A84548031B9
Requests: 23 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7789ECCD3D29152603C71F174066BE78
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&uidRedirect=1
Frame ID: F3185DCF98E7693E48F5AA40DFB04F2F
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1619737
Frame ID: EF4FC63A12580D60E1244870C4FDE1CE
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2
Frame ID: 3B5F2C83AB6E26105C80ADBF9A8B78E5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6343099854596445264
Frame ID: 65925540A47F5CF4F3E7090B094D1D41
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 454CAEE8A2F5D3B9C22D6EA9D8779C89
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030699242646075534
Frame ID: CC8D3DFF58D8048E3E40DDBDEC2FA8DA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZIPtgAEu8MLRgBG&gdpr=0&gdpr_consent=&_test=YZIPtgAEu8MLRgBG
Frame ID: 6B233FE8E3617705153C9298DEB8C3A0
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 8C617AE8408AB690A910A9F36D8312D7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 66141898C4BCDE3C25D0BD5DFF7F86A9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 89DDCD4F412A8A54BE6354312205740E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 715B6F91BC63AC7C9A9C545C9CC67B97
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=413414937079319
Frame ID: 9F01BFCA1EA6F95821242A3A62E3F04F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=oLq87Hac10nbxDYfIhaNX0fP
Frame ID: 00DC6C974134573692A05068A01068A7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003
Frame ID: 8ACF166A859DB6EB78FAE776C8FA8203
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2F44EDACA544894070844560CE975251
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 52C57219CBC8FECE9520D4ED536E1D7F
Requests: 1 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/17210.js
Frame ID: 4ABACA756EFBBBC22A1CF7CFC5F7D487
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Frame ID: 96367BE1865F9F526B85F3019B9212AE
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: FE8106C0A290FE816E7FC50DA9DC4997
Requests: 10 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX_FYByxmYOy0IW9wA38FJi0mCmvlb0vFg8HmXmp0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=95525100042453501467939011779020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fptbqbu5u5lgws38%3Ftprde%3D&uidRedirect=1
Frame ID: D6E4B7915144D4D98C2EA8A98A03B164
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 44B95CBB9CA220A4B83A45210E4FE527
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DA15FD880618BFBCE2FB560865150B9F
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Frame ID: 2F534DC1842D7079C2221602C3E07F74
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D886C84B2B7E2FF566CCC51C0CC75E45
Requests: 2 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=12152000042454901649441011779020
Frame ID: C217CD0D3AB8DF56779D80F6629B5FF5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 0384AC3B41022045FECF25CD70A883FC
Requests: 2 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156383&siteId=638919&adId=2497714&adType=3&adServerId=165&kefact=0.000000&kaxefact=0.000000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1636962230&indirectAdId=2253957&adServerOptimizerId=1&ranreq=0.5284432947937703&kpbmtpfact=0.000000&dcId=3&tldId=60334076&passback=3&svr=ADS23005U&adsver=_3010998657&adsabzcid=0&cls=ADS&ekefact=tg-SYUOTBQB_BJe-2SVrRTe4SxpO_kGtjxXwRDMpzoiDF54K&ekaxefact=tg-SYVaTBQDh95obIE8INDngnAQgY2BzWrW_S20D95ixPpjK&ekpbmtpfact=tg-SYW-TBQBwj34pO_DJhygS6ezs80X9MlVtL2JumbIRhPHo&enpp=tg-SYYKTBQAYPsnhwI3IcttKL0FDcNzaVRMkUdhKj8QmCKfU&pfi=1&domId=11427914440147218654&dc=lhr19&crID=0&campaignId=0&isRTB=0&imprId=CE4B4617-EFC9-4DA3-A2C2-AABB771A36F8&oid=CE4B4617-EFC9-4DA3-A2C2-AABB771A36F8&cntryId=58&domain=dir.bg&sec=1&pAuSt=2&wops=0&sURL=dir.bg&BrID=5
Frame ID: FDCA8F38D7AC0A6AB8439E10A46AD845
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 835A9A5B0A4CA1F3BA5B367C3D0F6F09
Requests: 3 HTTP requests in this frame

Frame: https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=7944&cb=61920fb5d0c425f74b30ce6e55de4dbc
Frame ID: FC2D5E08C1F59E7D68A602540FC8293E
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=155495&siteId=639493&adId=2503544&adType=3&adServerId=165&kefact=0.500000&kaxefact=0.500000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1636962230&indirectAdId=2259498&adServerOptimizerId=1&ranreq=0.6379271575918886&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=30&svr=ADS23001U&adsver=_3010998657&adsabzcid=0&cls=ADS&ekefact=tg-SYaGgCAD4O1OR8_moXR75A98z6LsnMaI4PTdZEUA-kgLc&ekaxefact=tg-SYbGgCAD-ZrRGBeE26yOTnxwh1avIeB5Tb0GfQM-vnQt8&ekpbmtpfact=tg-SYcCgCADRo50jQSCD_hvSUday0XIRdvheICOOEInr6U8X&enpp=tg-SYc6gCADjSsPgnSmYkXCn5jkk6CiW3HdepQ5a5iOggA8F&pfi=1&dc=lhr19&crID=0&campaignId=0&isRTB=0&imprId=97A4D5EB-4722-4E29-A341-9C8180105F84&oid=97A4D5EB-4722-4E29-A341-9C8180105F84&cntryId=58&domain=m.dir.bg&sec=1&pmc=0&pAuSt=2&wops=0&sURL=m.dir.bg&BrID=5
Frame ID: 9D73958900F2D02CCA8F4B21A7034437
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=7944&cb=61920fb5f728d2a64e83c2573c3c0513
Frame ID: 79547452755A09BF652B658B82C02676
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg
Frame ID: 0D748C146697E7378BF4637C9C7EA1E8
Requests: 30 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: E9EF9310F6C9CD6D226532A83A6118F1
Requests: 2 HTTP requests in this frame

Frame: blob://https://likevertising.com/5b6d2dc0-4b54-4379-8f3a-1c31a8c7fa8e
Frame ID: 0CB53ABA7EDDA39D92F74661EEBC95F1
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3AE582AC1B0DD6D838CF0F1D9895D65A
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f1f5198-6b5d-4582-be5d-07d965d8a6f0-tuct88b9537&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: C89EB112C422DF75CCBE0318B7E9B1E2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HhXHlPTX1MMwEF5&gdpr=0&gdpr_consent=
Frame ID: 44C96245C33C511D4D5A7226ACB0E2C3
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 1289FC53473FC64152FDFF670ED8C49D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C25119B56AA41669D5F6B0E5A3DCA5D
Frame ID: E8CC9B511D60506C0A8D1B7D32015D5C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zk9UW_38RNFc7WWnQOZVWlvHdkw
Frame ID: 36852772BE4E3350FF02FC00CEDA62E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Д-р Денчева: Пациентите с ковид пристигат в непредвидимо състояние | Днес.dir.bg

Page Statistics

384
Requests

80 %
HTTPS

32 %
IPv6

98
Domains

161
Subdomains

111
IPs

15
Countries

4323 kB
Transfer

11049 kB
Size

158
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.idealcandidate.bg/
Title: Идеалният Кандидат

Search URL Search Domain Scan URL

URL: https://covid.dir.bg/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://games.dir.bg/
Title: Games

Search URL Search Domain Scan URL

URL: https://impressio.dir.bg/
Title: Impressio

Search URL Search Domain Scan URL

URL: https://greentransition.bg/
Title: Green Transition

Search URL Search Domain Scan URL

URL: https://podcast.dir.bg/
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://urbn.dir.bg/
Title: #URBN

Search URL Search Domain Scan URL

URL: http://auto.dir.bg/
Title: Авто

Search URL Search Domain Scan URL

URL: http://www.lostbulgaria.com/
Title: Изгубената България

Search URL Search Domain Scan URL

URL: http://clubs.dir.bg/
Title: Клубовете

Search URL Search Domain Scan URL

URL: http://kino.dir.bg/
Title: Кино

Search URL Search Domain Scan URL

URL: http://zodiac.dir.bg/
Title: Зодиак

Search URL Search Domain Scan URL

URL: http://tv.dir.bg/
Title: ТВ

Search URL Search Domain Scan URL

URL: https://trip.dir.bg/
Title: Trip

Search URL Search Domain Scan URL

URL: http://vkusotii.dir.bg/
Title: Вкусотии

Search URL Search Domain Scan URL

URL: https://vremezamen.dir.bg/
Title: #Време за мен

Search URL Search Domain Scan URL

URL: https://webreport.bg/
Title: Web Report

Search URL Search Domain Scan URL

URL: https://ticket.dir.bg/
Title: Билети

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dnesdirbg/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dir-bg/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dir.bg/

Search URL Search Domain Scan URL

URL: https://twitter.com/dirbg

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCX3ADAGeYtU3MKw55fYcs6g

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/feeds/rss

Search URL Search Domain Scan URL

URL: https://webmail.dir.bg/
Title: Поща

Search URL Search Domain Scan URL

URL: https://trip.dir.bg/video-trip/ruskoto-selo-koeto-si-ima-triglav-zmey-balvasht-ogan-video
Title: Trip

Search URL Search Domain Scan URL

URL: https://impressio.dir.bg/kaleydoskop/hilyadi-muzikanti-sviriha-v-karakas-za-svetoven-rekord
Title: Impressio

Search URL Search Domain Scan URL

URL: https://urbn.dir.bg/urbn-music-club/slushahme-go-v-igra-na-tronove-a-toy-izbra-balgariya-svetovnoizvestniyat-kan-wakan
Title: URBN

Search URL Search Domain Scan URL

URL: https://company.dir.bg/
Title: Реклама

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://gabg.hit.gemius.pl/_1636962228908/rexdot.js?l=100&id=0iiVJGbSLRDxKVR5H_8PJ8Q5nO5K9mSU_KlzR01InHj.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=163&lsdata=oSsccglH62Gjamp0HHYmwhsGb6VVbecKkcHJu1UqC9X.Y78GotjERShI.TjEs.whfyTJWTmnMByU_R23dhLdwRXO2iP./sBaJeTrUmrLYZ/&fpdata=WSrHo5BwC7H2QJLgf5iigPhiRMfPP5d8vb7HpP29_Tz.N7&vis=1&fpcap= HTTP 301
https://gabg.hit.gemius.pl/__/_1636962228908/rexdot.js?l=100&id=0iiVJGbSLRDxKVR5H_8PJ8Q5nO5K9mSU_KlzR01InHj.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=163&lsdata=oSsccglH62Gjamp0HHYmwhsGb6VVbecKkcHJu1UqC9X.Y78GotjERShI.TjEs.whfyTJWTmnMByU_R23dhLdwRXO2iP./sBaJeTrUmrLYZ/&fpdata=WSrHo5BwC7H2QJLgf5iigPhiRMfPP5d8vb7HpP29_Tz.N7&vis=1&fpcap=

Request Chain 149

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 160

https://secure.adnxs.com/ttj?id=17890028 HTTP 307
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D17890028

Request Chain 178

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 190

https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=

Request Chain 198

https://adx.adform.net/adx/?rp=3&bWlkPTczODcyNiZybmQ9NjI4Z2dzYW1nc2JqZnhxc2d0czE&url=https%3A%2F%2Fm.dir.bg&callback=_adform_cb_1636962230188_634652204947526 HTTP 302
https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTczODcyNiZybmQ9NjI4Z2dzYW1nc2JqZnhxc2d0czE&url=https%3A%2F%2Fm.dir.bg&callback=_adform_cb_1636962230188_634652204947526

Request Chain 205

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=4101933371051267773&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESED3fB0sangFh-LUplFVX9Pw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258

Request Chain 207

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Df8a89c8e-3b5f-4299-4cdc-14b37a2d8f46%26reqId%3D97c4b3a9-0a85-48a4-5ad2-4c503412bb23%26uc%3D2%26zdid%3D1258 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Df8a89c8e-3b5f-4299-4cdc-14b37a2d8f46%26reqId%3D97c4b3a9-0a85-48a4-5ad2-4c503412bb23%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=8efd733c-417c-42b5-a902-85f0ecfda817&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258

Request Chain 208

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Df8a89c8e-3b5f-4299-4cdc-14b37a2d8f46%26reqId%3D97c4b3a9-0a85-48a4-5ad2-4c503412bb23%26uc%3D2%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Df8a89c8e-3b5f-4299-4cdc-14b37a2d8f46%26reqId%3D97c4b3a9-0a85-48a4-5ad2-4c503412bb23%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=39692177400187621883186628633934710719&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258

Request Chain 209

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1258&cid=iUm8VVLbSPPi7eu8bnaLNjl0pQWC%2FkKn%2BS41iYitP1U%3D

Request Chain 210

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Df8a89c8e-3b5f-4299-4cdc-14b37a2d8f46%26reqId%3D97c4b3a9-0a85-48a4-5ad2-4c503412bb23%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258

Request Chain 213

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&uidRedirect=1

Request Chain 221

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6343099854596445264

Request Chain 223

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030699242646075534

Request Chain 224

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YZIPtgAEu8MLRgBG HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZIPtgAEu8MLRgBG&gdpr=0&gdpr_consent=&_test=YZIPtgAEu8MLRgBG

Request Chain 225

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTVdVN0RKQjhBQUNnMi1oWlY0dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 226

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 229

https://core.iprom.net/cookiesync HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=413414937079319

Request Chain 230

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=oLq87Hac10nbxDYfIhaNX0fP

Request Chain 231

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8789225691 HTTP 302
https://sync.1rx.io/usersync/tradedesk/8efd733c-417c-42b5-a902-85f0ecfda817 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003

Request Chain 232

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L_HSwpGaTwa1Z0_Ej_aOwg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 235

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=30536192-0fb6-4600-9c4e-a42d83da85cd

Request Chain 236

https://pixel.onaudience.com/?partner=214&mapped=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d219833c0975f0d84a8a3e4d7ab8b9b HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=407a02f3c9c2d84b43b2774884d31487

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkZGMUQyQzItOTE5QS00RjA2LUI1NjctNEZDNDhGRjY4RUMy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDJPcGhBZfoO9u-1OsQUb2c&google_cver=1

Request Chain 240

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&gdpr=0&gdpr_consent=

Request Chain 241

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5590461365333053461

Request Chain 242

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8efd733c-417c-42b5-a902-85f0ecfda817

Request Chain 243

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4101933371051267773&gdpr=0&gdpr_consent=

Request Chain 245

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zN.nuDtE2uU5dfizIJGf3EjxojLEg8Y-~A&gdpr=0&gdpr_consent=

Request Chain 246

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=s9P_-rWEpP6o1KfwvIDr8ODQovGogfT5sdOuPh15

Request Chain 247

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://px.adhigh.net/p/cm/bsw?u=54b91606-4a77-4a4e-a0c9-51d8066aaebb&bidswitch_ssp_id=pubmatic HTTP 302
https://px.adhigh.net/p/cm/bsw?u=54b91606-4a77-4a4e-a0c9-51d8066aaebb&bidswitch_ssp_id=pubmatic&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=uMoxQV6tNtNT.AikABlF9Io1hdQ&expires=30&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54b91606-4a77-4a4e-a0c9-51d8066aaebb&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 249

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3011783490284999467&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 250

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 251

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dac730e2-13c7-43fd-bdc2-6489bb8f0fbf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 252

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4101933371051267773

Request Chain 261

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX_FYByxmYOy0IW9wA38FJi0mCmvlb0vFg8HmXmp0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=95525100042453501467939011779020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fptbqbu5u5lgws38%3Ftprde%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX_FYByxmYOy0IW9wA38FJi0mCmvlb0vFg8HmXmp0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=95525100042453501467939011779020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fptbqbu5u5lgws38%3Ftprde%3D&uidRedirect=1

Request Chain 267

https://token.rubiconproject.com/token?pid=34010&puid=6e135095f5f8984b&gdpr=0 HTTP 302
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=KW0D1OP6-19-KDIP&customParamenters={p:customParamenters}&gdpr=0

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977&google_gid=CAESEE28uHVLc60CnqVhifAUlmY&google_cver=1

Request Chain 269

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3De1831104-af41-4b21-9bd8-c9f0bc1ed977&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977&gdpr=0&cklb=1

Request Chain 270

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12767%26ref%3Dhttps%253A%252F%252Fm.dir.bg%252F%26hn_ver%3D20%26fid%3De1831104-af41-4b21-9bd8-c9f0bc1ed977 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=4101933371051267773&pid=12767&ref=https%3A%2F%2Fm.dir.bg%2F&hn_ver=20&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977

Request Chain 271

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De1831104-af41-4b21-9bd8-c9f0bc1ed977 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977

Request Chain 272

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=8efd733c-417c-42b5-a902-85f0ecfda817&dsp=TTD

Request Chain 286

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=12152000042454901649441011779020 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kts-300x250.jpg

Request Chain 330

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1sQnMtWDBGZFY0TXB3X3Exa3BocHl6NVBRdjhKYmx3ZHAxRmZtZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 361

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW0D1OP6-19-KDIP&sigv=1&esig=2~3aed081e62dc38e60b2bf94d91d328215db61005

Request Chain 363

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1cwRDFPUDYtMTktS0RJUA==

Request Chain 364

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&expires=28

Request Chain 365

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZIPtgAEu8MLRgBG

Request Chain 366

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTIwYjU5MzEwOWM1MTYzYmJjNTc1NTdhYjgyYTMwYWQyZGU2ZTBmYw

Request Chain 367

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMGpiM_sVIyLVehoCd41lNI&google_cver=1

Request Chain 368

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/lFZ61MWQ0RGx1-Rue7_IUcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8311828770487584843

Request Chain 385

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f1f5198-6b5d-4582-be5d-07d965d8a6f0-tuct88b9537&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 386

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HhXHlPTX1MMwEF5&gdpr=0&gdpr_consent=

Request Chain 388

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C25119B56AA41669D5F6B0E5A3DCA5D

Request Chain 389

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zk9UW_38RNFc7WWnQOZVWlvHdkw

Request Chain 390

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c8568d1b-45e7-11ec-b40a-db78886add51&gdpr=0&gdpr_consent=

384 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie Show response
m.dir.bg/dnes/obshtestvo/ 104 KB
19 KB 126ms
54ms Document
text/html 194.145.63.11
DIRBG-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.145.63.11 Sofia, Bulgaria, ASN8860 (DIRBG-AS, BG),

Reverse DNS

id.dir.bg

Software

Dir.bg Web Server /

Resource Hash

e2f271de4b0aeb8339915506f63ee5ab6b1968db88578bd4ae177eebc2c8b8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: Dir.bg Web Server
date: Mon, 15 Nov 2021 07:43:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-web: 2
strict-transport-security: max-age=63072000
x-frame-options: DENY
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
x-xss-protection: 1; mode=block

GET
H2 200 all.css
static.dir.bg/css/mobile/ 192 KB
30 KB 76ms
51ms Stylesheet
text/css 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/css/mobile/all.css?_=1636473153
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72dcaad1ca7c29cb0a5f2e08d8bb0d6fc123603d1ad99cb366ad08c4c17faba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489424
cf-polished: origSize=196753
access-control-max-age: 172800
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 15:52:33 GMT
server: cloudflare
etag: W/"618a9941-30091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9EBFSaFot0tJB%2Fs62wiIElTHE%2BBZzfeDFX4MFVeWpOcezfym4VxmAD3pthT4Cc%2BMPeU6m1%2BHKvS2k3%2BUoapftgzgbTInDoXNfK0v4l88YzZbzu%2FfDallSyiFS0J7WtzBMSeigiBxXlNlYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 09 Dec 2021 15:44:49 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c7df306957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: minify

GET
H2 200 dnes-all.css
static.dir.bg/css/mobile/ 10 KB
3 KB 60ms
34ms Stylesheet
text/css 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/css/mobile/dnes-all.css?_=1636473142
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d6daf8a31df357bceb9881b4179c576e20ed2266daaff4de7d6c7d5b53facb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489440
cf-polished: origSize=10457
access-control-max-age: 172800
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 15:52:22 GMT
server: cloudflare
etag: W/"618a9936-28d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CjDEmLBraySsiJFDQXNyQf7XOrNyNVK2Xy3KBwLr%2FiLoq52r4IWZcfqg9CxWj1eDooLqHZpby8voHB1ViDHZfmeCPfiUbUkiz1Iz2IY9MLeGd7D8CbPvNrXFgMo%2BN0VoEvjk3ZNsjwD0aY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 09 Dec 2021 15:44:33 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c7df316957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: minify

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 37ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

761ce3c51dcf364d47350d9f1db8d751eeb877cdb02c40bd1b99b6f575093df9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1044 / 161 of 1000 / last-modified: 1636758378"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26731
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Nov 2021 07:43:48 GMT

GET
H2 200 logo.svg
static.dir.bg/images/ 2 KB
1 KB 19ms
14ms Image
image/svg+xml 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logo.svg?_=1620648727
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3b48829c52eca43e62f65531b70419e0b71a8f2fa72f4cfc6c2a2f3aadc6c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5100
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 10 May 2021 12:12:07 GMT
server: cloudflare
etag: W/"60992317-716"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZA8v21cmAKG3SYZoM4YQEqqVfZHu6Dlf2hZYYYx6E90mDbEyMGIm6X2LlyvfgKBqjDBM9sD3WH7h%2BdzLJk84wWvz4cUhClpUjVC2AQzHgSs%2B80%2BpbaPSDX4hkIbkbdCU4mJIAdOlzjQpfJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c848076957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 07 Nov 2021 16:00:07 GMT

GET
H2 200 logo-cat.svg
static.dir.bg/images/ 2 KB
1 KB 21ms
15ms Image
image/svg+xml 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logo-cat.svg?_=1620648727
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49dd4046728bbc2bf3b18f8ec2b828507163ff7e081a985ab9c97cba3f2f4609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5093
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 10 May 2021 12:12:07 GMT
server: cloudflare
etag: W/"60992317-783"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OMDoOPe3Aw06UMhnPHXO8FebXodDbChJAQLLKy%2FNXZHJgSnShFGweH16QXfMvNUT8HdB2wKd3r2yvo%2BrGfxc8iG8fNwPdvRZrTXvh5v8aQ4zQdDvk2dUYtasgSNwXADm6M%2FaFYfNWNHwi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c848126957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 07 Nov 2021 16:00:26 GMT

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2021/11/10/2275052/ 11 KB
11 KB 19ms
14ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/10/2275052/384x216.jpg?_=1636539481
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f9b6614ad3b53648681b4765348ca40d33cdce75bcd874cdbfc86ae9b0e99e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240827
cf-polished: origSize=11369, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10787
last-modified: Wed, 10 Nov 2021 10:18:01 GMT
server: cloudflare
etag: "618b9c59-2c69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpMkmK5bcryjkm42tHgY6Ge36kGVMFIcFQExIfG%2F%2BXPUH%2BWwfHCsn%2FGAss81jPMH98Su26eL%2FCTy3zKCAMCyk%2BiJ08hyzgbu5yxqQPiDrwk%2BEEU8LuZFAAQYcpJ2%2Fjkqiv4BXlpBM4Vsn1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 12 Dec 2021 12:45:54 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848166957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 768x432.jpg
static.dir.bg/uploads/images/2021/11/08/2274348/ 46 KB
47 KB 29ms
24ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/08/2274348/768x432.jpg?_=1636380824
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0f9ac16ad01f17c1666af19f1d4be7918b27406b67b71cf085c4eef5b6a70e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92665
cf-polished: origSize=48850, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47031
last-modified: Mon, 08 Nov 2021 14:13:44 GMT
server: cloudflare
etag: "61893098-bed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7URHxaBjnMGZ5sTnDubxEYcUgzvn28akg%2BFwhto%2B0OXV%2FKWgFAH6fMEwWTYr7QLQWL8%2Fifo1vI0Fj21XBl4shDHE6kEYLhr44jNMUXjEooWPmymv6%2FTk0uP7dpw3ZfM4b4FifpC3Qic6TrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 05:57:25 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848196957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 768x432.jpg
static.dir.bg/uploads/images/2021/11/08/2274342/ 38 KB
38 KB 21ms
16ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/08/2274342/768x432.jpg?_=1636380655
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 288a802d337a509fc6b624f3200fffe93b3b2c26b76414b4c380b2f17002d916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92666
cf-polished: origSize=40268, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38696
last-modified: Mon, 08 Nov 2021 14:10:55 GMT
server: cloudflare
etag: "61892fef-9d4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgX6jHt5mVKMT%2Bc9zDvYdnyhCApy7BAPoDNsVwumgvAVanyLpBCiEQD0XWDla%2BQDr67m1dtT%2Fmq6e363lgHsG7LtyrR7hGMXEE8Fb4hu65A0cer7Rhy1jWzDrHCXg7Zhj7BdjDrAY%2BDTRm4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 05:55:14 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c8481d6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 768x432.jpg
static.dir.bg/uploads/images/2021/11/08/2274346/ 34 KB
34 KB 18ms
13ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/08/2274346/768x432.jpg?_=1636380754
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 372e27a98e15f91ddb34daa986eb2c55a24ac059fa849b56093087e29b635e1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 564699
cf-polished: origSize=36387, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34447
last-modified: Mon, 08 Nov 2021 14:12:34 GMT
server: cloudflare
etag: "61893052-8e23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvxUYWQBN%2B42W%2Ff3E%2Bfchmz69LowS5KSIiaqsW6EB%2Fe%2B77LlGn%2BmZuVkblBgempXUCkLsZADfctnQSLPBY7HTr6wKUO%2BI7IbkNAJEnsIDiXs7NTT8P5aXAAsFJEtgVT9BrnVhfiUSlwTVpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 08 Dec 2021 18:48:08 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c8481e6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 768x432.jpg
static.dir.bg/uploads/images/2021/09/23/2255126/ 31 KB
32 KB 21ms
17ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/09/23/2255126/768x432.jpg?_=1632405591
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8934864a56420b2936d8fdee7215a3742b7a642623ca9adac7558a4bfda5b401

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92666
cf-polished: origSize=33188, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31630
last-modified: Thu, 23 Sep 2021 13:59:51 GMT
server: cloudflare
etag: "614c8857-81a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmPSV7xnKaHWTErpugGBGOkiN6wSk6vfBNMjL2cEpUGkcBoxK0J8OBG%2FgSVzC21pB75Sq%2FtEcTn90ZR2z0xU3GFtjA7cmeYJd%2FQA5xeUT65e0UDMD38obxVFuiwKdcRd1Co%2BgnnwdHwFdeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 05:55:14 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c8481f6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2018/10/24/1579229/ 17 KB
17 KB 30ms
25ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2018/10/24/1579229/384x216.jpg?_=1540383914
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbcad4e849330388b117e95faf73447fc06f299b72f05b5294384cd87b40f88c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1399
cf-polished: origSize=18156, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17031
last-modified: Wed, 24 Oct 2018 12:25:14 GMT
server: cloudflare
etag: "5bd064aa-46ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tKCTEjV70%2BR1cyH04QD9SNsCtcFHlVf9w8nBEz%2FiffMLJW6bTj%2B5c71wty1gMQC9KRzLfv8DOwyeWOL%2F9aTjkNcj6KBcQPt%2BSAdJCV2kLmV02S8zEss7cRN52cPs1OjDSBCvKBhujFDA%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 15 Dec 2021 07:16:20 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848216957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2018/12/24/1624079/ 11 KB
12 KB 19ms
15ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2018/12/24/1624079/256x144.jpg?_=1545662633
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeef4c2d6f37558a6507007cfe87edd4fc561f59b405b97f154106950783212e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6312
cf-polished: origSize=12294, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11361
last-modified: Mon, 24 Dec 2018 14:43:53 GMT
server: cloudflare
etag: "5c20f0a9-3006"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rua3u%2Buio0pXP06asQ9KazsUXbZ%2B4NyESTPOJgSf%2BItB0nlT7s23vPgWQlCjx47p021eTGprMUYzWUWb8hqV358SsqkijgvGgHI6%2F7dS%2BcrQ9sDCf%2BBFiPS4KTiOLIjL9wqoFAjb2XShLDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 15 Dec 2021 05:56:38 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848226957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2021/11/14/2276904/ 8 KB
8 KB 19ms
14ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/14/2276904/256x144.jpg?_=1636926273
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2c3da94b752f17cd7e87b03124117b2315e8a41a9fb0eefad81cb899e2b08d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36003
cf-polished: origSize=8543, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7954
last-modified: Sun, 14 Nov 2021 21:44:33 GMT
server: cloudflare
etag: "61918341-215f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5RMFnelbsAqSt6nGay6Mw4DIjZfBneGDWMTI1vKteiNgvIyvooQpYyZvAdDeh0Iakg5K4K3O8yiq4dZ0cKeYB%2Fk2fYRM%2BAImJ3RGLjQtJiLrdhqBpVGldpOU2GHRBHkMS7JcCzSOAyNjIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 21:39:36 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848246957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2021/11/14/2276867/ 7 KB
8 KB 26ms
22ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/14/2276867/256x144.jpg?_=1636915681
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 091cbd0929ef01f1551896e19ee5ca36edc5872046433deae5ab068cc183652c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46334
cf-polished: origSize=7746, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7228
last-modified: Sun, 14 Nov 2021 18:48:01 GMT
server: cloudflare
etag: "619159e1-1e42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPgA%2Fq2%2BOftTx7fmnapkwfWFmzb2%2Fd1FrcnHyRBKZAFOlul3A43felwnkYrSt3lG8H462kvM6NdnK1PzrHeN2xDr7h5YzIOpzRiJQx284u48Ba8XJHfjHwL2shQ2iI4TVd3dxTvfniaakNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 18:49:36 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c8482b6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2021/11/14/2276865/ 5 KB
5 KB 22ms
18ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/14/2276865/256x144.jpg?_=1636915064
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 290a4e5c17f2e4384b984db6d604d8ab95a7f00f0cb2eb296b56d818027496a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47466
cf-polished: origSize=5719, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4780
last-modified: Sun, 14 Nov 2021 18:37:44 GMT
server: cloudflare
etag: "61915778-1657"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwgSv%2BP5jbi75t%2FVIgMOlhpl4t48Ks%2BSKERn4zFjLeD7qsAC%2BPXPgcH2rXPIKjCQESKq2qJvwG6Qex4cDIB8wxtnbou9X%2Bv8vi%2F8BU7zCO%2FuS7%2FNG2%2Fud4mrFafvduGdMvL35AfIT7i3CK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 18:28:33 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c8482d6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2021/11/14/2276824/ 8 KB
8 KB 25ms
21ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/14/2276824/256x144.jpg?_=1636910210
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d898e04162a4c3c4c9158a8fa95d1f32ef7b468f31dcd157e3a1bb8f94cc1e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51499
cf-polished: origSize=8397, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7915
last-modified: Sun, 14 Nov 2021 17:16:50 GMT
server: cloudflare
etag: "61914482-20cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHcQgjqR62fZA%2BErcCeKagGEFVmVQWG4I6v0Z8khU%2Fqczaj796JOzx9d2JXgTLBnCwidP%2FmNFiKAX0KLBNEp1PIlAvEVFTcA7XbWkfckhfJS%2FbE1JmICDCijrqHmNs9XQgE%2FUflmNxs%2FKiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 17:23:31 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c8482f6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2021/10/29/2270474/ 16 KB
16 KB 22ms
18ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/10/29/2270474/384x216.jpg?_=1635493357
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847a77e11f3d357062dcc0b048f8db68965b8e8395ce297893c9620bb246403f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2260
cf-polished: origSize=16955, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15946
last-modified: Fri, 29 Oct 2021 07:42:37 GMT
server: cloudflare
etag: "617ba5ed-423b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnHTlzwos7AF29RXavZ6E4tk3dpQtY4hb6gZoTX5HGz8a5b7z%2Bh8c7bp%2F8quKWzCtbBkzlpHI%2FOwdFFP5imaieJv6oYr3snRJkXWcS5LWk2CGV%2FcJk00R0cGBIUqamWgNs2TMlCf5h%2FV%2BS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 15 Dec 2021 07:04:10 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848306957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2021/11/15/2276948/ 18 KB
18 KB 29ms
25ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/15/2276948/384x216.jpg?_=1636959479
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c606acd58d74e664f7150eb4a246a0c4fd66909fbf5625f206bbbe97fc28fbcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2502
cf-polished: origSize=19324, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18064
last-modified: Mon, 15 Nov 2021 06:57:59 GMT
server: cloudflare
etag: "619204f7-4b7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOybWZpULn7sc1qkfe47UJVlfjfGhLDCIjN6f%2BGtguI%2BXz9wGfv3Z%2BT%2BsEywbKYXpOdq1hHj%2B60yBvTOsC2lO%2F7AnmKZTlMIxNAOniMoYAByOEl6pR4NZcp7aIk1CIAfVVeSXmkC6km9D9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 15 Dec 2021 06:57:56 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848316957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2021/09/09/2248924/ 16 KB
16 KB 23ms
19ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/09/09/2248924/384x216.jpg?_=1631174622
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6856ffe0ba776af0c94d1bc4cc68cf9e5c5173131b1b8a9c0c285a00d309

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1474407
cf-polished: origSize=16838, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15997
last-modified: Thu, 09 Sep 2021 08:03:42 GMT
server: cloudflare
etag: "6139bfde-41c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOWr6U%2BplawYuiDn5ZSlGtqgGsHg0%2BRo0hzGwwCv9E%2F7thgxw5Qr8%2FyuACGbMRBXs3CbhonnDZbwuJBMCbiq6l7Z1OzNJJB%2BJEqF80hCBpTNvsu155pEGFHDz5qWZ5TEI2pIg8K2QSPrHx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 28 Nov 2021 06:06:34 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848336957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2020/02/21/1962041/ 15 KB
16 KB 29ms
25ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2020/02/21/1962041/384x216.jpg?_=1584964047
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c175a44435cc9d92352d9bdd419ee7c1e7adfb75ab4ed5fcf72232984e945588

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80564
cf-polished: origSize=16290, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15439
last-modified: Mon, 23 Mar 2020 11:47:27 GMT
server: cloudflare
etag: "5e78a1cf-3fa2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CK8BL1blLJG7yh7Hcpuca47TbEM36%2BYil8qSf9dhoLF%2BYPV1nK06fd29gDGbgx%2FtndpwEb1FM7lUBN%2FRzeR7bldojmI7F%2BrXs7gXvAXfPvZ2JYeVlZ5v9faXUUk5bmEoaQZ7yTpfjgrCq2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 09:16:55 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848346957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2021/11/14/2276755/ 14 KB
15 KB 29ms
26ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/14/2276755/384x216.jpg?_=1636904820
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 502b218502d7385066a0652a4f2a97879b6aadf7361796b405dd70eff7247e27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57700
cf-polished: origSize=15856, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14767
last-modified: Sun, 14 Nov 2021 15:47:00 GMT
server: cloudflare
etag: "61912f74-3df0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5yuh2jVpb7CvxkT2L7ZWE8DIQv9J1pBn8QOz7M%2FRXUv%2FBWNCd4YgPXI3z1%2BcYS9J0l6q9qTyN5X%2FAasvW5JWiZvWLZcS2O5m9zZw8r5mzpZYQpMoQC5as2cnl7x6jcf53mTq943GEF7d%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 15:37:59 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848366957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2021/09/01/2245316/ 29 KB
30 KB 32ms
28ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/09/01/2245316/384x216.jpg?_=1630479907
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e43e22ff4f2bd3f5f680ed6382e4321212aeb252ffaf6f465b7ee22ca6b9820

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12797
cf-polished: origSize=32770, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30088
last-modified: Wed, 01 Sep 2021 07:05:07 GMT
server: cloudflare
etag: "612f2623-8002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbzbCwYHJbqEPHJO0OmEl5KJpy79UFYkT287mQ9lhhGPKh%2FPLQdGQLhLFI679b3v7XiShlIq%2BLz8Bh6qjgNe6Q0gZg8u3RmLk1qgZymmChlqrAShztRdfbgVgj9%2F5hRVYnqcsNSF22Vjf3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 15 Dec 2021 04:08:32 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c848396957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2021/11/11/2275514/ 9 KB
10 KB 22ms
19ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/11/2275514/384x216.jpg?_=1636617028
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3fd6c63da4e4a1a7c6200535a6b43c30d5d8fdabe5536cdf224e92703a6a1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 250482
cf-polished: origSize=9919, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9336
last-modified: Thu, 11 Nov 2021 07:50:28 GMT
server: cloudflare
etag: "618ccb44-26bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw5nhVafoL75Oc9LVLO5mEuPyIHqm1%2F0o3jODTLndaGuvU4VjtHOloi1Qv5bQZ2YJ%2BZagxskLSAvED%2B4KJKufA147QaKeyPyrYQgxS8%2FuJSDxp57aH0MB9MQMCZnqPXErdhmCUD96T52A98%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 12 Dec 2021 10:07:09 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c8483a6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2021/11/10/2274929/ 15 KB
16 KB 23ms
20ms Image
image/jpeg 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2021/11/10/2274929/384x216.jpg?_=1636525111
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdbed939f0ee92c2c08b187b0a7b0fed0f939ba4b6845bfa9d764c16e402998e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96899
cf-polished: origSize=16479, status=vary_header_present
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15661
last-modified: Wed, 10 Nov 2021 06:18:31 GMT
server: cloudflare
etag: "618b6437-405f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbaoj5UGtd3kgnqtDj0%2B988IPmEA%2FK111e4miFWmUQvep7AdMpT%2BrEaFBLAIvT6%2BXwuHqdr47WZEeFEwnNpGb4d9iE6jMNBHyjvDodzmBRRpcAoKXkJixl78mVEk%2FdwPYFzbQqLtDYUm%2Fow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 04:44:40 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ae6d9c8483c6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100,h2pri

GET
H2 200 dir-privacy-normal.svg
static.dir.bg/images/ 1 KB
964 B 27ms
24ms Image
image/svg+xml 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/dir-privacy-normal.svg?_=1602064377
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29df6cb7b78091dea9b58a6412063cfe513b1d348630176973957a05809faae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5100
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 07 Oct 2020 09:52:57 GMT
server: cloudflare
etag: W/"5f7d8ff9-485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSWsJRZULnSm6k0Wd%2F7aWiK920mA8c%2FkCsvSHl0X%2F0da6WnkCL9jhuDAluOthiy3C0nFf9ZFkvP6Ldut8dJOPSl8xpOH%2BmAkJev19diH%2BWhI8StQuX0spymPtVmD6c5FazugdjLIknxyqSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c8483d6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 07 Nov 2021 15:58:36 GMT

GET
H2 200 dir-privacy-hover.svg
static.dir.bg/images/ 1 KB
1019 B 24ms
21ms Image
image/svg+xml 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/dir-privacy-hover.svg?_=1602064377
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac32abbd1af0872391d93e24d851ad4a8c810a6ee9739eb20b19a552d124f5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5100
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 07 Oct 2020 09:52:57 GMT
server: cloudflare
etag: W/"5f7d8ff9-450"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NXS8Sm4iYWJDVPMWhImLRUp6zz5i6gl3ZCtaT6AsuczFaIU%2BexCgawBX7T9K3i5qxKzjoIs3dWpyz8%2FqOpL8di4UoHdgjylzeC8TmdfkCpWL1Ht6xVcoHpqjl%2Ff7AVDsP4M3s9Mj421e80%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c8483e6957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 07 Nov 2021 15:58:36 GMT

GET
H2 200 all.js Show response
static.dir.bg/js/mobile/ 532 KB
170 KB 30ms
29ms Script
application/javascript 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/js/mobile/all.js?_=1636473184
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c2b6cf3b3cb1e1fd877dcbf9fc99c7590ae356501281fab9eac7a970183d5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489402
cf-polished: origSize=544281
access-control-max-age: 172800
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 15:53:04 GMT
server: cloudflare
etag: W/"618a9960-84e19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmEjPGrMBUSakktiwpfqp2tetoVufYx4DnVzTrKAA6FQorZhPfa%2BvQxlyAD9mGKOWgA9PRY6pKnXJTtmgRrdhHjJarfyZThfwDrM4QUB1ABSyP1txfywVlps%2BwR0G%2BzV81C%2BCKEt55f%2Fd%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 09 Dec 2021 15:45:11 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c81fc16957-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: minify

GET
H/1.1 200
OK 9iqtAeEspwts Show response
cdn.onthe.io/io.js/ 55 KB
18 KB 54ms
19ms Script
text/javascript 116.202.11.240
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/9iqtAeEspwts
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.202.11.240 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.240.11.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 9d49ffb2d1eb78628166257bad0f24a773b8b6d9b227e668e19f629059555bf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:20:16 GMT
Server: nginx
ETag: W/"60e6fb90-dce2"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 16 Nov 2021 07:43:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
45 KB 52ms
19ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PL4TVQ6

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cd4ad55326b0aa8af16cc9080273f0cb9889c7e43c17b7e6d2026175eddbae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 46153
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Nov 2021 07:43:48 GMT

GET
H2 200 icomoon.ttf
static.dir.bg/fonts/ 105 KB
106 KB 39ms
13ms Font
application/x-font-ttf 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/icomoon.ttf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/mobile/all.css?_=1636473153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a46a16fc061faeaf0f72654263d3222095cfde3cb0088f72a333824ffa62cf6

Request headers

Referer: https://static.dir.bg/css/mobile/all.css?_=1636473153
Origin: https://m.dir.bg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 13:22:58 GMT
server: cloudflare
etag: W/"6103fd32-1a5b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIj3r5bFQjNFDnhrV07%2FnlyxedAkJPN6VVgeUrE%2B9mW9V0CBmPxO%2FOJb9dKM%2FfhUiIxHSs%2FtSw3Af6MLOAe94YMms3RHDTg8%2BVHgjN2KD0vWjj8Ol0Xpc%2BYT0mi5NoDHijP%2Bhw1XtyzlQL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c879a72c19-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 07 Nov 2021 16:00:15 GMT

GET
H2 200 Repo-DemiBold.otf
static.dir.bg/fonts/ 99 KB
99 KB 61ms
36ms Font
application/x-font-opentype 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-DemiBold.otf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/mobile/all.css?_=1636473153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82edbdabf49d8335e340a3ff29bf54cbd0e7ff7cf3ecf25e2c1473976ed2e235

Request headers

Referer: https://static.dir.bg/css/mobile/all.css?_=1636473153
Origin: https://m.dir.bg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 29 May 2020 11:29:39 GMT
server: cloudflare
etag: W/"5ed0f223-18a28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpsAX36djz%2Fe76dKUd6Q9xblx1fWzFdAtfljLkGfE9pSpZEraann4wjxRbkwaVuY%2B92SjG5F1JLS2RoI9TftMcju0oqO%2BZE6EOZtDNSTZwJsg0KOAMt3UaY1ycWvNZ%2Fd2FF8wsLKEVasIhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-opentype
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c879ad2c19-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 07 Nov 2021 15:58:30 GMT

GET
H2 200 Repo-Medium.otf
static.dir.bg/fonts/ 98 KB
99 KB 65ms
41ms Font
application/x-font-opentype 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-Medium.otf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/mobile/all.css?_=1636473153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa5ab198a4dc6bd735732c995e91fc85cab8fd41d5ec9cfba80490c6d3eaa38a

Request headers

Referer: https://static.dir.bg/css/mobile/all.css?_=1636473153
Origin: https://m.dir.bg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 29 May 2020 11:29:43 GMT
server: cloudflare
etag: W/"5ed0f227-18954"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAN%2FTDoQ%2F9KdfCN9PZnc7fDE5PEmhpvLOACfwFyczqzTK338L30Kp2R5leYkP6Gzt6q51YkIEbYZE3x%2FIF4SHkxY83yc3IK%2FBu8g6Uk9D%2FWMyo%2BTQQHuErzAC0HRxXo3LNT4hGxkQBXBVTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-opentype
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c879ac2c19-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 07 Nov 2021 15:58:30 GMT

GET
H2 200 Repo-Bold.otf
static.dir.bg/fonts/ 99 KB
100 KB 60ms
36ms Font
application/x-font-opentype 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-Bold.otf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/mobile/all.css?_=1636473153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e944dee615571f80a8bd93892f886d18e735bcc2bca3d4b25dc91f902fe27c7

Request headers

Referer: https://static.dir.bg/css/mobile/all.css?_=1636473153
Origin: https://m.dir.bg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 29 May 2020 11:29:38 GMT
server: cloudflare
etag: W/"5ed0f222-18d14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAtZ6yDHSqEie4Ijozt8Q09gfCFZWuktI8vHOFq6cYMp3qfv7ST6ag0rBrWAuG35gvi4UoaRuqNsh510OBpr7iNonD9eug%2FFAk1QqDWXybjRlnsZKYiUZsee4djsv%2FCEsyhOR33Wb%2FbuMTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-opentype
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c879a92c19-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 07 Nov 2021 15:58:30 GMT

GET
H2 200 Repo-Regular.otf
static.dir.bg/fonts/ 98 KB
98 KB 54ms
29ms Font
application/x-font-opentype 2606:4700:20::ac43:47c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-Regular.otf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/mobile/all.css?_=1636473153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ae46fa7e695109b25176a1174ac6b65cf92735ee0724331b83c54b1ab5e452

Request headers

Referer: https://static.dir.bg/css/mobile/all.css?_=1636473153
Origin: https://m.dir.bg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 29 May 2020 11:29:44 GMT
server: cloudflare
etag: W/"5ed0f228-18754"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFcGAQfWYEWKL%2ByNPhGoyH2VG32UiZrVQdbhi3ce%2B9I2PnnVqDusQ7bRHO3%2FdYB3ORFUDrfcG9h%2FOAg9m58Vysqf7HApGEEy5PnbkUZE1N6c7Ku7tkYlCFr0%2FXYbxxx2DJP4M8ummfpSXyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-opentype
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 6ae6d9c879a82c19-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 07 Nov 2021 15:58:30 GMT

GET
H2 200 xgemius.js Show response
gabg.hit.gemius.pl/ 40 KB
11 KB 102ms
31ms Script
application/x-javascript 78.128.6.42
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/xgemius.js
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-42.telehouse.bg
Software: GHC /
Resource Hash: 99a336d42e4e130971fac5e498ac76a43d12fd0acb56a846543dfaa37eccb67c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 10:11:55 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Mon, 15 Nov 2021 19:43:48 GMT

GET
H2 200 pubads_impl_2021111101.js Show response
securepubads.g.doubleclick.net/gpt/ 343 KB
115 KB 14ms
14ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 117937
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Nov 2021 07:43:48 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 191 B
628 B 35ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.dir.bg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ebd7bb4813a955b3869e8e96fda4e17cdce38b75de2debbd39abdf0dc1d8a2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 117
x-xss-protection: 0
expires: Mon, 15 Nov 2021 07:43:48 GMT

GET
H2 200 init Show response
m.dir.bg/ 99 B
1 KB 47ms
47ms XHR
application/json 194.145.63.11
DIRBG-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://m.dir.bg/init?article_id=40329291

Requested by

Host: static.dir.bg
URL: https://static.dir.bg/js/mobile/all.js?_=1636473184

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.145.63.11 Sofia, Bulgaria, ASN8860 (DIRBG-AS, BG),

Reverse DNS

id.dir.bg

Software

Dir.bg Web Server /

Resource Hash

3ed6d2b0fa5a5283b7cb81cde055de9caaca8dbb9aa25074fdd9b0e84cef1317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Dir.bg Web Server
x-frame-options: DENY
x-web: 1
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 42ms
11ms XHR
text/javascript 188.40.118.169
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=25984:uniques_instantly[url:%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie,domain:dnes.dir.bg,page:%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg,page_type:article,author:%D0%9A%D0%B0%D0%BB%D0%B8%D0%BD%20%D0%9A%D0%B0%D0%BC%D0%B5%D0%BD%D0%BE%D0%B2,category:%D0%9E%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE,language:bg,type_article:image,reference_time:549,pub_date:Sun%2C%2014%20Nov%2021%2007%3A56%3A30%20%2B0200,url_real:%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36,device:desktop,browser_version:Chrome%2095,browser:Chrome,depth:1,user_type:new,user_id:ac2856c09.6871f1dca_1636962228687,session_id:3b4147fe3.aae8f9f3b_1636962228688,cdn_version:27]&s=82e9c82c1a072e9873484057dab96e77&1636962228692
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/9iqtAeEspwts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.169.118.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:48 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 39ms
11ms XHR
text/javascript 188.40.118.169
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=25984:visits_instantly[url:%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie,domain:dnes.dir.bg,page:%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg,page_type:article,author:%D0%9A%D0%B0%D0%BB%D0%B8%D0%BD%20%D0%9A%D0%B0%D0%BC%D0%B5%D0%BD%D0%BE%D0%B2,category:%D0%9E%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE,language:bg,type_article:image,reference_time:549,pub_date:Sun%2C%2014%20Nov%2021%2007%3A56%3A30%20%2B0200,url_real:%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36,device:desktop,browser_version:Chrome%2095,browser:Chrome,depth:1,user_type:new,user_id:ac2856c09.6871f1dca_1636962228687,session_id:3b4147fe3.aae8f9f3b_1636962228688,cdn_version:27]&s=82e9c82c1a072e9873484057dab96e77&__io=ac2856c09.6871f1dca_1636962228687&1636962228696
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/9iqtAeEspwts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.169.118.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:48 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 37ms
11ms XHR
text/javascript 188.40.118.169
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=25984:pageviews[url:%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie,domain:dnes.dir.bg,page:%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg,page_type:article,author:%D0%9A%D0%B0%D0%BB%D0%B8%D0%BD%20%D0%9A%D0%B0%D0%BC%D0%B5%D0%BD%D0%BE%D0%B2,category:%D0%9E%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE,language:bg,type_article:image,reference_time:549,pub_date:Sun%2C%2014%20Nov%2021%2007%3A56%3A30%20%2B0200,url_real:%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36,device:desktop,browser_version:Chrome%2095,browser:Chrome,depth:1,user_type:new,user_id:ac2856c09.6871f1dca_1636962228687,session_id:3b4147fe3.aae8f9f3b_1636962228688,cdn_version:27]&s=82e9c82c1a072e9873484057dab96e77&1636962228698
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/9iqtAeEspwts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.169.118.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:48 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4TVQ6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6162
date: Mon, 15 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Mon, 15 Nov 2021 08:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: bQhgKjXFehN59JaEtfYGXspIgukU3srvxlC1Qr3GKLfKX/DGv/z+O5sTe0sfWmWYXRt1+4rinKcUoidUaOn8YA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 15 Nov 2021 07:43:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gdpr-liveramp.js Show response
gdpr-wrapper.privacymanager.io/gdpr/a057da92-51b6-4f1e-aa89-67526a801cf4/ 53 KB
14 KB 39ms
10ms Script
text/javascript 2600:9000:2156:f000:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/a057da92-51b6-4f1e-aa89-67526a801cf4/gdpr-liveramp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4TVQ6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 309510aebb8bc255381dcb30cff85699481253daeb282b6be69be38b29bb1745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:12:11 GMT
content-encoding: gzip
age: 52298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="gdpr-liveramp.js"
last-modified: Wed, 13 Oct 2021 12:13:36 GMT
server: AmazonS3
etag: W/"731cbfe7d133614350ca563f8ab2a653"
vary: Accept-Encoding
x-amz-version-id: L1CcVDgX4KF.IWyEg9rxSiR28XTcUlZV
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: N5JqdmRD3EyUt4rtlje2JzlYbEZ62eaLqYILYv7arwcI9JEsy7WOaw==

GET
H2 200 DFPAudiencePixel;ord=3789391583938350;dc_seg=6843894373
pubads.g.doubleclick.net/activity;dc_iu=/118570770/ 42 B
410 B 31ms
30ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/118570770/DFPAudiencePixel;ord=3789391583938350;dc_seg=6843894373?

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gabg.hit.gemius.pl/ 275 B
389 B 31ms
30ms Script
application/x-javascript 78.128.6.42
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/fpdata.js?href=m.dir.bg
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-42.telehouse.bg
Software: GHC /
Resource Hash: 4f2ada55781ff0f08855ee05820dfbaea3633355e175ff858334430cf20bb70a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 275
expires: Wed, 15 Dec 2021 07:43:48 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 0FA5 5 KB
3 KB 118ms
36ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 5380c842e9cb6f9dce3a59b48418793f9595cb90bf9ba10b046fbc113aa587ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
expires: Wed, 15 Dec 2021 07:43:48 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2720
content-encoding: gzip

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
424 B 40ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.dir.bg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
424 B 40ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.dir.bg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 198 KB
29 KB 604ms
604ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1483819435142467&correlator=3724028612191597&output=ldjh&impl=fifs&eid=31063712%2C31063720%2C44754276&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211115&iu_parts=118570770%2CMobile_Top%2CMobile_PR%2CMobile_PR_2%2CMobile_PR_Life%2CMobile_PR_Corner%2CMobile_Middle%2CMobile_Bottom%2C6%2CMobile_3%2C7%2CMobile_FP_Banks%2CSticky_mobile_bottom%2CWeb_interstitials&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13&prev_iu_szs=200x200%7C250x250%7C300x50%7C300x75%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120%7C336x280%2C320x100%2C320x100%2C1x1%2C320x50%7C200x200%7C320x100%7C250x250%7C300x250%7C300x120%7C320x50%7C300x100%7C180x150%7C240x400%7C234x60%7C336x280%2C200x200%7C250x250%7C250x360%7C300x50%7C300x75%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120%7C336x280%2C200x200%7C250x250%7C300x50%7C300x75%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120%7C336x280%7C400x300%2C200x200%7C250x250%7C250x360%7C300x50%7C300x75%7C300x100%7C300x600%7C300x250%7C320x50%7C320x100%7C320x120%7C336x280%7C320x480%2C320x50%7C300x75%7C320x120%7C200x200%7C336x280%7C300x100%7C300x250%7C300x50%7C300x600%7C320x50%7C320x100%7C250x250%2C200x200%7C250x250%7C300x50%7C300x75%7C300x100%7C300x600%7C300x250%7C320x50%7C320x100%7C320x120%7C336x280%7C320x480%2C300x75%7C300x100%7C300x250%7C300x50%2C320x120%7C300x100%7C300x31%7C300x120%7C300x50%7C320x100%7C320x50%7C300x75%2C1x1&fluid=0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0&ists=513&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&cust_params=siteName%3Ddnes%26url%3Dhttps%253A%252F%252Fm.dir.bg%252Fdnes%252Fobshtestvo%252Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie%26device%3Dmobile%26articleid%3D40329291%26page%3Darticle%26catid%3D63%26otherSectionIds%3D%26Cities%3D%26topicIds%3D%26isGallery%3D0%26themeId%3D0%26themeIds%3D18%252C82%26Adult%3Dno%26URBNsection%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1636962228&dt=1636962228800&dlt=1636962228414&idt=354&frm=20&biw=1600&bih=1200&oid=2&adxs=700%2C0%2C-9%2C-9%2C-9%2C10%2C700%2C10%2C10%2C-9%2C-9%2C640%2C-9&adys=72%2C9280%2C-9%2C-9%2C-9%2C6781%2C8788%2C2790%2C6781%2C-9%2C-9%2C1169%2C-9&adks=1874766543%2C1078822101%2C2798825546%2C1046233794%2C1687672021%2C349569675%2C2600351229%2C2935147583%2C931471045%2C356494327%2C3240434709%2C2646732444%2C982957281&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x124%7C1600x0%7C0x-1%7C0x-1%7C0x-1%7C1580x20%7C1600x30%7C1580x5437%7C1580x5437%7C0x-1%7C0x-1%7C1600x-1%7C0x-1&msz=1600x62%7C1600x0%7C0x-1%7C0x-1%7C0x-1%7C1580x20%7C1600x30%7C1580x0%7C1580x0%7C0x-1%7C0x-1%7C1600x-1%7C0x-1&ga_vid=529222093.1636962229&ga_sid=1636962229&ga_hid=2116550399&ga_fc=false&fws=0%2C0%2C2%2C2%2C2%2C0%2C0%2C0%2C0%2C2%2C2%2C512%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C1%7C-1%7C-1%7C-1%7C2%7C3%7C4%7C5%7C-1%7C-1%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

112cb2cf09f8d5ad6da61118d88f500168137c5e84b2a1ea5de48c12c35bcf33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 29162
x-xss-protection: 0
google-lineitem-id: 5823997818,-2,-2,-2,-1,-1,-2,-1,-1,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369627125,-2,-2,-2,-1,-1,-2,-1,-1,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.dir.bg
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5931236223f5dd945ad5f01e61afe94b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B7DD 6 KB
3 KB 63ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5931236223f5dd945ad5f01e61afe94b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 15 Nov 2021 07:43:48 GMT
expires: Tue, 15 Nov 2022 07:43:48 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: clear

GET
H2 200 pubads_impl_page_level_ads_2021111101.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 20ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021111101.js?cb=31063720

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

da913c5532c512206c7eab6fd77ce0027e07e533dd3c66db8a1d9486c531f5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13484
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Nov 2021 07:43:48 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 14ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2116550399&t=pageview&_s=1&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ul=en-us&de=UTF-8&dt=%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1984583077&gjid=931208534&cid=529222093.1636962229&tid=UA-436010-38&_gid=1706703756.1636962229&_r=1&gtm=2wgba1PL4TVQ6&z=1284267740

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.dir.bg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.dir.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2116550399&t=pageview&_s=1&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ul=en-us&de=UTF-8&dt=%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1012060021&gjid=1915116364&cid=529222093.1636962229&tid=UA-436010-11&_gid=1706703756.1636962229&_r=1&gtm=2wgba1PL4TVQ6&z=825407474

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.dir.bg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.dir.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 7ms
5ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2116550399&t=event&ni=0&_s=1&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ul=en-us&de=UTF-8&dt=%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20View%20PR7&ea=PR7%20-%20&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=529222093.1636962229&tid=UA-436010-11&_gid=1706703756.1636962229&gtm=2wgba1PL4TVQ6&z=1355667411

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 14:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61392
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2116550399&t=event&ni=0&_s=1&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ul=en-us&de=UTF-8&dt=%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20View%20PR8&ea=PR8%20-%20&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=529222093.1636962229&tid=UA-436010-11&_gid=1706703756.1636962229&gtm=2wgba1PL4TVQ6&z=963575666

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 14:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61392
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2116550399&t=event&ni=0&_s=1&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ul=en-us&de=UTF-8&dt=%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20View%20PR9&ea=PR9%20-%20&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=529222093.1636962229&tid=UA-436010-11&_gid=1706703756.1636962229&gtm=2wgba1PL4TVQ6&z=605911817

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 14:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61392
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2116550399&t=event&ni=0&_s=1&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ul=en-us&de=UTF-8&dt=%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20View%20PR10&ea=PR10%20-%20&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=529222093.1636962229&tid=UA-436010-11&_gid=1706703756.1636962229&gtm=2wgba1PL4TVQ6&z=178345860

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 14:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61392
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2116550399&t=event&ni=0&_s=1&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ul=en-us&de=UTF-8&dt=%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20View%20PR11&ea=PR11%20-%20&el=PR11%20-%20&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=529222093.1636962229&tid=UA-436010-11&_gid=1706703756.1636962229&gtm=2wgba1PL4TVQ6&z=159677716

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 14:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61392
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
8ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2116550399&t=event&ni=0&_s=1&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ul=en-us&de=UTF-8&dt=%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20View%20PR12&ea=PR12%20-%20&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=529222093.1636962229&tid=UA-436010-11&_gid=1706703756.1636962229&gtm=2wgba1PL4TVQ6&z=841431071

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 14:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61392
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
8ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2116550399&t=event&ni=0&_s=1&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ul=en-us&de=UTF-8&dt=%D0%94-%D1%80%20%D0%94%D0%B5%D0%BD%D1%87%D0%B5%D0%B2%D0%B0%3A%20%D0%9F%D0%B0%D1%86%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%82%D0%B5%20%D1%81%20%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%20%D0%BF%D1%80%D0%B8%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D1%82%20%D0%B2%20%D0%BD%D0%B5%D0%BF%D1%80%D0%B5%D0%B4%D0%B2%D0%B8%D0%B4%D0%B8%D0%BC%D0%BE%20%D1%81%D1%8A%D1%81%D1%82%D0%BE%D1%8F%D0%BD%D0%B8%D0%B5%20%7C%20%D0%94%D0%BD%D0%B5%D1%81.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20View%20PR13&ea=PR13%20-%20&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=529222093.1636962229&tid=UA-436010-11&_gid=1706703756.1636962229&gtm=2wgba1PL4TVQ6&z=2037103508

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 14:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61392
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 691519781247680 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/691519781247680?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38156f937de4977740afd3fa12d0fe6b5a9889c68db4871d348f66b37000d018

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88848
x-xss-protection: 0
pragma: public
x-fb-debug: gQObeqJ0zgy3ZOrOfohqCPTAoZoUe6AkBGBTsurGRPwMNo1TqNupc3czpQA8v8xPtx0wqnDolzZbTfJW5YDqJQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 15 Nov 2021 07:43:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gdpr.bundle.js Show response
gdpr.privacymanager.io/latest/ 181 KB
53 KB 38ms
9ms Script
application/x-javascript 2600:9000:2156:4a00:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by: Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/a057da92-51b6-4f1e-aa89-67526a801cf4/gdpr-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 998e1202c2e488520a53e1d57ca8727b4949a877a7859b792b2e09c24478d91e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: WP0bKyowHzrsHiT2hxBvXYPylhd2JW6U
content-encoding: gzip
etag: W/"7876225da1c7c1879fbf776652cdff49"
age: 2192
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:3523e2ba-d311-4d06-945a-1b6c9f385d00
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d86d21112f5a5c12c97d5a1168d27bb8
last-modified: Fri, 12 Nov 2021 13:06:34 GMT
server: AmazonS3
date: Mon, 15 Nov 2021 07:07:17 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 6dbe31d0c82f8860b85124ddd28c8c000f6ab3aa72ba5d09201eac47f121e1fe
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: xhyLf2BhGKMIbpx6cz-lC26BdeyFuVRWsJf4gBwWideDU5A7L1i_7Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
312 B 42ms
13ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-436010-11&cid=529222093.1636962229&jid=1012060021&gjid=1915116364&_gid=1706703756.1636962229&_u=YAjAAEABAAAAAC~&z=838853375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.dir.bg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Nov 2021 07:43:48 GMT
content-type: text/plain
access-control-allow-origin: https://m.dir.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=691519781247680&ev=PageView&dl=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&rl=&if=false&ts=1636962228902&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636962228901.1052509176&it=1636962228858&coo=false&rqm=GET

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 15 Nov 2021 07:43:48 GMT

GET
H2

200

rexdot.js Show response
gabg.hit.gemius.pl/__/_1636962228908/
Redirect Chain

https://gabg.hit.gemius.pl/_1636962228908/rexdot.js?l=100&id=0iiVJGbSLRDxKVR5H_8PJ8Q5nO5K9mSU_KlzR01InHj.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.dir.bg%2F...
https://gabg.hit.gemius.pl/__/_1636962228908/rexdot.js?l=100&id=0iiVJGbSLRDxKVR5H_8PJ8Q5nO5K9mSU_KlzR01InHj.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.dir.bg...

169 B
424 B

69ms
69ms

Script
application/x-javascript

78.128.6.42
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/__/_1636962228908/rexdot.js?l=100&id=0iiVJGbSLRDxKVR5H_8PJ8Q5nO5K9mSU_KlzR01InHj.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=163&lsdata=oSsccglH62Gjamp0HHYmwhsGb6VVbecKkcHJu1UqC9X.Y78GotjERShI.TjEs.whfyTJWTmnMByU_R23dhLdwRXO2iP./sBaJeTrUmrLYZ/&fpdata=WSrHo5BwC7H2QJLgf5iigPhiRMfPP5d8vb7HpP29_Tz.N7&vis=1&fpcap=
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Server: 78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-42.telehouse.bg
Software: GHC /
Resource Hash: 5ed4c8c7aa8eb782014c1e18a199a4ffb01f313868bda916f73331e4bd0f9a62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:48 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sun, 14 Nov 2021 07:43:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:48 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1636962228908/rexdot.js?l=100&id=0iiVJGbSLRDxKVR5H_8PJ8Q5nO5K9mSU_KlzR01InHj.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=163&lsdata=oSsccglH62Gjamp0HHYmwhsGb6VVbecKkcHJu1UqC9X.Y78GotjERShI.TjEs.whfyTJWTmnMByU_R23dhLdwRXO2iP./sBaJeTrUmrLYZ/&fpdata=WSrHo5BwC7H2QJLgf5iigPhiRMfPP5d8vb7HpP29_Tz.N7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 14 Nov 2021 07:43:48 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
376 B 41ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-436010-11&cid=529222093.1636962229&jid=1012060021&_u=YAjAAEABAAAAAC~&z=1657481793

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
376 B 41ms
18ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-436010-11&cid=529222093.1636962229&jid=1012060021&_u=YAjAAEABAAAAAC~&z=1657481793

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 portal.html Show response
734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io/1/ Frame F6D6 90 B
690 B 38ms
7ms Document
text/html 143.204.98.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io/1/portal.html
Requested by: Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-26.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33b8a86d292ce4a53436d5165402c3d00ff49f66f0b73be3822bafbdaef816c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html
content-length: 90
last-modified: Fri, 12 Nov 2021 13:06:38 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 6dbe31d0c82f8860b85124ddd28c8c000f6ab3aa72ba5d09201eac47f121e1fe
x-amz-version-id: KfuCuDLNtxrZ3hNVUR.f_zAofuG2XOc0
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:3523e2ba-d311-4d06-945a-1b6c9f385d00
x-amz-meta-codebuild-content-md5: d86d21112f5a5c12c97d5a1168d27bb8
accept-ranges: bytes
server: AmazonS3
date: Mon, 15 Nov 2021 00:14:11 GMT
etag: "1f611a5f6cb8a207a9dd8aeb271f7368"
x-cache: Hit from cloudfront
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6TWTYcTVAzXnvcVOCnB5M956XlsFgW-eRyfbJhpeao5isnjnklXUdw==
age: 26991

GET
H2 200 portal.bundle.js Show response
734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io/1/ Frame F6D6 21 KB
8 KB 8ms
8ms Script
application/x-javascript 143.204.98.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io/1/portal.bundle.js
Requested by: Host: 734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io
URL: https://734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io/1/portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-26.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55db00ecc34e264b63b8d276855be7b32400968b7f43e52c67c65c3d57bd7f27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io/1/portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: EXqQdf69BNva.yJNd189T5NwZJqETdja
content-encoding: gzip
etag: W/"51af29db83c5c5b0d859e6b91e8dc47b"
age: 26993
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:3523e2ba-d311-4d06-945a-1b6c9f385d00
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d86d21112f5a5c12c97d5a1168d27bb8
last-modified: Fri, 12 Nov 2021 13:06:38 GMT
server: AmazonS3
date: Mon, 15 Nov 2021 00:14:11 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 6dbe31d0c82f8860b85124ddd28c8c000f6ab3aa72ba5d09201eac47f121e1fe
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: 1bzoaLh-XWNgVos5T-XrTxxmbYap4d_2uWoAkW0qs6MnT-YgYCtxDg==

OPTIONS
H2 200 vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/a057da92-51b6-4f1e-aa89-67526a801cf4/ Frame 0
0 26ms
10ms Preflight 2600:9000:2156:f000:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/a057da92-51b6-4f1e-aa89-67526a801cf4/vendor-list.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://m.dir.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sun, 14 Nov 2021 17:12:11 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PqiSW4HLR3biAph7ksqlA5KYclKrfVgaMoUk2-IJpr2OpdKbWn4SFw==
age: 52299

GET
H2 200 vendor-list.json Show response
gdpr-wrapper.privacymanager.io/gdpr/a057da92-51b6-4f1e-aa89-67526a801cf4/ 221 KB
28 KB 9ms
9ms Fetch
application/json 2600:9000:2156:f000:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/a057da92-51b6-4f1e-aa89-67526a801cf4/vendor-list.json
Requested by: Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a7591c2c8a91194a263198ae97e3677ded2d5d4316dea3ed1837706c87c4db9

Request headers

Accept: application/json
Referer: https://m.dir.bg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: OHTcfxuF_7t6UR7ThK68cOEMDe0kF63G
content-encoding: gzip
etag: W/"ead1f95ec626ed3f3d7b396f7524486c"
age: 1868
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Sun, 14 Nov 2021 17:07:47 GMT
server: AmazonS3
date: Mon, 15 Nov 2021 07:12:42 GMT
access-control-allow-methods: GET
content-type: application/json
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YNrrYP39uCNT1hd9ir6cJBJsFY2UGTafAvh0z0DK9h5vnEm-lxAkhA==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
596 B 7ms
7ms Fetch
application/json 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept: application/json
Referer: https://m.dir.bg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Nov 2021 14:32:43 GMT
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
age: 61866
x-amzn-requestid: d55559d6-3bac-4c21-8d41-e75f67dae521
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61911e0b-7eb1e888575b6564782d853f;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA50-C1
x-amz-apigw-id: IzGhzEQJDoEFnCQ=
content-length: 30
x-amz-cf-id: Eyf9IvqRlvOunlnWRXHZNsxbEcXZu-R4TG919bpIdGXg_K05l_wm8Q==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 109ms
82ms Preflight
application/json 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://m.dir.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 15 Nov 2021 07:43:49 GMT
x-amzn-requestid: 86e8d82a-0ad2-4ce5-9d56-8b93ef8aa75f
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: I1dkVGZxjoEFiCQ=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1 FRA50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: d1efP6BN_h_-fiR6EzZbn5fbVzsPFq1WScUrAJS9m_g_-het_rOoZg==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 42ms
19ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5029298dca15df84867f262f278a503c3cfe7dc9df69b3a7f9a4a528e1171fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 9245
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: clear
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 15 Nov 2021 07:43:49 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E5E8 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 14 Nov 2021 18:16:12 GMT
expires: Mon, 14 Nov 2022 18:16:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48457
alt-svc: clear

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1B87 783 B
967 B 17ms
17ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cad624cae07717993f770db059226bac75a687bb5f4ad2b5b7d18e15e60dc783

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Arw5cgtLVIEMyuBSiwyFDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 15 Nov 2021 07:43:49 GMT
date: Mon, 15 Nov 2021 07:43:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Arw5cgtLVIEMyuBSiwyFDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: clear

GET
H2 200 index.html Show response
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 1 KB
1 KB 52ms
7ms Document
text/html 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by: Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html
last-modified: Wed, 03 Nov 2021 16:57:28 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-version-id: geR9VcPto9ZrTyc8lR76LnYjF.84V0rk
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
server: AmazonS3
content-encoding: gzip
date: Wed, 10 Nov 2021 16:57:46 GMT
cache-control: must-revalidate,public,max-age=604800
etag: W/"b8061b8850e21ea20dba03d10b1747ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: keJNFwTS2PVoQBKAPzqT3TInoRiNAXGBEUgW3lfaPPVJ-dHEVzgXnw==
age: 398764

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1B87 0
0 66ms
46ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111101&jk=1483819435142467&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame E5E8 35 KB
14 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 472995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 200 styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 95 KB
13 KB 9ms
8ms Stylesheet
text/css 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Q4J0H.Ks_Ez3zjiL3qvVswHkoqdWlVFb
content-encoding: gzip
etag: W/"fc91ee31cf2e2dbba65546e19b425c59"
age: 398763
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:22 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:47 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: ePIDtmFYyHRqXEX7M18-goW8giffyxR22MbSy92sZtdqugJXmZTDHQ==

GET
H2 200 openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 26 KB
3 KB 9ms
8ms Stylesheet
text/css 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ZQgzbNvK6yBWlAg75RpLPiNPAEIwRUgT
content-encoding: gzip
etag: W/"e0df7919fa5e82dca894ac73371effed"
age: 398762
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:23 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:48 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: _qVh-i7s-psHmjYnR11aKwbLtfzSp817qWQnlLJTGIcDQHJZOTxHWQ==

GET
H2 200 runtime.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 2 KB
2 KB 10ms
9ms Script
application/x-javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: UeZBtinKnsk_T4VKY2hzDHEAqDdhih89
content-encoding: gzip
etag: W/"5fe48064a68c5e51f208fb444eb5a84a"
age: 398763
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:15 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:47 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: BK2UjvDL1lRbDTwtRRaGot0cmV3FXkO9KhNs30oZz0Zu7Z3WF3ZCIg==

GET
H2 200 polyfills.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 44 KB
15 KB 14ms
13ms Script
application/x-javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: byq7CzsrLWMJkf6nw34a2fGsc.tcUSLx
content-encoding: gzip
etag: W/"d40fc0a76f5b7cbdbb3f7a15f1038a44"
age: 398761
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:42 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:49 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: OvsbPLR8PupsNbyKGLbn2Lpy9Z3mq-GTLqKlAlQ_u9o56frP2hK7Tw==

GET
H2 200 vendor.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 783 KB
200 KB 16ms
15ms Script
application/x-javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 2j_.vXoPyvwDDb4ynLwNmpn66fYCZZ6Z
content-encoding: gzip
etag: W/"83497fb39f19b4dfaaa958cf6d4558b1"
age: 398764
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:14 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:46 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: JEYub4Lt8OBrZhQtuZPSb7d_Ubo-fp2ZesclbDRScHao5d3P1YmBIQ==

GET
H2 200 main.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 42 KB
10 KB 28ms
27ms Script
application/x-javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 167982fa128d47a62bd03befe22b8adb08f6d0a1590601b325d3d1a14f7c309d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: jN5hOIa64QLEbrAviNEOkXaPZMDkA9Ad
content-encoding: gzip
etag: W/"27781014aa851cefcddd28da172ef69d"
age: 398764
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:21 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:46 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: wyN8o3wU1WZmcJeI7_D8cXUyFlzuVu4yBmGelL1Npdye-OeU5mrcig==

GET
H2 200 defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 0
6 KB 28ms
28ms Other
text/css 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: SRBN7EZifs4k4jHeuWovRjEVJuDKvXTo
content-encoding: gzip
etag: W/"ddb5e6d71b353c98624b1784c506f1ee"
age: 398764
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:29 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:46 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: SaQFb9MFN-EJKNKswEGO9nY6xj8LXi2pt8p0DjBAKckuaS88KtPBkA==

GET
H2 200 1.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 59 KB
12 KB 9ms
9ms Script
application/x-javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/1.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a19209483cd31f0227408730c75f1f372ea1218f347a7fe97db8a480d16081e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: c2CjoMquWHxKbd9Io77kR9aVpVWnDc7a
content-encoding: gzip
etag: W/"691cd2dc367f8dac19dff3b597dcae50"
age: 398763
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:40 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:47 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: jrFnq2b--JULqSduCOV3QxmeKeeSOsWc8FZBTp993jUVdpqjaknY3w==

GET
H2 200 18.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 23 KB
6 KB 10ms
9ms Script
application/x-javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/18.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd47e11f786a55e1999e5ad7ced555a79c2f1de7b39dac2d20a74d66c495b156

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 537E_kzte8ZEh.oCgbB2I8LFusFRRwqm
content-encoding: gzip
etag: W/"e20412686af89b1b72195fc74ade66b4"
age: 398763
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:10 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:47 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: IN1vGfyazoEbImP7fkP-1yI_yz1itesCVHHaTEE_vrwGbINCxricBQ==

GET
H2 200 defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 34 KB
6 KB 7ms
7ms Stylesheet
text/css 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36dc8627546125c2446359d123c1d11a8afbe6a5100862e2319217e335d985d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: SRBN7EZifs4k4jHeuWovRjEVJuDKvXTo
content-encoding: gzip
etag: W/"ddb5e6d71b353c98624b1784c506f1ee"
age: 398764
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:29 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:46 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: GoVgcNT-X3_CHf2tRJcQHIKjUl5KshWNgX5qt7aH0L7GZEAwtAkIlA==

GET
H2 200 17.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 123 KB
24 KB 7ms
7ms Script
application/x-javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/17.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67b08c185967e7dbda1aecb9e42a11c61f24a20c0ccefe9ebfea250a4d67990c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 16:57:47 GMT
content-encoding: gzip
age: 398763
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:35 GMT
server: AmazonS3
etag: W/"ab5247f9ceb22da2bab708700b3ce763"
vary: Accept-Encoding
x-amz-version-id: Nzo752rSZ3N2JQ.VhnW83ULgjrUBYKz4
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: Dv_NKJBlOqeRF4gJ-n5QGsDLcJJprhoZqocYKrFcIQzQ87iOGXLRwQ==

GET
H2 200 open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 14 KB
15 KB 8ms
7ms Font
application/octet-stream 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: fN3xHdSbyOFYARUnS3mJ9dAAf51TGBqH
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
etag: "ff9d619b59f5cb3529b100448f398ac5"
age: 398763
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
content-length: 14440
last-modified: Wed, 03 Nov 2021 16:57:37 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:47 GMT
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: DePVwRjXXJJhXdhH2izzX2bclYa94qYbFZ5ZAyKXuqm5BCoSuTeX8g==

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6435 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMSmxM6dOQvjOAatje3qaUANCqSt4L3FFZXxa16JobGZwHQt403lsZIXp5BxP-LNLXZ7jEQk-SE-A5Fb199GV6s3yLeG4jTK8zh-ICYM8nA7QGoDrjtzhIw_sjWP9Ezr4WdBQQo3CuLaFpq72f0zUnZkFBtU4mj2OpVhZYs4Eelq52U0H9zDDnjSrNEAiPsrIjhRd06A42Y4JIqyqcmc1rogNMxRh1CQabaT7z-0q6vj6zhMx5webEyynj1T6ZXiy8i2na9wj5gqTUgiszrtSYrBCAKycd9QS5cr66bXwn5-x71DxQTQZ8GMcZPuNepA&sig=Cg0ArKJSzDejNu4j694mEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 07:43:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 t.js Show response
likevertising.com/ Frame 6435 17 KB
17 KB 97ms
65ms Script
application/javascript 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 6d34b4c6b741b60eeb229c5fd0f9ca0ebc3ccbccf1aa73c7e9846d5b06f29758

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: a6LsASJkkWroWNgfvVH4swmO5Z20iYSrOGOeA5fggpOLgcAtiIdG1w==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6435 119 KB
37 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Nov 2021 07:43:49 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 703B 0
102 B 8ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://m.dir.bg
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/plain
access-control-allow-origin: https://m.dir.bg
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Mon, 15 Nov 2021 07:43:49 GMT

GET
H2 200 manager-logo.png
gdpr-wrapper.privacymanager.io/gdpr/a057da92-51b6-4f1e-aa89-67526a801cf4/ Frame BCC7 80 KB
81 KB 8ms
7ms Image
image/png 2600:9000:2156:f000:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/a057da92-51b6-4f1e-aa89-67526a801cf4/manager-logo.png?time=1601039660260
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ece35dd3ce49708758c40c200e161cefc0dfce8b87703ea46fbefd0a8faeef7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 14 Nov 2021 17:12:11 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 25 Sep 2020 13:14:20 GMT
server: AmazonS3
age: 52299
etag: "6afbe742af75e1ec7dc30f25b993139c"
x-cache: Hit from cloudfront
x-amz-version-id: afTBFaZJC0ao1xIKGV9uR36g50XBkOf_
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 82377
x-amz-cf-id: lE6tFvZXP5kEo8IHx6hUY2dr6Ys_rLIKu_khSxfNuiObeGmtw_e4ng==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 981B 190 KB
55 KB 65ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 55667
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 981B 13 KB
5 KB 85ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4996
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 981B 89 KB
28 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 28494
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 981B 4 KB
2 KB 91ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1635
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 981B 40 KB
13 KB 90ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 12816
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
DATA 200
OK truncated
/ Frame 981B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b3ccf47c2e1bcc53354580194b2e159ab90a22d0b26ff7305fe69ccfaebe242

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 6625 190 KB
54 KB 73ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 55667
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 6625 13 KB
5 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4996
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 6625 89 KB
28 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 28494
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 6625 4 KB
2 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1635
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 6625 40 KB
13 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 12816
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
DATA 200
OK truncated
/ Frame 6625 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0b6c903871e02b188453a84de19e6f4021fd6159086b9f37026d3e1103bc84e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 24C7 190 KB
54 KB 68ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 55667
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 24C7 13 KB
5 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4996
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 24C7 89 KB
28 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 28494
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 24C7 4 KB
2 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1635
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 24C7 40 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 574585
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 12816
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 24C7 3 KB
918 B 46ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 06:09:37 GMT
server: ESF
date: Mon, 15 Nov 2021 07:43:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Nov 2021 07:43:49 GMT

GET
H2 200 12145244905878701917
tpc.googlesyndication.com/simgad/ Frame 981B 34 KB
35 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12145244905878701917?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnSMZYyQWZPEy484n5GA_2nsAumeA

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6413f52c9b7735d3d5ff1555cb6273aab9d24a03b4243099bb1a54a18c0a195e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 01:46:43 GMT
x-content-type-options: nosniff
age: 107826
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35283
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 21:34:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 14 Nov 2022 01:46:43 GMT

GET
H2 200 bg.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 981B 3 KB
3 KB 17ms
15ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/bg.png

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17cf5b1a00d4e21469b3c92296066435b70975e118eca65ef93e7dc6eeb82ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:14:48 GMT
x-content-type-options: nosniff
server: cafe
age: 66541
etag: 11484825633840021761
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 3103
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:14:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 981B 344 B
449 B 26ms
24ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 67031
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 344
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:06:38 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 981B 0
0 49ms
47ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COgmjtA-SYZLdNa6X7_UPl8OwgALFlZm0ZraPx9_uDoiD-vDMKBABIOr7ojlgJaABspf25QHIAQLgAgCoAwHIAwiqBMQCT9DN6hnXNjl_qdTLMOFpB4vVfcC9nlyvuenVJjZhh9-Ufk6wM6SMt8a9CsW3PAlp7PaEYCqQLZvoX70cZ0c3pJF_ZMwLzuJHGvAGP1vPhSqPrUiTmf2UD61uEL9hOTPR2jF11kSGJB7pKcXEtqn2h1hWGwF6ltzMLL-A0dXZ6uPtnTT_ACOXvCWXW5qY3ul6rC7YMmh6tNSn5wX4SnP1OcjHOTHaBw8aSD06SxRPu52mgJr0cwEnRHvTvSMTXG8uhxX7pjcKGapa3d6BETSLog3TG0OvtZY-1W7nCl4UltaWgD_mU6R31Tu2xDiB_8-RPLWO94sEQdYXKlVSrVgvGb5VcEiVowRfKw1enhiJvjcpVDHdk2jAalWalPfs9aDwVEr5uOitrdqatQNGnPtGZx4l6rzb4K7z96SO1rgonzHDqMS7wASu0MHb1gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHtuiJmgKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDyixvSCAcIgGEQARgdgAoByAsB2BML0BUBmBYBgBcBshceChwIABIUcHViLTcwMTMxNTQzMTY0NTQ2MjMY-q4o&sigh=_eqJI2ZuInQ&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 12145244905878701917
tpc.googlesyndication.com/simgad/ Frame 6625 34 KB
35 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12145244905878701917?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnSMZYyQWZPEy484n5GA_2nsAumeA

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6413f52c9b7735d3d5ff1555cb6273aab9d24a03b4243099bb1a54a18c0a195e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 01:46:43 GMT
x-content-type-options: nosniff
age: 107826
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35283
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 21:34:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 14 Nov 2022 01:46:43 GMT

GET
H2 200 bg.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6625 3 KB
3 KB 23ms
22ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/bg.png

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17cf5b1a00d4e21469b3c92296066435b70975e118eca65ef93e7dc6eeb82ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:14:48 GMT
x-content-type-options: nosniff
server: cafe
age: 66541
etag: 11484825633840021761
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 3103
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:14:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6625 344 B
402 B 25ms
24ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 67031
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 344
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:06:38 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6625 0
0 37ms
36ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C571LtA-SYYjgNa6X7_UPl8OwgALFlZm0ZraPx9_uDoiD-vDMKBABIOr7ojlgJaABspf25QHIAQLgAgCoAwHIAwiqBMcCT9CBLh5q3yTkSpwNuW-OMDUa4igLLlykepjQRSLBuCE-Ja3j6Mpeazs1DLl2Ldti1zlmrNZ2_a7m0MJGYLVNuZntqlVB4g-7sOdvyjsrN1ZMzphc3mpEr4OYffWYF2KGmljiqgSt2JFL9_qiM8lDobS0tl_gNgdXI4oaOSyUj7pkZaeFq72Qjnb4TQSfPSI5XM0UkLphev4VL3bXY2rtxaTvjoiy22GKaLsY3W6NivYCb3OPiqppLF1dKYcubCbHZHa3oMpw09-ckOMF4Xnx6zjvp6-6u6CahUSIGsLf5SfsyKCtqDjzCM743B75VN2CtkxFVW4W3r-Hjrgj7gCe7VSYvuRS0jUGbkXy4QYDfFllu_4PBhDV-0_soK1Y5yLBKHNHMPdGoUxDY5TxaBFOhnLWb3PX1-dcjzuZfaZ1K_Z01xxAvrQTwASu0MHb1gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHtuiJmgKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC67SrSCAcIgGEQARgdgAoByAsB2BML0BUBmBYBgBcBshceChwIABIUcHViLTcwMTMxNTQzMTY0NTQ2MjMY-q4o&sigh=iTYxDwaENEw&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 bg.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 24C7 3 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/bg.png

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17cf5b1a00d4e21469b3c92296066435b70975e118eca65ef93e7dc6eeb82ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:14:48 GMT
x-content-type-options: nosniff
server: cafe
age: 66541
etag: 11484825633840021761
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 3103
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:14:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 24C7 344 B
402 B 25ms
24ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 67031
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 344
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:06:38 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 24C7 0
0 47ms
46ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9lv6tA-SYbLhNa6X7_UPl8OwgALJhtbDXvO06aqOC5CUxazMBBABIOr7ojlgJaABi-vo_gPIAQmpAu9KMyObmag-4AIAqAMByAMKqgTOAk_QNA9lHG9j3ivM5GRiLD3mArPablZgR8ZM-moQieAUADwAmPNeM0jFHbM5r3TNhs0KZTETTVtvzKX-wscftsfxaaUsEOUQAd16HoMJ6cIaRuPQsRUCx8zLpFr1asYly6u60MAIu8IrErPh_MHt_6j70lxgVzBPDrYrqkS52Lcps7_XqwanSHhpE0CWmZwXxWYpN4katSa5sVDF0nrZzL2Npe7Jqm7Z1VN1dwYm-MQUvt4XC1zQ1K8dJ27pXdjcsrXac-lflGha9YdIS5eDvafKHOpYbUm8E6LTLlnnCCxxmRdiCSU0yiHkqQ2qqH7bcLejtYaVAtZtCyn2mPibgalyzI88bZUWAvwlB_9T2SinD9xcAK1gmqCYgEN9ssxNH1wnJN9kA5cmUa3eZ_yoylVhV-BeGGvV3Y0DJeQVr81vGaf6pFoZq_6UZXFQhOzABJWqirfaAuAEAZIFBAgEGAGSBQQIBRgEoAYugAfdlJcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQyeEU0ggHCIBhEAEYHYAKAcgLAbgTiCfYEw2IFAfQFQGAFwGyFx4KHAgAEhRwdWItNzAxMzE1NDMxNjQ1NDYyMxj6rig&sigh=32JA82Mtp4g&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 15 KB
15 KB 12ms
12ms Font
application/octet-stream 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: dYVjWSXWVB91MGwoVIK5bbP5cvOhHZUr
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
etag: "b596676fc00af9806c16a12e9a0350f8"
age: 398764
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
content-length: 15112
last-modified: Wed, 03 Nov 2021 16:57:17 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:45 GMT
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: tCru4RDF4prfu4aU9kstJh-kvUJG5u5XE_iTNeK2D_d7brjpy_vp9w==

GET
H2 200 open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame BCC7 15 KB
15 KB 13ms
12ms Font
application/octet-stream 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pqIsD.3L24wRdgGZpn8zZtCZlG1O6rxZ
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
etag: "4334c2753ff9f057d9de926e66882c9e"
age: 398764
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
content-length: 14956
last-modified: Wed, 03 Nov 2021 16:57:13 GMT
server: AmazonS3
date: Wed, 10 Nov 2021 16:57:46 GMT
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: 7zaahxnplSXrjNPOe47qssZC_gQ9YOSrV9xde5CWUfiOAXUHX7vblA==

GET
DATA 200
OK truncated
/ Frame 6435 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c5f211702c8326bc845d9d539cabfdf2094d91b2b08b622b4aceeeac2170a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6062 77 KB
26 KB 21ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c20fb3853e78f1fd105254860320de5dba68c02eccade762896c91c205954a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1044 / 108 of 1000 / last-modified: 1636758378"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26699
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Nov 2021 07:43:49 GMT

GET
H2 200 stats Show response
likevertising.com/ Frame 7D36 3 KB
3 KB 47ms
47ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=1e6afb65dbb2642c13614239d0724d071&cb=3391741636962229648
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 6b7980af1c60db4997b93bd715945863c6ecc6c7bfb2f45aaf1a38c861a64f94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 15 Nov 2021 07:43:49 GMT
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mATSrDmyd5wnyca3RpGBWUwgv7WzqI76vFaKQcw1Kamx-3q9PXOSFA==

GET
H2 200 async_usersync Show response
likevertising.com/ Frame ED55 3 KB
3 KB 42ms
40ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/async_usersync?i=or4a09mbyy4djkim55&a=04548596bf9f47cf77f399bdbc682cd67&cb=8043521636962229649
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 11d00cbabd9fe84c3debdf7a1ea73e0209ed00dabeaf662a24aea4f758583464

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 15 Nov 2021 07:43:49 GMT
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tjz06cCJycPBmaUkHKIzhKUxuPYCQ3QNmhCRtIMh4T8DV1rnkf6HFg==

GET
H2 200 count Show response
likevertising.com/ Frame 5893 8 KB
8 KB 42ms
41ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=ff51dd3928bf7791e097ecd0fa3f43387&cb=4167371636962229650
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 07ae40ec9e146b94925e0c4e92abb30b649c43db74af7c2df704850db6dd8492

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 15 Nov 2021 07:43:49 GMT
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kCCDOI_ATv2XRwVx8TdbOTpYoLUWR8LEhsXelrUYpENKGbjadIhdeg==

GET
H2 200 count Show response
likevertising.com/ Frame A980 2 KB
1 KB 41ms
40ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=3f365a130536d068c3dd8aedaf5efba05&cb=2147061636962229651
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 0239422dd34c651b8f12d1f59501dbe815b80bac2f7f33d09a995d02c29fb3fa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7QPhLeVdoZjgfdqpJ1DdsPU_uJlrEpfuAFrqruS9UBw2adwZegR_2Q==

GET
H2 200 stats Show response
likevertising.com/ Frame 0295 2 KB
1 KB 41ms
40ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=1a4b5c1837eb943f929239dccfd3a9209&cb=6680681636962229653
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 6b6287a18b1fcdffddc570a4567d2f30dda5ed57bf046296a8f4d250b781b9d8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: frtyvmsayzn2SqayYWB5sbtHIYhblZ__Cm6avFVotq7xIpfKDiYV5w==

GET
H2 200 user Show response
likevertising.com/ Frame 7857 4 KB
4 KB 40ms
39ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=fa23da017e8678c7ec77e9b00cc3549b5&cb=5589161636962229655
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 42f2a400a42fa66f4044e5ebd76c9832c2ce8993a5fa43846f9ff56e84c04424

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 15 Nov 2021 07:43:49 GMT
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: j1B6owqrnKMv9FxA7pdrtvAUnn6gXgJ95aYJyYrVEfwEKDzdSctcYQ==

GET
H2 200 user Show response
likevertising.com/ Frame E84B 2 KB
2 KB 61ms
60ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 683fab3b2841b37a2587e2ea8f6b7910cd1f222f33481f99fd79c6c6cb6399dd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
content-length: 1719
date: Mon, 15 Nov 2021 07:43:49 GMT
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tmECC0yRsR80HNI2X04G75Ux4ks3Qgmde0_CRPZAt8VN25WNYGbsXw==

GET
H2 200 count Show response
likevertising.com/ Frame 9436 2 KB
2 KB 62ms
62ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=24aa3466f91095a53cca0d9d2de939f55&cb=0996361636962229657
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 424e700bc8038db3b6782dcaf5d734ec0a8b11faedbb3f7b712d682ef429ca91

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
content-length: 1661
date: Mon, 15 Nov 2021 07:43:49 GMT
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: CduVADp2mzBSWhXeyKKIN4bVuiJAv9GVXRU1JG1-K1-yzWfXN9HVKg==

GET
H2 200 stats Show response
likevertising.com/ Frame CF49 2 KB
2 KB 57ms
57ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=4771a71a974d11dafd726c348f619b729&cb=0332291636962229659
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: b9a66b98b64e23d42ac08f029eb1f160a89dd22da4b27ddc612b929b498646cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 15 Nov 2021 07:43:49 GMT
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ukQjn_6NQ-gv01CiDOtvp-kWz6m5nWlkaFj8tcknBpby_cwnis7BIw==

GET
H2 200 async_usersync Show response
likevertising.com/ Frame 049D 9 KB
10 KB 61ms
61ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/async_usersync?i=or4a09mbyy4djkim55&a=1228cfa31908600e0cb804fa2271636a1&cb=2177791636962229659
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: ae9a2c00f97493190ca4e964b81ae7dd271bc051374bf1ca9e1dfc3af88f938a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 15 Nov 2021 07:43:49 GMT
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vq_EoGusME0kt0qIzeGrod7s_pR0Y16Vn-ygZ3b2_GV37uS5Rs3aaQ==

GET
H2 200 send Show response
likevertising.com/ Frame A2B8 2 KB
2 KB 55ms
55ms Document
text/html 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://likevertising.com/send?i=or4a09mbyy4djkim55&a=979f14aa57863de0e659848470182adb1&cb=4018791636962229660
Requested by: Host: likevertising.com
URL: https://likevertising.com/t.js?i=or4a09mbyy4djkim55&cb=8683451636962229465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: 611e8746096ac033a5dbf3c95a3e9304d6fdd671621fe4834e9f3656a167bf8a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/

Response headers

content-type: text/html; charset=UTF-8
content-length: 1633
date: Mon, 15 Nov 2021 07:43:49 GMT
x-cache: Miss from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: EVzdQb8zE9rSZu7sF8T9kkhWmWyhs83QMAty7GyKSbxzD2_HlS1_VA==

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10964574899947470037/ Frame 24C7 35 KB
35 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10964574899947470037/downsize_200k_v1?w=600&h=314

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

697159901203076cda4c9bc43daf64b7e30035deb239b36b354363bb86c1a887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 22:52:05 GMT
x-content-type-options: nosniff
age: 377504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 36036
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 23:22:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Nov 2022 22:52:05 GMT

GET
DATA 200
OK truncated
/ Frame 24C7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 24C7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdca4da25ccf227401f4cdc9529883a99d689366ad62f9dbee1e9c44e16daf45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 24C7 21 KB
22 KB 45ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.dir.bg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:45:31 GMT
x-content-type-options: nosniff
age: 291498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 22:45:31 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 24C7 21 KB
21 KB 51ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.dir.bg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:11:08 GMT
x-content-type-options: nosniff
age: 293561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 22:11:08 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6435 0
0 43ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCSPxMg6o4u_POWZulYiK-TIyMY33JNDlAFGUFGjjCXRZNlxvKWulI2X7icyq6_CPcNbgfiThCMnXk0UzXHcIcrwtl9io0jlKr6tFxRLA4F9G3bhaKDWd6BGRJfikHyzvQzBCmQbVbnt2_yl37D3raYm7-KSts86mIU5jbO_RqihYypZTRIxzdvL2QtCDWDFzvd2S8Ugvdv1-ALXtpg24nn2sGQ4XzQI07Zja-hnOM5zdlFguS8Dd2JNcqkiTWW7gKuDhtHGj_5ZrQdHvrjMT8_i66MwThxhLs9v-DR0SizoCRew&sig=Cg0ArKJSzOwb8TKB36PFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 07:43:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 15 Nov 2021 07:43:49 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 45ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111101&jk=1483819435142467&bg=!AQKlAkbNAAZQLpa_UC47ACkAdvg8Wl3548WYqJVRZstStQfC7AeVpofy_oiJ7t-3gF-GeSa0tItkrAIAAAD5UgAAAF9oAQeZArWTQvsr95MU6Aj3fEtDXtBVMnwYbZtgb5PzercG6If7ulF7H4-3CWRbSQwS4YqIuYz_aH4p2avSEXp6952FiQoYkX2I6pfYl-obwAgtrOzCx7nFPhxTFLhgy7zGT9dQsXcA3tMaA8H0TNb6bivRli_tNmFm385KK5aWbk-uVAo0oNdZ4Ew2MBKV8wh7WOSYQYhjEAq3Oa8CftYX6AO-6gv_0VP0HJJb7xZdCTpLnm3GeeJFZdvoWRH0sKuQ9rizfXik-TiatP8JH2njN9x4L56Zu4aXy3n629ay6iked2yFxcYSYoon_PzGIgvtlJHL8-lIUmMxrilssLjGksdCLgmKahn5oJLMXTg7XQxliuFmiyz-XTymCXXJyJYNAdTtyaKZf835ZpTHeQXMzBtBtSCvKeD8UIUQyHmF6W_zMkyTVxdhI-fJtuXVYX_OiXpCG2wEwhXXx_bPWL9S9lXqFNI9o4fgSmSl6OB_ZrfsPkeqhUqFcLLK1BHUrnt5e4P7POW-YN6BWam3puWX8Yt0P3ah1-oqa67Mjfq-qTx6Xp85geuUOtXaSPBkr3pVTPI1DSugEWBJSJHEA6jDRzepctUJYMbgqQ6WGv_2GLNXaivA6y8hk44L93XK-zlnTV9pFmBwFGieSqUU91QaLEPUwADx9MASPHpI1drxQCUbmNsCyBAsQwuS5gL3lIUYqTYvL71fM0lta7bkMr4d7UY4SsPJB7BlhmjWfceMBsjVbF3R-q8QBqqoPo8wyh0PB291dGPFNuEzx8I2tu98Btq_yD7JHkRuCzO9FzRvAnSHlpAj6Hzu2_5emL_HVYXuAS-dIgNJ5wk90yVYt26qmc_Mi-NuW6sUCtJQcE5yt8Q5eTaK9PMD3mwZ4do_PCUC7S2YvlB-r9Hq3kmKMjU-O_eEQjC3kMusmnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 981B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

105ms
84ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Mon, 15 Nov 2021 07:43:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 pubads_impl_2021111001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6062 342 KB
115 KB 14ms
14ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 117754
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 09:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Nov 2021 07:43:49 GMT

GET
H2 200 pxl.jpg
likevertising.com/ Frame 6435 597 B
832 B 36ms
36ms Image
image/jpeg 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://likevertising.com/pxl.jpg?i=or4a09mbyy4djkim55&s=524&p=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&rstk=https%3A%2F%2Fm.dir.bg%2Fdnes%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie&h=4279851636962229838
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-29.fra50.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-length: 597
x-amz-cf-id: L_yrZgnfSA30bpCNUtqFm-cXghXZUUNXl_c39GUXSfJ4HPEe0l8YbA==
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6625
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

74ms
73ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Mon, 15 Nov 2021 07:43:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 12145244905878701917
tpc.googlesyndication.com/simgad/ Frame 6625 34 KB
35 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12145244905878701917?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnSMZYyQWZPEy484n5GA_2nsAumeA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6413f52c9b7735d3d5ff1555cb6273aab9d24a03b4243099bb1a54a18c0a195e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 01:46:43 GMT
x-content-type-options: nosniff
age: 107826
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35283
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 21:34:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 14 Nov 2022 01:46:43 GMT

GET
H2 200 bg.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6625 3 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/bg.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17cf5b1a00d4e21469b3c92296066435b70975e118eca65ef93e7dc6eeb82ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:14:48 GMT
x-content-type-options: nosniff
server: cafe
age: 66541
etag: 11484825633840021761
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 3103
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:14:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6625 344 B
402 B 12ms
12ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 67031
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 344
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:06:38 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1743/ Frame 7D36 81 KB
27 KB 62ms
18ms Script
application/javascript 2.16.186.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1743/smart.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=1e6afb65dbb2642c13614239d0724d071&cb=3391741636962229648
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-26.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8ecb66a310d4f8e9cbde7cbf0debdffd84fa1ad0bb3bf3586b16089f7558f1bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 27550
Expires: Mon, 15 Nov 2021 07:58:49 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 7857 117 KB
38 KB 47ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=fa23da017e8678c7ec77e9b00cc3549b5&cb=5589161636962229655
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 66a8f22977a88effa3d50b4af9e8f1ad9e763b3c8ed4dd0e79301d9839362b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:26:01 GMT
server: nginx
etag: W/"6178c6c9-1d4e4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Nov 2021 07:43:49 GMT

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ Frame 0295 7 KB
3 KB 47ms
19ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=1a4b5c1837eb943f929239dccfd3a9209&cb=6680681636962229653
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
server: cloudflare
age: 9941521
etag: W/"5fb1d3ed-1c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 6ae6d9d0cfa84e38-FRA
expires: Mon, 18 Jul 2022 06:11:48 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame A980 58 KB
24 KB 81ms
17ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=3f365a130536d068c3dd8aedaf5efba05&cb=2147061636962229651
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:55:54 GMT
server: nginx
etag: W/"612c9d1a-e958"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame A2B8
Redirect Chain

https://secure.adnxs.com/ttj?id=17890028
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D17890028

7 KB
4 KB

19ms
18ms

Script
application/javascript

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D17890028

Requested by

Host: likevertising.com
URL: https://likevertising.com/send?i=or4a09mbyy4djkim55&a=979f14aa57863de0e659848470182adb1&cb=4018791636962229660

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

410b0953031ef77b9d36384b058a9a5a7e0bae047962a1b28ce95bd94a86d586

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 19d31a01-a164-49d9-b9f5-b451600559e2
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:49 GMT
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e1ceb578-e6f0-45e5-9e31-72504712b6ac
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D17890028
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame CF49 38 KB
14 KB 45ms
8ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=4771a71a974d11dafd726c348f619b729&cb=0332291636962229659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=78896
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 16 Nov 2021 05:38:45 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ Frame E84B 4 KB
2 KB 91ms
25ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2128
expires: Mon, 22 Nov 2021 07:43:26 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ Frame E84B 76 KB
13 KB 111ms
45ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2
Requested by: Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: c0cdc8506fe075f01b9d1b35ed9cf11dfaf74197747e429d3b4bf4f1b6d7d39e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12609
expires: Mon, 22 Nov 2021 07:43:05 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 9436 12 KB
4 KB 78ms
21ms Script
application/javascript 2a02:26f0:6c00::210:ba42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=6205&uref=https%3A%2F%2Fdir.bg%2F
Requested by: Host: likevertising.com
URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=24aa3466f91095a53cca0d9d2de939f55&cb=0996361636962229657
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c7fa24917e874800e051036490e173aed40b5758b1f249051f42d2dbab21b916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3955
expires: Mon, 15 Nov 2021 07:43:49 GMT

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame 5893 302 KB
93 KB 50ms
22ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=ff51dd3928bf7791e097ecd0fa3f43387&cb=4167371636962229650
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5834
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NitT3GWQH4ryxBm6F19GmkSQeNS3zC1Wt3p2yyKeH96bg3yCRDQFU5AvUiX7rGjOMY4qVYiVDqZng5iZEHlL95M9hLKQVMIB2s7yKg96Nq4nOBIyBI%2BkR2oNb8U5Uu2N8eDStSJRhQr%2Fj3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray: 6ae6d9d0db47696a-FRA

GET
H2 200 prebid_v4_21.js Show response
hb.adpone.com/ Frame 049D 302 KB
93 KB 57ms
37ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_21.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=or4a09mbyy4djkim55&a=1228cfa31908600e0cb804fa2271636a1&cb=2177791636962229659
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5834
x-amz-request-id: 8X8Z2AAXWD3RZ6XD
x-amz-id-2: bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified: Mon, 08 Feb 2021 16:04:15 GMT
server: cloudflare
etag: W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjy6BjJbc6puwiIWIgD%2FcQGOYRFSFUBQ3zRJGJ6J%2FkljfsAlNTwZPWsMaITimXRpXTqjFUvqQ1BjqU6h1ZQPDgJ%2BShAsFz2m1GBlNH3F5yJhEvIfY%2FlDeJqNW2cAjUqTkF45yBTUWqGx%2FPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray: 6ae6d9d0db49696a-FRA

GET
H2 200 bg.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 24C7 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/bg.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17cf5b1a00d4e21469b3c92296066435b70975e118eca65ef93e7dc6eeb82ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:14:48 GMT
x-content-type-options: nosniff
server: cafe
age: 66541
etag: 11484825633840021761
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 3103
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:14:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 24C7 344 B
402 B 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 67031
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 344
x-xss-protection: 0
expires: Mon, 15 Nov 2021 13:06:38 GMT

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame CF49 60 B
268 B 72ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c42db1cad65c603f9f853fec97040b57c71d9fe48dacbccae41f01f24e9888cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
cache-control: private
expires: Sat, 12 Feb 2022 22:48:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 60
content-type: text/html; charset=UTF-8

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame 62EE 633 B
845 B 491ms
158ms Script
application/javascript 44.231.252.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=15702&ref=https%3A%2F%2Fm.dir.bg%2F&cb=1152278217&timeZone=0&adWidth=300&adHeight=250&loc=https://m.dir.bg/
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.252.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-252-170.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 986666978ec693519a80dca8e262f2714ef1f5146b2afa266ec5de38db7f6d38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
server: nginx
x-adtrue-instance: java1
content-length: 633
content-type: application/javascript

GET
H2 200 pav2_3.25.min.js Show response
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame 9436 28 KB
7 KB 71ms
11ms Script
text/javascript 2a02:26f0:6c00::210:ba69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6205&uref=https%3A%2F%2Fdir.bg%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0eab85a4383045144ef624b43823a228b64db824f1e49f8c8ee0dba65272e8d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 11:44:03 GMT
server: UploadServer
etag: "8100755844a395f0c8f5410e88b91dbf"
vary: Accept-Encoding
x-goog-hash: crc32c=y7PU+g==
content-type: text/javascript
x-goog-storage-class: STANDARD
cache-control: private, max-age=18000
accept-ranges: bytes
x-guploader-uploadid: ADPycdtAhQDgy-N9s9KJGSkMb3x3sG57xzwZZ8WuGuXm_2kGxefB3GbxxMbtRy-r3qewuX31YOpwJMo1FrM3AsAIqgw
content-length: 6858
expires: Mon, 15 Nov 2021 12:43:50 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame A2B8 51 B
366 B 45ms
14ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=17890028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 15 Nov 2021 07:43:49 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1421
content-length: 169
expires: 60

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame A2B8 5 KB
3 KB 77ms
77ms Script
application/javascript 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1636962229&bdh=1nqgLrzGyyk_3rlnpSCko2sRbg0.&&bdref=https%3A%2F%2Fm.dir.bg%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fm.dir.bg%2F,https%3A%2F%2Flikevertising.com%2Fsend%3Fi%3Dor4a09mbyy4djkim55%26a%3D979f14aa57863de0e659848470182adb1%26cb%3D4018791636962229660&&id=17890028

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=17890028

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

70f4209beb6d138283d0eb17250577bfee3a0654170e756b606b67f8003bb308

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
X-Creative-ID: 215907859
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 93278fba-5635-4939-bbce-adfb48a8bb37
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ Frame 7D36 22 B
349 B 1098ms
794ms Script
application/javascript 199.187.193.165
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1743&siteid=333226&pgid=1170455&fmtid=52941&async=1&visit=m&tmstp=3202357288&tag=sas_52941&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fm.dir.bg%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1743/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: b896afc83022a9cba3d395cdb8f1c09f49df5869b96d9c41af7bfdca6286d005

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b26%3b58
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ Frame E84B 26 B
271 B 143ms
64ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: nginx
X-IPLB-Request-ID: 5BC7764C:B939_91EFC191:01BB_61920FB6_9581657:2D0CF
X-IPLB-Instance: 29894
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame E84B 38 KB
16 KB 28ms
28ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16267
expires: Mon, 22 Nov 2021 07:43:05 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ Frame E84B 0
270 B 125ms
41ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=51012&f=2&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: nginx
X-IPLB-Request-ID: 5BC7764C:2C7F_36264064:01BB_61920FB6_5C428C4:354B
X-IPLB-Instance: 38439
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/ Frame E84B
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

81 KB
24 KB

62ms
12ms

Script
application/x-javascript

2a02:26f0:1700:6::17d5:a18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656
Protocol: HTTP/1.1
Server: 2a02:26f0:1700:6::17d5:a18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8fceb9666c98db92674eadc3bf22b5811f633e794c6400d43d9e1075e9d7618d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:37:07 GMT
Server: AkamaiNetStorage
ETag: "dd8f4c5a387008ec698123592c1e7a85:1634197388.862531"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23942

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Mon, 15 Nov 2021 07:43:49 GMT
content-length: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame E84B 49 B
362 B 14ms
13ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 15 Nov 2021 07:43:49 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1907
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame E84B 5 KB
6 KB 86ms
21ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Last-Modified: Thu, 07 Oct 2021 11:26:48 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 5BC7764C:50C1_91EFC0A6:01BB_61920FB6_39580087:232FC
ETag: "615ed978-15ab"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 8765 2 KB
823 B 61ms
18ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1636962230051

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame AE83 2 KB
1 KB 67ms
40ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec0c6bed7a4ae5edf14dd70251e3c7746230befd51dcdc4bb89d816d99ff404

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://likevertising.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ae6d9d209926997-FRA
content-encoding: br

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame E84B 24 KB
10 KB 40ms
7ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 22 Nov 2021 07:43:50 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12767/ Frame E84B 3 KB
4 KB 128ms
28ms Script
application/javascript 52.210.129.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12767/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d8bd004f653ace0a12041e605f2b474b927cc7c5364d8567e20a017acc2222e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 3479
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame E84B 25 KB
26 KB 49ms
10ms Script
text/javascript 143.204.101.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-7.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 04:08:00 GMT
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 12955
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: s-r_vZUSDc03KhnKpsw1A1qxwTFc8Z5XcUzFfVxvyaIHG9vvrE2AhQ==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ Frame E84B 37 KB
13 KB 34ms
9ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 07:41:50 GMT
Server: Apache
ETag: "da4926-930b-5d0cef1206a56"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3543
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Mon, 15 Nov 2021 08:42:53 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid5_19/build/dist/ Frame E84B 557 KB
168 KB 27ms
27ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid5_19/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=51012&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: a86b5d86f054a5bb2f9a944c8c55c93e8300cbdcac59c15939308092032b6da0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 13:08:24 GMT
server: nginx
etag: "618289c8-8b54d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 171689
expires: Mon, 22 Nov 2021 07:43:19 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3AF3 291 B
590 B 13ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=m.dir.bg&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 308
date: Mon, 15 Nov 2021 07:43:49 GMT
content-length: 321

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 7857 170 B
404 B 61ms
19ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=115&profileId=184&cb=72520464093
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: bbfda82cd4c6c62ae0d0caceaaff178359f49c4acaac4feb5d7566266331f62b

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://likevertising.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 161

GET
H/1.1

200

1.gif
id5-sync.com/c/12/0/9/ Frame E84B
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

19ms
18ms

Image
image/gif

54.36.109.48
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656

Protocol

HTTP/1.1

Server

54.36.109.48 , France, ASN16276 (OVH, FR),

Reverse DNS

p03.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:44 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
Date: Mon, 15 Nov 2021 07:43:44 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame A2B8 4 KB
2 KB 69ms
35ms Script
text/html 136.243.76.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fm.dir.bg%2F&rnd=982460307
Requested by: Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1636962229&bdh=1nqgLrzGyyk_3rlnpSCko2sRbg0.&&bdref=https%3A%2F%2Fm.dir.bg%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fm.dir.bg%2F,https%3A%2F%2Flikevertising.com%2Fsend%3Fi%3Dor4a09mbyy4djkim55%26a%3D979f14aa57863de0e659848470182adb1%26cb%3D4018791636962229660&&id=17890028
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.76.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.76.243.136.clients.your-server.de
Software: nginx /
Resource Hash: dab7387b134889bcf737d6da12f2b63ad7b746f651c79e6f9e73ac3f1cfc87b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame A2B8 0
803 B 48ms
13ms Image
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fm.dir.bg%2F&e=wqT_3QKNCvBMDQUAAAMA1gAFAQi1n8iMBhC2gpygyPGk3ksYva3TjrDVv_Y4KjYJc51GWipvpz8RGfy7RuQenz8ZAAAA4KNwAUAhGfy7RuQenz8pc50JJPCwMQAAACCF6-E_MOz1wwg4mFBAyk5IAlCT_PlmWJuzfGAAaNSusQF4hZAFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2MzY5NjIyMjkpO3VmKCdpJywgNDEyNjE2OSwgMTYzNjk2MjIyOSk7dWYoJ2cnLCAxMTQ5Mzg4NywgMTYzNjk2GTswcicsIDIxNTkwNzg1OTZaAPQFAZIC8QMhNjJJMmp3akZpSTBURUpQOC1XWVlBQ0NiczN3d0FEZ0FRQUJJeWs1UTdQWERDRmdBWUlVR2FBQndBSGdBZ0FFQWlBRUFrQUVBbUFFQW9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxa1A4RUJHaVh6a290dnB6X0pBUUFBQUFBQUFQQV8yUUdDSEpRdzBfYnJQLUFCMmV2N0FmVUJDdGNqUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6RTZORE01Ti1BRDlDeUFCSnU5MlFPSUJKeTkyUU9RQkFDWUJBR2dCQlRCQkFBQUEBiBBBQUF5URGVJEFBQU5nRUFQRUUBCwkBMENJQmEwaXFRV0NISlEJrAg3RUYJHAEBQERCQlhzVXJrZmhlcVFfeVFVARUYQUFBRHdQOTIoAARaQhFn8ENQQV80QVhoSV9BRl84TzlCZmdGc3BxVUFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2cEQtb0JnU3lCaVFKQQFjCQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFpeGM1bEE29QFAbTdOOElBQW9BREY3Rks1SDQhuXx6b0pRVTFUTVRvME16azNRUFFzU1lJY2xERFQ5dXNfVRHNDEFBQVcdDABZHQwAYR0MAGMdDBBlQUNKQREQ8MJQQV_YAgDgApuFTuoCEWh0dHBzOi8vbS5kaXIuYmcvgAMAiAMBkAMAmAMZoAMBqgMAwAOsAsgDANgD2tUo4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDTkxLjE5OS4xMTguNzaoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA8xMDA1OCNBTVMxOjQzOTfaBAIIAeAEAPAEk_z5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAABDHgAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGCSMo8D_QBrsz2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIABgJtjC5BkAAyAeFkAXSBw0JEToBOAjaBwYJJzDgBwDqBwIIAPAHopAD&s=e29d5780111176697f7b0109097efe3f1d06c3c0

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1636962229&bdh=1nqgLrzGyyk_3rlnpSCko2sRbg0.&&bdref=https%3A%2F%2Fm.dir.bg%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fm.dir.bg%2F,https%3A%2F%2Flikevertising.com%2Fsend%3Fi%3Dor4a09mbyy4djkim55%26a%3D979f14aa57863de0e659848470182adb1%26cb%3D4018791636962229660&&id=17890028

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b495ca2d-f3d8-4e0f-a4ca-cfaa430679bb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/221/ Frame A2B8 85 KB
29 KB 33ms
6ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/221/trk.js
Requested by: Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1636962229&bdh=1nqgLrzGyyk_3rlnpSCko2sRbg0.&&bdref=https%3A%2F%2Fm.dir.bg%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fm.dir.bg%2F,https%3A%2F%2Flikevertising.com%2Fsend%3Fi%3Dor4a09mbyy4djkim55%26a%3D979f14aa57863de0e659848470182adb1%26cb%3D4018791636962229660&&id=17890028
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Age: 1115085
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29240
X-Served-By: cache-lga21932-LGA, cache-fra19164-FRA
Access-Control-Allow-Origin: *, *
Last-Modified: Tue, 02 Nov 2021 09:57:21 GMT
Server: AkamaiNetStorage
X-Timer: S1636962230.187581,VS0,VE0
ETag: "f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 02 Nov 2022 09:59:04 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 2035535

GET
H/1.1 200
OK 17210.js Show response
ads.rubiconproject.com/ad/ Frame CFF7 30 KB
9 KB 40ms
8ms Script
text/javascript 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/17210.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=fa23da017e8678c7ec77e9b00cc3549b5&cb=5589161636962229655
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=5381
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8916
Expires: Mon, 15 Nov 2021 09:13:31 GMT

GET
H2 200 pixels Show response
3pd.criteo.com/user-sync/ Frame 7857 13 B
283 B 55ms
16ms XHR
application/json 178.250.0.173
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://3pd.criteo.com/user-sync/pixels?gdprapplies=true&countrycode=DE
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.173 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://likevertising.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 events
bidder.criteo.com/csm/ Frame 7857 0
190 B 15ms
15ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://likevertising.com
date: Mon, 15 Nov 2021 07:43:50 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 prebid.3-25.js Show response
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame 9436 360 KB
112 KB 18ms
18ms Script
text/javascript 2a02:26f0:6c00::210:ba69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 03736b108efeca49e24b0f35ff8b9ac3fb4468b6c64de144b1b441cba12f46e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 13:47:45 GMT
server: UploadServer
etag: "fa7fdd65f39d0e16a18830e016d93050"
vary: Accept-Encoding
x-goog-hash: crc32c=7nuQoQ==
content-type: text/javascript
x-goog-storage-class: STANDARD
cache-control: private, max-age=18000
accept-ranges: bytes
x-guploader-uploadid: ADPycdujqjdoucwFTPjV6RHlgntzZGtZQGae1DLGuivFTszL8UlyvlEdjsg8EcOjKgK6kweBOTNimy16WnUz0WXmNlk
expires: Mon, 15 Nov 2021 12:43:50 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/ Frame A980
Redirect Chain

https://adx.adform.net/adx/?rp=3&bWlkPTczODcyNiZybmQ9NjI4Z2dzYW1nc2JqZnhxc2d0czE&url=https%3A%2F%2Fm.dir.bg&callback=_adform_cb_1636962230188_634652204947526
https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTczODcyNiZybmQ9NjI4Z2dzYW1nc2JqZnhxc2d0czE&url=https%3A%2F%2Fm.dir.bg&callback=_adform_cb_1636962230188_634652204947526

920 B
1 KB

42ms
42ms

Script
text/javascript

37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTczODcyNiZybmQ9NjI4Z2dzYW1nc2JqZnhxc2d0czE&url=https%3A%2F%2Fm.dir.bg&callback=_adform_cb_1636962230188_634652204947526

Protocol

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a74ebdb9b778dd47fb7eb6aca491bcea676204c3a7b6e9f638e74f8c58e44434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 859
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTczODcyNiZybmQ9NjI4Z2dzYW1nc2JqZnhxc2d0czE&url=https%3A%2F%2Fm.dir.bg&callback=_adform_cb_1636962230188_634652204947526
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F780 38 KB
14 KB 9ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=78895
expires: Tue, 16 Nov 2021 05:38:45 GMT
date: Mon, 15 Nov 2021 07:43:50 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7789 38 KB
14 KB 10ms
10ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=78895
expires: Tue, 16 Nov 2021 05:38:45 GMT
date: Mon, 15 Nov 2021 07:43:50 GMT
vary: Accept-Encoding

GET
H2 200 AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame CF49 2 KB
2 KB 176ms
119ms Script
text/html 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=156383&siteId=638919&adId=2497714&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fm.dir.bg%2F&inIframe=1&kadpageurl=dir.bg&schain=1.0%2C1!adpone.com%2Cb457a8e03a4f0fd19148&operId=3&sec=1&kltstamp=2021-11-15%207%3A43%3A50&timezone=0&screenResolution=1600x1200&ranreq=0.5284432947937703&pmUniAdId=0&adVisibility=0&adPosition=-1x-1&pm_uid_bc=763DC6BB-787D-465E-9F7B-573F485F7E30&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 015aba87846f9bc4564b3eefb4de4e21d9e17a8c5e6f130e771f8775abe6791d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame E84B 1 KB
1 KB 36ms
7ms Script
application/javascript 2600:9000:2156:9a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:26:00 GMT
content-encoding: gzip
age: 1070
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: eXiVROlQyUy3vcvf2c8HIdploRi6xgV2qz5IZb4pf9QrMabsR_Eapg==

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame E84B 44 B
329 B 39ms
14ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://likevertising.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame E84B 109 B
545 B 103ms
33ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 568cb3e658abb40b15c6aaa277df5d58d154e7e60622b2a37e87773b0ba6780e

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://likevertising.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 15 Dec 2021 07:43:50 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AE83
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&...
https://mwzeom.zeotap.com/mw?adnxs_uid=4101933371051267773&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258

95 B
153 B

26ms
18ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=4101933371051267773&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6ae6d9d35cc76997-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 93f41e3d-926b-4782-afdc-bdabc82c3b5f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=4101933371051267773&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AE83
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&...
https://mwzeom.zeotap.com/mw?google_gid=CAESED3fB0sangFh-LUplFVX9Pw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c5...

95 B
181 B

25ms
16ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESED3fB0sangFh-LUplFVX9Pw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6ae6d9d35cc46997-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESED3fB0sangFh-LUplFVX9Pw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AE83
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Df8a89c8e-3b5f-4299-4cdc-14b37a2d8f46%26reqId%3D97c4b3a9-0a85-48a4-5ad2-4c5034...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Df8a89c8e-3b5f-4299-4cdc-14b37a2d8f46%26reqId%3D97c4b3a9-0a85-48a4-5ad2-4c5034...
https://mwzeom.zeotap.com/mw?cid=8efd733c-417c-42b5-a902-85f0ecfda817&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc...

95 B
153 B

18ms
18ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=8efd733c-417c-42b5-a902-85f0ecfda817&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6ae6d9d3fe0e6997-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=8efd733c-417c-42b5-a902-85f0ecfda817&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 449

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AE83
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=39692177400187621883186628633934710719&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb2...

95 B
153 B

24ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=39692177400187621883186628633934710719&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6ae6d9d49fec6997-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v019-0920decde.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Z2y5610/QM0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=39692177400187621883186628633934710719&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AE83
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1258&cid=iUm8VVLbSPPi7eu8bnaLNjl0pQWC%2FkKn%2BS41iYitP1U%3D

95 B
153 B

23ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1258&cid=iUm8VVLbSPPi7eu8bnaLNjl0pQWC%2FkKn%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6ae6d9d3cdb76997-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1258&cid=iUm8VVLbSPPi7eu8bnaLNjl0pQWC%2FkKn%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AE83
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Df8a89c8e-3b5f-4299-4cdc-14b37a2d8f...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258

95 B
153 B

20ms
20ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6ae6d9d42e9b6997-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&id_mid_4=f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46&reqId=97c4b3a9-0a85-48a4-5ad2-4c503412bb23&uc=2&zdid=1258
date: Mon, 15 Nov 2021 07:43:50 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame E84B 84 KB
30 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 12 Nov 2022 04:39:17 GMT

GET
H/1.1 200
OK 1500018-15.js Show response
smarttag.rubiconproject.com/a/17210/298198/ Frame CFF7 3 KB
3 KB 108ms
60ms Script
text/javascript 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/17210/298198/1500018-15.js?&cb=0.7568207121817121&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=298198_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/17210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4b69dad99378a9d812f1810e1e3882b502892b59b3094bf8aaa485caee477d9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2104
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame F318
Redirect Chain

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ance...
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ance...

5 KB
2 KB

56ms
34ms

Document
text/html

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&uidRedirect=1
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fm.dir.bg%2F&rnd=982460307
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 3100792864ca02b95aacd0e557139c011b65c9b6fc27676407a619cff590ee97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Nov 2021 07:43:50 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 95525100042453501467939011779020
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1744
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Nov 2021 07:43:50 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ Frame E84B 990 B
2 KB 131ms
31ms Script
application/javascript 52.19.63.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12767&ref=https%3A%2F%2Fm.dir.bg%2F&hn_ver=20&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12767/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-63-112.eu-west-1.compute.amazonaws.com

Software

Resource Hash

971ba60f3d516461bdff7ec672a2b6cb4bd7d6e9d391c22b336ff5ac1dc832d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 990
Expires: Tue, 09 Nov 2021 09:28:30 UTC

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F780 5 KB
6 KB 17ms
17ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47723378&p=156383&s=638919&a=2497714&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 44fc2a697315ffcdc0cee664925ce26396f989244d21e27db38256d844ae9579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EF4F 52 KB
17 KB 45ms
12ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1619737
Requested by: Host: likevertising.com
URL: https://likevertising.com/send?i=or4a09mbyy4djkim55&a=979f14aa57863de0e659848470182adb1&cb=4018791636962229660
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 16 Nov 2021 07:43:52 GMT
Date: Mon, 15 Nov 2021 07:43:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame E84B 0
431 B 31ms
14ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fm.dir.bg%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.76], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://likevertising.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Mon, 15 Nov 2021 07:43:50 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame A2B8 0
827 B 18ms
18ms Ping
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fm.dir.bg%2F&e=wqT_3QKNCvBMDQUAAAMA1gAFAQi1n8iMBhC2gpygyPGk3ksYva3TjrDVv_Y4KjYJc51GWipvpz8RGfy7RuQenz8ZAAAA4KNwAUAhGfy7RuQenz8pc50JJPCwMQAAACCF6-E_MOz1wwg4mFBAyk5IAlCT_PlmWJuzfGAAaNSusQF4hZAFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2MzY5NjIyMjkpO3VmKCdpJywgNDEyNjE2OSwgMTYzNjk2MjIyOSk7dWYoJ2cnLCAxMTQ5Mzg4NywgMTYzNjk2GTswcicsIDIxNTkwNzg1OTZaAPQFAZIC8QMhNjJJMmp3akZpSTBURUpQOC1XWVlBQ0NiczN3d0FEZ0FRQUJJeWs1UTdQWERDRmdBWUlVR2FBQndBSGdBZ0FFQWlBRUFrQUVBbUFFQW9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxa1A4RUJHaVh6a290dnB6X0pBUUFBQUFBQUFQQV8yUUdDSEpRdzBfYnJQLUFCMmV2N0FmVUJDdGNqUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6RTZORE01Ti1BRDlDeUFCSnU5MlFPSUJKeTkyUU9RQkFDWUJBR2dCQlRCQkFBQUEBiBBBQUF5URGVJEFBQU5nRUFQRUUBCwkBMENJQmEwaXFRV0NISlEJrAg3RUYJHAEBQERCQlhzVXJrZmhlcVFfeVFVARUYQUFBRHdQOTIoAARaQhFn8ENQQV80QVhoSV9BRl84TzlCZmdGc3BxVUFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2cEQtb0JnU3lCaVFKQQFjCQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFpeGM1bEE29QFAbTdOOElBQW9BREY3Rks1SDQhuXx6b0pRVTFUTVRvME16azNRUFFzU1lJY2xERFQ5dXNfVRHNDEFBQVcdDABZHQwAYR0MAGMdDBBlQUNKQREQ8MJQQV_YAgDgApuFTuoCEWh0dHBzOi8vbS5kaXIuYmcvgAMAiAMBkAMAmAMZoAMBqgMAwAOsAsgDANgD2tUo4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDTkxLjE5OS4xMTguNzaoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA8xMDA1OCNBTVMxOjQzOTfaBAIIAeAEAPAEk_z5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAABDHgAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGCSMo8D_QBrsz2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIABgJtjC5BkAAyAeFkAXSBw0JEToBOAjaBwYJJzDgBwDqBwIIAPAHopAD&s=e29d5780111176697f7b0109097efe3f1d06c3c0&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=5074730611849716656&vd=ct~0|rr~0&sv=221&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=17890028&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0e893794-be0f-401e-8536-84bc4c9c2bb2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://likevertising.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 17210.js Show response
ads.rubiconproject.com/ad/ Frame CF49 30 KB
9 KB 8ms
8ms Script
text/javascript 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/17210.js
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=156383&siteId=638919&adId=2497714&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fm.dir.bg%2F&inIframe=1&kadpageurl=dir.bg&schain=1.0%2C1!adpone.com%2Cb457a8e03a4f0fd19148&operId=3&sec=1&kltstamp=2021-11-15%207%3A43%3A50&timezone=0&screenResolution=1600x1200&ranreq=0.5284432947937703&pmUniAdId=0&adVisibility=0&adPosition=-1x-1&pm_uid_bc=763DC6BB-787D-465E-9F7B-573F485F7E30&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=5381
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8916
Expires: Mon, 15 Nov 2021 09:13:31 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 3B5F 35 B
469 B 101ms
16ms Document
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6592
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6343099854596445264

42 B
211 B

18ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6343099854596445264
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug018:0:497
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6343099854596445264
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 454C 43 B
334 B 53ms
14ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 15 Nov 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 564323

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CC8D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030699242646075534

42 B
521 B

69ms
14ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030699242646075534
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug004:0:507
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Mon, 15 Nov 2021 07:43:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030699242646075534

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6B23
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZIPtgAEu8MLRgBG&gdpr=0&gdpr_consent=&_test=YZIPtgAEu8MLRgBG

1 B
237 B

17ms
17ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZIPtgAEu8MLRgBG&gdpr=0&gdpr_consent=&_test=YZIPtgAEu8MLRgBG
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug017:0:406
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZIPtgAEu8MLRgBG&gdpr=0&gdpr_consent=&_test=YZIPtgAEu8MLRgBG
accept-ranges: bytes
date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 varnish
x-served-by: cache-fra19158-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1636962231.545059,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 8C61
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTVdVN0RKQjhBQUNnMi1oWlY0dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

31ms
31ms

Document
image/gif

34.248.11.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.11.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-11-216.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Mon, 15 Nov 2021 07:43:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Mon, 15 Nov 2021 07:43:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: clear

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6614
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
107 B

57ms
15ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug001:2:343
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Mon, 15 Nov 2021 07:43:50 GMT
server: _

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 89DD 15 B
915 B 46ms
20ms Document
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ae6d9d44f4bdfef-FRA

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 715B 43 B
408 B 77ms
12ms Document
image/gif 72.251.245.179
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-7
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9F01
Redirect Chain

https://core.iprom.net/cookiesync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=413414937079319

42 B
208 B

17ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=413414937079319
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug009:0:391
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Vary: Accept-Encoding
X-adserver-worker: komodo-2a4d98f76273@version_1.345v4
Connection: close
X-server-arch: v2
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=413414937079319
Content-Type: text/html; charset=utf-8
Content-Length: 279
X-core-time: 1ms
Date: Mon, 15 Nov 2021 07:43:50 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 00DC
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=oLq87Hac10nbxDYfIhaNX0fP

42 B
215 B

47ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=oLq87Hac10nbxDYfIhaNX0fP
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug020:0:447
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Mon, 15 Nov 2021 07:43:50 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=oLq87Hac10nbxDYfIhaNX0fP
strict-transport-security: max-age=0; includeSubDomains;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8ACF
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8789225691
https://sync.1rx.io/usersync/tradedesk/8efd733c-417c-42b5-a902-85f0ecfda817
https://sync.targeting.unrulymedia.com/csync/RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003

42 B
228 B

19ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug010:0:489
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003
etag: RX80d0b83627da4c87a9e45f4b33a95a5e003

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 2F44
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
413 B

173ms
163ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ae6d9d56eab4de8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 39
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ae6d9d44cdf4de8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 52C5 0
44 B 299ms
96ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Mon, 15 Nov 2021 07:43:49 GMT
server: c

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F780
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L_HSwpGaTwa1Z0_Ej_aOwg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

15ms
14ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=38195
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Mon, 15 Nov 2021 18:20:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=30536192-0fb6-4600-9c4e-a42d83da85cd

0
128 B

82ms
26ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=30536192-0fb6-4600-9c4e-a42d83da85cd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=30536192-0fb6-4600-9c4e-a42d83da85cd
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Nov 2021 07:43:49 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame F780
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d219833c0975f0d84a8a3e4d7ab8b9b
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=407a02f3c9c2d84b43b2774884d31487

35 B
248 B

17ms
17ms

Image
image/gif

146.59.148.16
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=407a02f3c9c2d84b43b2774884d31487
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Server: 146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-2.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Mon, 15 Nov 2021 07:43:50 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=407a02f3c9c2d84b43b2774884d31487
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkZGMUQyQzItOTE5QS00RjA2LUI1NjctNEZDNDhGRjY4RUMy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

78ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug022:0:412
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDJPcGhBZfoO9u-1OsQUb2c&google_cver=1

42 B
282 B

78ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDJPcGhBZfoO9u-1OsQUb2c&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:483
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDJPcGhBZfoO9u-1OsQUb2c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame F780 43 B
618 B 64ms
27ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 14 Nov 2021 07:43:50 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&gdpr=0&gdpr_consent=

42 B
339 B

28ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:582
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Nov 2021 07:43:49 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5590461365333053461

42 B
235 B

18ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5590461365333053461
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:689
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5590461365333053461
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8efd733c-417c-42b5-a902-85f0ecfda817

42 B
293 B

54ms
15ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8efd733c-417c-42b5-a902-85f0ecfda817
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:317
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8efd733c-417c-42b5-a902-85f0ecfda817
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4101933371051267773&gdpr=0&gdpr_consent=

42 B
521 B

77ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4101933371051267773&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:437
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 02cecd02-e885-4599-ad88-666aac2926c4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4101933371051267773&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 2FF1D2C2-919A-4F06-B567-4FC48FF68EC2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F780 43 B
842 B 122ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/2FF1D2C2-919A-4F06-B567-4FC48FF68EC2?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zN.nuDtE2uU5dfizIJGf3EjxojLEg8Y-~A&gdpr=0&gdpr_consent=

0
260 B

39ms
19ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zN.nuDtE2uU5dfizIJGf3EjxojLEg8Y-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zN.nuDtE2uU5dfizIJGf3EjxojLEg8Y-~A&gdpr=0&gdpr_consent=
date: Mon, 15 Nov 2021 07:43:50 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=s9P_-rWEpP6o1KfwvIDr8ODQovGogfT5sdOuPh15

42 B
270 B

79ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=s9P_-rWEpP6o1KfwvIDr8ODQovGogfT5sdOuPh15
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug021:0:929
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=s9P_-rWEpP6o1KfwvIDr8ODQovGogfT5sdOuPh15
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://px.adhigh.net/p/cm/bsw?u=54b91606-4a77-4a4e-a0c9-51d8066aaebb&bidswitch_ssp_id=pubmatic
https://px.adhigh.net/p/cm/bsw?u=54b91606-4a77-4a4e-a0c9-51d8066aaebb&bidswitch_ssp_id=pubmatic&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=uMoxQV6tNtNT.AikABlF9Io1hdQ&expires=30&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54b91606-4a77-4a4e-a0c9-51d8066aaebb&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

18ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54b91606-4a77-4a4e-a0c9-51d8066aaebb&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:841
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54b91606-4a77-4a4e-a0c9-51d8066aaebb&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 15 Nov 2021 07:43:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame F780 0
104 B 123ms
60ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3011783490284999467&gdpr=0&gdpr_consent=&us_privacy=

1 B
168 B

18ms
17ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3011783490284999467&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:459
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3011783490284999467&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 15 Nov 2021 07:43:49 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
204 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:444
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dac730e2-13c7-43fd-bdc2-6489bb8f0fbf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

17ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dac730e2-13c7-43fd-bdc2-6489bb8f0fbf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:396
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dac730e2-13c7-43fd-bdc2-6489bb8f0fbf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F780
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4101933371051267773

42 B
110 B

17ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4101933371051267773
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:324
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 725a8b55-cf19-47c5-8599-7743896369c9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4101933371051267773
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame F780 35 B
238 B 101ms
31ms Image
image/gif 34.254.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ Frame E84B 0
528 B 143ms
34ms XHR
application/x-javascript 54.228.184.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.184.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-184-61.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 07:43:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://likevertising.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 17210.js Show response
ads.rubiconproject.com/ad/ Frame 4ABA 30 KB
9 KB 9ms
8ms Script
text/javascript 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/17210.js
Requested by: Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=5381
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8916
Expires: Mon, 15 Nov 2021 09:13:31 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9636 163 KB
54 KB 161ms
122ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/17210/298198/1500018-15.js?&cb=0.7568207121817121&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=298198_15&rp_secure=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 76ea9f89e9d33f3ebc99e57ab943e64be3a3d9e9bf05c41305c22e2a5eb97d20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Tb9D25b9tt7KagrJVdhvWR1jvXFPWPN8btjrLffKIG5E4bHy74HS267jZ3-gA65Z2RN_Svxt6iKQ3yZxiNzn_r-9pktmM5S-4o1y7iwuCCxZUnsUJhyODVphwdd7VTB4R3GkIZc8HYqzlRU5sWc4XJ-o4WZqiaaZy9KaMOBfV1g4ju_zIAtgMJZ5-b299gwo2IsixgpF0z46NgG3qsTD826eMFJy2Em0fLQCA90TBvq1y_WPu1ERQFB2vFOh18jzo0JopQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 109738438
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FE81 281 B
554 B 33ms
7ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/17210/298198/1500018-15.js?&cb=0.7568207121817121&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=298198_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Nov 2021 07:43:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200 e5b535b9-bd89-41bb-bcae-b8031ba63216
beacon-fra2.rubiconproject.com/beacon/d/ Frame CFF7 43 B
354 B 46ms
9ms Image
image/avif 2602:803:c004:200::155
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/e5b535b9-bd89-41bb-bcae-b8031ba63216?oo=0&accountId=17210&siteId=298198&zoneId=1500018&sizeId=15&e=6A1E40E384DA563BDA6A7CC630C7248EFFBC457444544DD154C475E91830E3C1C14B29770CBF4DB89A2C1B76EF26E5F5172DB22D3B21A9B5407AE4BEEA1962A3E78B07314491BCCAA212C2F1B4BBD7D892A71DCC85EEDB39A037DE5705547B14E3E862328B10F6FB9F493E4C933932DF9FF9184A5CBF79FC7472AADAA53526B087AFBCA934DAA83CABBBEF9C5C501F241DE338F4A26ADDD1DEEEB75FB10F964BD7E6D7737C6F8AD17E3DC6E614339C574647BAD4984DA5558C603C4147064C4E93E3C80395D04D52C9DA2C8E1AAA4ED590596ACA5D610C3833C0B397A7CEEE5DD17DFCA10DF9057FC5E51EE5546D889E7368CEB62110E47124D55077C90D71416509816EA5188D464778ECB222F6B3A52A31CB211E6427F5058503230A934E9B1AA87837DC63BFA10577FC7B7B08FD7AFD3E21A1D2EC2882410BA1834A0B9F39925E6C610303A711C8A21DC4455BACA66B004F7BBDC020D6BB5BD3B193B1A9E384D275507C5BA8E8F6B1128E1BCDC4E425B32797843288DF32BC11AB02F3C9B49FD05E431520FBC725599839FA0ABC85C7B78C74F08F2F79CB4E0A59B2C7EAC39A8385C039780F8E9A11573FB54BA6455A452EB4BB6266809606911F5CE576EBD0148FFB005497FC91D02C2D0481DED0F8CF5A75B678D861C9083ABE1E8AF88BE5E6D001C164BAF8A14E1CCC46818EC169FE0A5B4E23B450803E37C9AEA21946729E3A3A6F193D23A8EE77061B79FD97B6D707B2958EA1455B1FFC38121DF9C7957FAEBA6B39B6C84C1B9143DAA7B12B859AFA30BB7ECD85B349055BBB328AB2D9009516417CCCEDD25AFD2A4DF95B7A47866E2A8B31FAD76377F608972DD446D82D574BB593C598154996029682530BA422BD09893C594277B1028F3A4548558F00DB9E54A4C0520EA127465D14CAA0B4CE3F68C5D30A3F

Requested by

Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=fa23da017e8678c7ec77e9b00cc3549b5&cb=5589161636962229655

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c004:200::155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK 1500018-15.js Show response
smarttag.rubiconproject.com/a/17210/298198/ Frame CF49 1 KB
2 KB 69ms
67ms Script
text/javascript 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/17210/298198/1500018-15.js?&cb=0.9782324432495595&tk_st=1&rf=https%3A//m.dir.bg/&rp_s=c&p_screen_res=1600x1200&ad_slot=298198_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/17210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: be3b0f048147bdc559755a2c79e52394a764fcc6c9f871cd9d00561b86efce4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 828
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame F318 0
150 B 47ms
12ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=95525100042453501467939011779020&a=5767fda8&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame D6E4
Redirect Chain

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX...
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX...

5 KB
2 KB

55ms
33ms

Document
text/html

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX_FYByxmYOy0IW9wA38FJi0mCmvlb0vFg8HmXmp0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=95525100042453501467939011779020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fptbqbu5u5lgws38%3Ftprde%3D&uidRedirect=1
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 16ab7db819e3f61f6a8fffa3e5b3cfbe0bba9e9b9b8b4555887f3318dcbb726d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&uidRedirect=1

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Nov 2021 07:43:50 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 12152000042454901649441011779020
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1568
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Nov 2021 07:43:50 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX_FYByxmYOy0IW9wA38FJi0mCmvlb0vFg8HmXmp0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=95525100042453501467939011779020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fptbqbu5u5lgws38%3Ftprde%3D&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame F318 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame F318 851 B
1 KB 54ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK 1500018-15.js Show response
smarttag.rubiconproject.com/a/17210/298198/ Frame 4ABA 4 KB
3 KB 89ms
66ms Script
text/javascript 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/17210/298198/1500018-15.js?&cb=0.758622933740353&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=298198_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/17210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5e989c73d4619245c02effe1617e729f20424e24ed30d3b5adb68aece5c4ef41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 62EE 38 KB
14 KB 11ms
8ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=15702&ref=https%3A%2F%2Fm.dir.bg%2F&cb=1152278217&timeZone=0&adWidth=300&adHeight=250&loc=https://m.dir.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=78895
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 16 Nov 2021 05:38:45 GMT

GET
H2 200 ga.js Show response
cdn-adtrue.com/track/ Frame 62EE 751 B
1001 B 132ms
101ms Script
application/x-javascript 2606:4700:3038::6815:ead6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=15702&ref=https%3A%2F%2Fm.dir.bg%2F&cb=1152278217&timeZone=0&adWidth=300&adHeight=250&loc=https://m.dir.bg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19713039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 01 Apr 2021 03:35:26 GMT
server: cloudflare
etag: W/"60653f7e-2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB9NMz3tkZCxac7r8yyhf5k4j1nxZ%2FM1AwmGnmvJl0cWFUnvOrZ6188z%2FOcoQRXsfuduJIOnLiLpX9EjQXb9lirrdZSBvlTJXNuQEl33aIsKb0rRgedp6Gh0ZXCjwfwlI5A7kf345VOW5xXjEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 6ae6d9d4ca996919-FRA
expires: Sun, 27 Mar 2022 03:53:11 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame E84B
Redirect Chain

https://token.rubiconproject.com/token?pid=34010&puid=6e135095f5f8984b&gdpr=0
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=KW0D1OP6-19-KDIP&customParamenters={p:customParamenters}&gdpr=0

95 B
860 B

58ms
31ms

Image
image/png

52.19.63.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=rubicon&dsp_uid=KW0D1OP6-19-KDIP&customParamenters={p:customParamenters}&gdpr=0

Requested by

Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656

Protocol

HTTP/1.1

Server

52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-63-112.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 15 Nov 2021 07:43:50 UTC

Redirect headers

Location: https://s.cpx.to/sync?dsp=rubicon&dsp_uid=KW0D1OP6-19-KDIP&customParamenters={p:customParamenters}&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame E84B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977
https://s.cpx.to/ca.png?dsp=dbm&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977&google_gid=CAESEE28uHVLc60CnqVhifAUlmY&google_cver=1

95 B
804 B

31ms
31ms

Image
image/png

52.19.63.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977&google_gid=CAESEE28uHVLc60CnqVhifAUlmY&google_cver=1

Requested by

Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656

Protocol

HTTP/1.1

Server

52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-63-112.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977&google_gid=CAESEE28uHVLc60CnqVhifAUlmY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame E84B
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3De1831104-af41-4b21-9bd8-c9f0bc1ed977&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977&gdpr=0&cklb=1

0
435 B

16ms
15ms

Image
text/plain

185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977&gdpr=0&cklb=1
Requested by: Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656
Protocol: HTTP/1.1
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977&gdpr=0&cklb=1
pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

an_fire
s.cpx.to/ Frame E84B
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12767%26ref%3Dhttps%253A%252F%252Fm.dir.bg%252F%26hn_ver%3D20%26fid%3De1831104-af41-4b21-9bd8-c9f0b...
https://s.cpx.to/an_fire?app_nexus_uid=4101933371051267773&pid=12767&ref=https%3A%2F%2Fm.dir.bg%2F&hn_ver=20&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977

95 B
865 B

72ms
30ms

Image
image/png

52.19.63.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=4101933371051267773&pid=12767&ref=https%3A%2F%2Fm.dir.bg%2F&hn_ver=20&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977

Requested by

Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656

Protocol

HTTP/1.1

Server

52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-63-112.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 15 Nov 2021 07:43:50 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 73d52b6a-fc96-4691-953e-a31512146db3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=4101933371051267773&pid=12767&ref=https%3A%2F%2Fm.dir.bg%2F&hn_ver=20&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame E84B
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De1831104-af41-4b21-9bd8-c9f0bc1ed977
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977

95 B
881 B

63ms
32ms

Image
image/png

52.19.63.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977

Requested by

Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656

Protocol

HTTP/1.1

Server

52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-63-112.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 15 Nov 2021 07:43:50 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2FF1D2C2-919A-4F06-B567-4FC48FF68EC2&fid=e1831104-af41-4b21-9bd8-c9f0bc1ed977
date: Mon, 15 Nov 2021 07:43:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame E84B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=8efd733c-417c-42b5-a902-85f0ecfda817&dsp=TTD

95 B
876 B

54ms
30ms

Image
image/png

52.19.63.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=8efd733c-417c-42b5-a902-85f0ecfda817&dsp=TTD

Requested by

Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656

Protocol

HTTP/1.1

Server

52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-63-112.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 15 Nov 2021 07:43:50 UTC

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=8efd733c-417c-42b5-a902-85f0ecfda817&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ Frame E84B 43 B
220 B 77ms
7ms Image
image/gif 18.195.255.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: likevertising.com
URL: https://likevertising.com/user?i=or4a09mbyy4djkim55&a=85978c4cfb1aa3a030cf05851084809b5&cb=2227171636962229656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.255.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-255-254.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FE81 32 KB
10 KB 8ms
8ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e082294630f01fe8c1754f194c9ab266daf508bdd6353949cadf922f6396301e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33530
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Mon, 15 Nov 2021 17:02:40 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 44B9 38 KB
14 KB 16ms
15ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=78895
expires: Tue, 16 Nov 2021 05:38:45 GMT
date: Mon, 15 Nov 2021 07:43:50 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame DA15 38 KB
14 KB 20ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=78895
expires: Tue, 16 Nov 2021 05:38:45 GMT
date: Mon, 15 Nov 2021 07:43:50 GMT
vary: Accept-Encoding

GET
H2 200 AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame 62EE 2 KB
1 KB 19ms
18ms Script
text/html 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=639493&adId=2503544&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fm.dir.bg%2F&inIframe=1&kadpageurl=m.dir.bg&schain=SUPPLYCHAIN_GOES_HERE&operId=3&sec=1&kltstamp=2021-11-15%207%3A43%3A50&timezone=0&screenResolution=1600x1200&ranreq=0.6379271575918886&pmUniAdId=0&gdpr=1&dspids=%7B%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e8d514e24cb9846887d8a05e49256ef6f8fa5a34a595fdd3b5ab227b4ecafd47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame CF49 12 KB
4 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=6205&uref=https%3A%2F%2Fdir.bg%2F
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/17210/298198/1500018-15.js?&cb=0.9782324432495595&tk_st=1&rf=https%3A//m.dir.bg/&rp_s=c&p_screen_res=1600x1200&ad_slot=298198_15&rp_secure=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c7fa24917e874800e051036490e173aed40b5758b1f249051f42d2dbab21b916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3955
expires: Mon, 15 Nov 2021 07:43:50 GMT

GET
H/1.1 200 752799f0-cf2a-4a59-9786-ed49f1407521
beacon-fra2.rubiconproject.com/beacon/d/ Frame CF49 43 B
354 B 9ms
9ms Image
image/avif 2602:803:c004:200::155
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/752799f0-cf2a-4a59-9786-ed49f1407521?oo=0&accountId=17210&siteId=298198&zoneId=1500018&sizeId=15&e=6A1E40E384DA563B44DC0A07663A56BDE5978E1BB64F5C6F2A7B20DA019D5799BCE24DCEA547F5879BE1BD8F8F97D2C06D748C0D8D7FAA2256DB7B1FD04E1BCA1C515A5E0A1F1328C7D647687C4617DB63AF685AF18256F344D7AF254DDDECF047866E2A8B31FAD76377F608972DD446D82D574BB593C59832997889F1DA11D8

Requested by

Host: likevertising.com
URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=4771a71a974d11dafd726c348f619b729&cb=0332291636962229659

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c004:200::155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:49 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2F53 163 KB
54 KB 125ms
124ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/17210/298198/1500018-15.js?&cb=0.758622933740353&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=298198_15&rp_secure=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 90a6ebbc2eb21096fbeb0af3707c8f76f775f44789d3e9b3592865a22f6b4327

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=M8_s2Zb9tt7KagrJ-UeYeDGU-U4df79eI-8zdD7vHojgeedbjh4-uZ6wxbCwCmpKy0hGZJgz96DmEiqwOLTqmj6t-tq5PmOvBcRjGE4gOj9t7k-0-avODtr7M0WONG6v7OzJorpcc7T_2-VUFF7XS5oLCTI88lhy2aKUqdqK_WiS4ICgS8KE1h3w61nV_TsKcd4YfhSktkYwoCWoOYTrLXZ7azZej0_LkobsU1Igng08bCgjylAdGlxnPTX-1bqMfwbH-g"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 111794638
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame 4ABA 6 KB
3 KB 127ms
29ms Script
text/javascript 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.rubiconproject.com/2/873648/analytics.js?si=298198&di=likevertising.com&ap=&dm=15&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000

Requested by

Host: m.dir.bg
URL: https://m.dir.bg/dnes/obshtestvo/d-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-43-221.eu-west-1.compute.amazonaws.com

Software

Resource Hash

01f7d641b9d6382f5081cc6aaa6991b2bf0c34bd5b2b0b4be9c77ea83ea9d2e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2891
Expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D886 281 B
554 B 9ms
7ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/17210/298198/1500018-15.js?&cb=0.758622933740353&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=298198_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Nov 2021 07:43:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200 dbe69c68-3429-4671-a039-2dc8bbcd613c
beacon-fra2.rubiconproject.com/beacon/d/ Frame 4ABA 43 B
354 B 8ms
8ms Image
image/avif 2602:803:c004:200::155
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/dbe69c68-3429-4671-a039-2dc8bbcd613c?oo=0&accountId=17210&siteId=298198&zoneId=1500018&sizeId=15&e=6A1E40E384DA563BF380FC2F4EB262A4822CD8D8BE276E8714995DAB0004FD9B543CDD0AA554B134CCA6069D2942E5436D748C0D8D7FAA22C20D2366A013FDBC1C515A5E0A1F1328C7D647687C4617DB525C91F6DA33F6AE1E94F92356877766639CBF2FBB09D95200221D33C6A3F20ECADD850A636A4991CF1F68E79C0612E18AA0EEBF920A48D9479B8F430D2D38DA46DE9B0BD4E70F353E3FFB58D1873792D31FFC78C091865A9826AE675E86EB70A108816AD658AAF0AB0760D892D2F4A79374507C8AD0A4F889ADFF3DBAEFDD3A0955F4518A2A119E8E8612FC33D070E2569C31A240679662FDB97BD4D62669E20F7FBDEBDA2EC11CA6770068BDDDB0F6822F155B9EEC162A87752DFFCEB076773FCFBED47CBDCD858CB3795F23108B785AE3782FA713E165DF6FAC86AD67F6FA500DABE5584C4BAE95E14013D4DDE0F5DA2B0323F82BDF3B4BC3D33E6137708AF30CE6EDEB912AFD1CCFDF4D5F1EB4388A40BF4E2AE40A755E8F30EAECBC6ED795BC72B811D1FAE2D205C3DEDB2526F4DAF59F4C2867A9639226C76BE8C6C91481FC3A530D8D34FEA81C2B0D44DE8FE0EFBA2779B78AB7E1E0537B97C889F6D678320C17D2ABEF166047C570AA38E784C409E335BA0CBC8E6A175D2297A3562192229D863237618368D8B9C05F4156455C8E56B474383EF0EB9A44FE845581F4475E6992ACAD2EA38527F6481628E878F1EB83CEA3804F6BABED6CF557553AE5D412C19F0B8A83A48871AAC4A25E9D00FCE452E934D7E9F0D9D4423A17A99119055D0CBAD128489F56EAF6FC54DD96E468880398EB2EBE2941D16AEB7B26D2D9CED9FA3F74E8607510EB768FEBBD2C4706ED968E868084358D3E7F3DE94C20D066CBF9029BC12C187278162B4C56ED3657EF1276632586A843700965D86F655197DFEE9EAA5A3E82

Requested by

Host: likevertising.com
URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=3f365a130536d068c3dd8aedaf5efba05&cb=2147061636962229651

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c004:200::155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame 62EE 7 KB
4 KB 47ms
22ms Script
application/javascript 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?id=17929237

Requested by

Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=639493&adId=2503544&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fm.dir.bg%2F&inIframe=1&kadpageurl=m.dir.bg&schain=SUPPLYCHAIN_GOES_HERE&operId=3&sec=1&kltstamp=2021-11-15%207%3A43%3A50&timezone=0&screenResolution=1600x1200&ranreq=0.6379271575918886&pmUniAdId=0&gdpr=1&dspids=%7B%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

23174e7134705d8dac302ee10d5c199529b48e0d4812e946928f9fc9430e3777

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1b900cb8-758e-4b2d-bce2-35c76c665fc9
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pav2_3.25.min.js Show response
cdn.projectagora-adtag-library.com/adtag325/latest/ Frame CF49 28 KB
7 KB 8ms
8ms Script
text/javascript 2a02:26f0:6c00::210:ba69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6205&uref=https%3A%2F%2Fdir.bg%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0eab85a4383045144ef624b43823a228b64db824f1e49f8c8ee0dba65272e8d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 11:44:03 GMT
server: UploadServer
etag: "8100755844a395f0c8f5410e88b91dbf"
vary: Accept-Encoding
x-goog-hash: crc32c=y7PU+g==
content-type: text/javascript
x-goog-storage-class: STANDARD
cache-control: private, max-age=18000
accept-ranges: bytes
x-guploader-uploadid: ADPycdtAhQDgy-N9s9KJGSkMb3x3sG57xzwZZ8WuGuXm_2kGxefB3GbxxMbtRy-r3qewuX31YOpwJMo1FrM3AsAIqgw
content-length: 6858
expires: Mon, 15 Nov 2021 12:43:50 GMT

GET
H2

200

evergreen-kts-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame D6E4
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=12152000042454901649441011779020
https://media.kaspersky.com/de/affiliates/evergreen-kts-300x250.jpg

48 KB
48 KB

207ms
91ms

Image
image/jpeg

93.159.228.11
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kts-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX_FYByxmYOy0IW9wA38FJi0mCmvlb0vFg8HmXmp0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=95525100042453501467939011779020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fptbqbu5u5lgws38%3Ftprde%3D&uidRedirect=1

Protocol

Server

93.159.228.11 , Russian Federation, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

d1130cdd4fefa1ae93c7389e23f6fc68200b0e7be18245ab2e153bdfbc003a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:33 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "a3fddd6061a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: msk2/MSK7
accept-ranges: bytes
content-length: 48846
date: Mon, 15 Nov 2021 07:43:50 GMT

Redirect headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kts-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9636 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy_small.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9636 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9636 308 B
608 B 18ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/close_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 9636 507 B
807 B 17ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/back_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 9636 0
461 B 76ms
36ms Image
text/plain 2600:9000:2156:1a00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1636962230
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: DNNpX5vBsiOGpFXB2dPHQWzLIaAVqDc7UAqwRw6bjEzwZkVq2nawtw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 9636 43 B
344 B 58ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=B-VB3dDPbZHdGywNkgsFl-YxIqXdhxnZBn6seQm4X0vzKw329JBmyKQQ8soUKzQIlsJUXlziEWf2v8pjL6wyjem7_2Wvx5aP_t_iUfUB9dCXoc91yOrev5apsGXki4YY3WVHeWEpgwm34QCyXzWfRm3zxza4h3DCK_s8TauSbNfouyLh8tz9IC_8VufP1wLJyClqGZTWwmCigs80xGMbQ5Tj-FlT9Vql9k9FcTUB_OFyNQoZBq8I5Q9LekNrXcK31plROHIawJUhm1PamnyP93GO5eRW3zH8GlSmIl3lEVqpBdmwZezeU5NfZ1UVOqJNHgObn3iqQ58wJpSJnj1oSshtBx-J7AG8tcirvtRan60iRu6nHcbkCLQIPWk20RtjMPOHPHX9BtkwDKO6zdmAtkMrLFauC4_X8PFhxRuGYaF8aZ8l49tAq_Obm-Vf0-Hlg7s6yA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6444
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame D6E4 0
150 B 36ms
12ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=12152000042454901649441011779020&a=01cc7527&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX_FYByxmYOy0IW9wA38FJi0mCmvlb0vFg8HmXmp0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=95525100042453501467939011779020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fptbqbu5u5lgws38%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame C217 43 B
702 B 61ms
36ms Document
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=12152000042454901649441011779020

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/

Response headers

Content-Type: image/gif
Content-Length: 43
Expires: 0
Pragma: no-cache
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Mon, 15 Nov 2021 07:43:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
DATA 200
OK truncated
/ Frame D6E4 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame D6E4 851 B
1 KB 54ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX_FYByxmYOy0IW9wA38FJi0mCmvlb0vFg8HmXmp0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=95525100042453501467939011779020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fptbqbu5u5lgws38%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0384 281 B
554 B 9ms
7ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: likevertising.com
URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=4771a71a974d11dafd726c348f619b729&cb=0332291636962229659
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Nov 2021 07:43:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 AdDisplayTrackerServlet Show response
aktrack.pubmatic.com/AdServer/ Frame FDCA 0
61 B 36ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156383&siteId=638919&adId=2497714&adType=3&adServerId=165&kefact=0.000000&kaxefact=0.000000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1636962230&indirectAdId=2253957&adServerOptimizerId=1&ranreq=0.5284432947937703&kpbmtpfact=0.000000&dcId=3&tldId=60334076&passback=3&svr=ADS23005U&adsver=_3010998657&adsabzcid=0&cls=ADS&ekefact=tg-SYUOTBQB_BJe-2SVrRTe4SxpO_kGtjxXwRDMpzoiDF54K&ekaxefact=tg-SYVaTBQDh95obIE8INDngnAQgY2BzWrW_S20D95ixPpjK&ekpbmtpfact=tg-SYW-TBQBwj34pO_DJhygS6ezs80X9MlVtL2JumbIRhPHo&enpp=tg-SYYKTBQAYPsnhwI3IcttKL0FDcNzaVRMkUdhKj8QmCKfU&pfi=1&domId=11427914440147218654&dc=lhr19&crID=0&campaignId=0&isRTB=0&imprId=CE4B4617-EFC9-4DA3-A2C2-AABB771A36F8&oid=CE4B4617-EFC9-4DA3-A2C2-AABB771A36F8&cntryId=58&domain=dir.bg&sec=1&pAuSt=2&wops=0&sURL=dir.bg&BrID=5
Requested by: Host: likevertising.com
URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=4771a71a974d11dafd726c348f619b729&cb=0332291636962229659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

content-type: text/html
content-length: 0
date: Mon, 15 Nov 2021 07:43:50 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 835A 38 KB
14 KB 9ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: likevertising.com
URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=4771a71a974d11dafd726c348f619b729&cb=0332291636962229659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=78895
expires: Tue, 16 Nov 2021 05:38:45 GMT
date: Mon, 15 Nov 2021 07:43:50 GMT
vary: Accept-Encoding

GET
H2 200 dis.aspx Show response
widget.nl.eu.criteo.com/dis/ Frame FC2D 28 B
529 B 56ms
15ms Document
text/html 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=7944&cb=61920fb5d0c425f74b30ce6e55de4dbc
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/

Response headers

date: Mon, 15 Nov 2021 07:43:49 GMT
content-type: text/html
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
timing-allow-origin: *
server-processing-duration-in-ticks: 2942881
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D886 32 KB
10 KB 9ms
8ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e082294630f01fe8c1754f194c9ab266daf508bdd6353949cadf922f6396301e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33530
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Mon, 15 Nov 2021 17:02:40 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6435 42 B
174 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4_DAAT2f1-NxNkDgpEI7sdXNc92zppcJH7WtIOWAP1IAnX5p2g5KMJc1CPZpD6wULQBTQF2OLaloGXtZoDkNtayM29Tg2SWQCXMyvmFEmb5X6OCiD&sig=Cg0ArKJSzDDKg39Y89c8EAE&id=lidar2&mcvt=1027&p=72,650,322,950&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1874766543&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636962229462&rpt=231&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid.3-25.js Show response
cdn.projectagora-adtag-library.com/prebid325/latest/ Frame CF49 360 KB
112 KB 16ms
16ms Script
text/javascript 2a02:26f0:6c00::210:ba69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/prebid325/latest/prebid.3-25.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag325/latest/pav2_3.25.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 03736b108efeca49e24b0f35ff8b9ac3fb4468b6c64de144b1b441cba12f46e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 13:47:45 GMT
server: UploadServer
etag: "fa7fdd65f39d0e16a18830e016d93050"
vary: Accept-Encoding
x-goog-hash: crc32c=7nuQoQ==
content-type: text/javascript
x-goog-storage-class: STANDARD
cache-control: private, max-age=18000
accept-ranges: bytes
x-guploader-uploadid: ADPycdujqjdoucwFTPjV6RHlgntzZGtZQGae1DLGuivFTszL8UlyvlEdjsg8EcOjKgK6kweBOTNimy16WnUz0WXmNlk
expires: Mon, 15 Nov 2021 12:43:50 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9636 12 KB
6 KB 17ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/animejs/animejs.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9636 11 KB
11 KB 59ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=y9MaZ2kysatRTgIoZYWcMJ4C
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28948740
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10911
expires: Sun, 16 Oct 2022 09:02:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9636 0
99 B 74ms
20ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=Tb9D25b9tt7KagrJVdhvWR1jvXFPWPN8btjrLffKIG5E4bHy74HS267jZ3-gA65Z2RN_Svxt6iKQ3yZxiNzn_r-9pktmM5S-4o1y7iwuCCxZUnsUJhyODVphwdd7VTB4R3GkIZc8HYqzlRU5sWc4XJ-o4WZqiaaZy9KaMOBfV1g4ju_zIAtgMJZ5-b299gwo2IsixgpF0z46NgG3qsTD826eMFJy2Em0fLQCA90TBvq1y_WPu1ERQFB2vFOh18jzo0JopQ&sds=2&rev=79295.5&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 15 Nov 2021 07:43:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9636 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9636 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame 62EE 0
803 B 15ms
15ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1636962230&bdh=ZEXJylStbYlfGIi0LvwZHZ0geAs.&&bdref=https%3A%2F%2Fm.dir.bg%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fm.dir.bg%2F,https%3A%2F%2Flikevertising.com%2Fstats%3Fi%3Dor4a09mbyy4djkim55%26a%3D1a4b5c1837eb943f929239dccfd3a9209%26cb%3D6680681636962229653,https%3A%2F%2Flikevertising.com%2Fstats%3Fi%3Dor4a09mbyy4djkim55%26a%3D1a4b5c1837eb943f929239dccfd3a9209%26cb%3D6680681636962229653&&id=17929237

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=17929237

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:50 GMT
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 781aafc9-4aba-4d1a-a6b0-8df1c5073c9b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0384 32 KB
10 KB 8ms
8ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e082294630f01fe8c1754f194c9ab266daf508bdd6353949cadf922f6396301e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33530
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Mon, 15 Nov 2021 17:02:40 GMT

GET
H2 200 AdDisplayTrackerServlet Show response
aktrack.pubmatic.com/AdServer/ Frame 9D73 0
61 B 8ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=155495&siteId=639493&adId=2503544&adType=3&adServerId=165&kefact=0.500000&kaxefact=0.500000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1636962230&indirectAdId=2259498&adServerOptimizerId=1&ranreq=0.6379271575918886&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=30&svr=ADS23001U&adsver=_3010998657&adsabzcid=0&cls=ADS&ekefact=tg-SYaGgCAD4O1OR8_moXR75A98z6LsnMaI4PTdZEUA-kgLc&ekaxefact=tg-SYbGgCAD-ZrRGBeE26yOTnxwh1avIeB5Tb0GfQM-vnQt8&ekpbmtpfact=tg-SYcCgCADRo50jQSCD_hvSUday0XIRdvheICOOEInr6U8X&enpp=tg-SYc6gCADjSsPgnSmYkXCn5jkk6CiW3HdepQ5a5iOggA8F&pfi=1&dc=lhr19&crID=0&campaignId=0&isRTB=0&imprId=97A4D5EB-4722-4E29-A341-9C8180105F84&oid=97A4D5EB-4722-4E29-A341-9C8180105F84&cntryId=58&domain=m.dir.bg&sec=1&pmc=0&pAuSt=2&wops=0&sURL=m.dir.bg&BrID=5
Requested by: Host: likevertising.com
URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=1a4b5c1837eb943f929239dccfd3a9209&cb=6680681636962229653
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/

Response headers

content-type: text/html
content-length: 0
date: Mon, 15 Nov 2021 07:43:50 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2F53 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy_small.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2F53 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2F53 308 B
608 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/close_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 2F53 507 B
807 B 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/back_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 2F53 0
461 B 37ms
37ms Image
text/plain 2600:9000:2156:1a00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1636962229
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 5uzzBuFuGUKYXY2-YQbFILUrmyERNbtoS3b5m5fGtHjQeJwAmZUMHw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 2F53 43 B
344 B 18ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zVaAwdDPbZHdGywNkgsFl-YxIqU-lajydbClEBSR7gGT0W3QKSuSpKyof7N7Qg_jeg2wSf5xQ5dIor2nN8_GZbesI38hixPOGLn4dG3p4neV_hlaReGhRcidIYZ_J13txe2ehPgWpxgLcEoGvl9MPAbhjEuU_w9kowiirkbLNSHjuvQLd4f_tqPAyanA-zyzAVJueAG1SRChx28tBuywfhu80PYmSPLnxGntSdSJI1Lg1nDJen7JtgF0nYwF2bz_kMixTbqFgid6zBNpdUAqjUA-hK2Y9VHDijybDQNJjby2Mrnp3HHPIQYJrzlcUYJna_OeYDFBCizXda1ieuLknw6j4afaSfWNVQBRd8b7VdZSzygni8W7-bxLJ8pV5PnCI043AiDZ-JB2KaDbpNvxZIUN2h1V0j_cOFe3XwI9VDvUrP8zriGs6JbobaYOse5dqR9eqg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9018
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/ Frame 4ABA 0
145 B 119ms
30ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/postback?oz_pl=1&si=298198&ap=&dm=15&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000&di=likevertising.com&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&ci=873648&_x=1
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=298198&di=likevertising.com&ap=&dm=15&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Nov 2021 07:43:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.rubiconproject.com/2/2.38.2/ Frame 4ABA 153 KB
47 KB 29ms
29ms Script
text/javascript 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.rubiconproject.com/2/2.38.2/main.js

Requested by

Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=298198&di=likevertising.com&ap=&dm=15&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-43-221.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e5434c4b2edd5290ce5898f2a23f9de3024a10d4d1ba621daab1bb274520eb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:50 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 48133
Expires: Thu, 24 Jul 2053 09:29:40 GMT

GET
H2 200 dis.aspx Show response
widget.nl.eu.criteo.com/dis/ Frame 7954 6 KB
3 KB 19ms
19ms Document
text/html 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=7944&cb=61920fb5f728d2a64e83c2573c3c0513
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 6dbbd0dd3d38c1f0a7d46b8ed0fb11fb1e15acd60858d0cb8b444da444411ae4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: text/html
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
timing-allow-origin: *
server-processing-duration-in-ticks: 6509807
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2F53 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/animejs/animejs.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2F53 11 KB
11 KB 16ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=y9MaZ2kysatRTgIoZYWcMJ4C
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28948740
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10911
expires: Sun, 16 Oct 2022 09:02:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2F53 0
99 B 22ms
22ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=M8_s2Zb9tt7KagrJ-UeYeDGU-U4df79eI-8zdD7vHojgeedbjh4-uZ6wxbCwCmpKy0hGZJgz96DmEiqwOLTqmj6t-tq5PmOvBcRjGE4gOj9t7k-0-avODtr7M0WONG6v7OzJorpcc7T_2-VUFF7XS5oLCTI88lhy2aKUqdqK_WiS4ICgS8KE1h3w61nV_TsKcd4YfhSktkYwoCWoOYTrLXZ7azZej0_LkobsU1Igng08bCgjylAdGlxnPTX-1bqMfwbH-g&sds=2&rev=79295.5&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 15 Nov 2021 07:43:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2F53 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2F53 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Nov 2022 07:43:50 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/ Frame 4ABA 0
145 B 30ms
30ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/postback?oz_pl=1&si=298198&ap=&dm=15&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000&di=likevertising.com&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&ci=873648&_x=1
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=298198&di=likevertising.com&ap=&dm=15&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Nov 2021 07:43:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/ Frame 4ABA 0
145 B 43ms
30ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/postback?si=298198&ap=&dm=15&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000&di=likevertising.com&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&ci=873648&sid=AObg92UBEPdll0zZ&oz_sc=4ff0da59c037d247d0280bc9&oz_df=1636962231024&oz_l=216&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.38.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Nov 2021 07:43:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET receive
pixel.tapad.com/idsync/ex/ Frame 0D74 0
0

GET sync
gum.criteo.com/ Frame 0D74 0
0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0D74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1sQnMtWDBGZFY0TXB3X3Exa3BocHl6NVBRdjhKYmx3ZHAxRmZtZw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
341 B

15ms
15ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by: Host: likevertising.com
URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=3f365a130536d068c3dd8aedaf5efba05&cb=2147061636962229651
Protocol: H2
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:50 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 154842
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
partner.mediawallahscript.com/ Frame 0D74 0
0

GET m
cm.mgid.com/ Frame 0D74 0
0

GET cookie-sync
sync.outbrain.com/ Frame 0D74 0
0

GET v1
ads.yahoo.com/cms/ Frame 0D74 0
0

GET spp.pl
sp.analytics.yahoo.com/ Frame 0D74 0
0

GET sync
ups.analytics.yahoo.com/ups/58301/ Frame 0D74 0
0

GET t.gif
cw.addthis.com/ Frame 0D74 0
0

GET tap.php
pixel.rubiconproject.com/ Frame 0D74 0
0

GET setuid
secure.adnxs.com/ Frame 0D74 0
0

GET sync
x.bidswitch.net/ Frame 0D74 0
0

GET pixelCt.tpmn
ad.tpmn.co.kr/ Frame 0D74 0
0

GET Pug
simage2.pubmatic.com/AdServer/ Frame 0D74 0
0

GET Criteo
crb.kargo.com/api/v1/dsync/ Frame 0D74 0
0

GET k-Tqxy7kFdV4Mpw_q1kphpyz5PQv98lDhB0oROYA
an.yandex.ru/mapuid/criteois/ Frame 0D74 0
0

GET xuid
eb2.3lift.com/ Frame 0D74 0
0

GET rum
r.casalemedia.com/ Frame 0D74 0
0

GET cksync.php
contextual.media.net/ Frame 0D74 0
0

GET /
s.ad.smaato.net/c/ Frame 0D74 0
0

GET
H2 200 sync
ad.as.amanad.adtdp.com/v1/ Frame 0D74 42 B
845 B 294ms
255ms Image
image/gif 143.204.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=k-xvys9UFdV4Mpw_q1kphpyz5PQv80QOObtjv-XA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-69.fra50.r.cloudfront.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:51 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-trace-id: Root=1-00000000-000000000000000000000000
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 42
x-amz-cf-id: 3NbTm1M9tSrPijs2BQVfvZkrMzqJfCEUdeTa90_WDerw8Ex2CvE7Aw==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET /
rtb-csync.smartadserver.com/redir/ Frame 0D74 0
0

GET pixel_sync
trends.revcontent.com/cm/ Frame 0D74 0
0

GET /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0D74 0
0

GET sync
x.bidswitch.net/ Frame 0D74 0
0

GET seg
secure.adnxs.com/ Frame 0D74 0
0

GET Pug
simage2.pubmatic.com/AdServer/ Frame 0D74 0
0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E9EF 77 KB
26 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: likevertising.com
URL: https://likevertising.com/stats?i=or4a09mbyy4djkim55&a=1e6afb65dbb2642c13614239d0724d071&cb=3391741636962229648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1044 / 428 of 1000 / last-modified: 1636758328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26742
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Nov 2021 07:43:51 GMT

GET
BLOB 200
OK 5b6d2dc0-4b54-4379-8f3a-1c31a8c7fa8e
https://likevertising.com/ Frame 0CB5 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://likevertising.com/5b6d2dc0-4b54-4379-8f3a-1c31a8c7fa8e
Requested by: Host: likevertising.com
URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=3f365a130536d068c3dd8aedaf5efba05&cb=2147061636962229651
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H2 200 pubads_impl_2021110901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E9EF 344 KB
116 KB 21ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://likevertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 118212
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:34:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Nov 2021 07:43:51 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/ Frame 4ABA 0
145 B 33ms
32ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/postback?si=298198&ap=&dm=15&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000&di=likevertising.com&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&ci=873648&sid=AObg92UBEPdll0zZ&oz_sc=4ff0da59c037d247d0280bc9&oz_df=1636962231208&oz_l=6056&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.38.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Nov 2021 07:43:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET sync
x.bidswitch.net/ Frame 0D74 0
0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame FE81
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW0D1OP6-19-KDIP&sigv=1&esig=2~3aed081e62dc38e60b2bf94d91d328215db61005

0
19 B

8ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW0D1OP6-19-KDIP&sigv=1&esig=2~3aed081e62dc38e60b2bf94d91d328215db61005

Protocol

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:51 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW0D1OP6-19-KDIP&sigv=1&esig=2~3aed081e62dc38e60b2bf94d91d328215db61005
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame FE81 0
0 31ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FE81
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1cwRDFPUDYtMTktS0RJUA==

170 B
243 B

17ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1cwRDFPUDYtMTktS0RJUA==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1cwRDFPUDYtMTktS0RJUA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FE81
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&expires=28

0
239 B

27ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&expires=28
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Date: Mon, 15 Nov 2021 07:43:51 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Nov 2021 07:43:50 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FE81
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZIPtgAEu8MLRgBG

0
239 B

28ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZIPtgAEu8MLRgBG
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636962231.254103,VS0,VE0
x-served-by: cache-fra19158-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZIPtgAEu8MLRgBG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FE81
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTIwYjU5MzEwOWM1MTYzYmJjNTc1NTdhYjgyYTMwYWQyZGU2ZTBmYw

170 B
232 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTIwYjU5MzEwOWM1MTYzYmJjNTc1NTdhYjgyYTMwYWQyZGU2ZTBmYw

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTIwYjU5MzEwOWM1MTYzYmJjNTc1NTdhYjgyYTMwYWQyZGU2ZTBmYw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FE81
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMGpiM_sVIyLVehoCd41lNI&google_cver=1

0
239 B

24ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMGpiM_sVIyLVehoCd41lNI&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMGpiM_sVIyLVehoCd41lNI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FE81
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/lFZ61MWQ0RGx1-Rue7_IUcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8311828770487584843

0
239 B

7ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8311828770487584843
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Mon, 15 Nov 2021 07:43:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8311828770487584843
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET t.gif
cw.addthis.com/ Frame 0D74 0
0

GET
DATA 200
OK truncated Show response
/ Frame 3AE5 13 B
13 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/ Frame 4ABA 0
145 B 31ms
30ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/postback?si=298198&ap=&dm=15&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000&di=likevertising.com&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&ci=873648&sid=AObg92UBEPdll0zZ&oz_sc=4ff0da59c037d247d0280bc9&oz_df=1636962231370&oz_l=1972&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.38.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Nov 2021 07:43:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame A2B8 0
827 B 75ms
74ms Ping
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fm.dir.bg%2F&e=wqT_3QKNCvBMDQUAAAMA1gAFAQi1n8iMBhC2gpygyPGk3ksYva3TjrDVv_Y4KjYJc51GWipvpz8RGfy7RuQenz8ZAAAA4KNwAUAhGfy7RuQenz8pc50JJPCwMQAAACCF6-E_MOz1wwg4mFBAyk5IAlCT_PlmWJuzfGAAaNSusQF4hZAFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2MzY5NjIyMjkpO3VmKCdpJywgNDEyNjE2OSwgMTYzNjk2MjIyOSk7dWYoJ2cnLCAxMTQ5Mzg4NywgMTYzNjk2GTswcicsIDIxNTkwNzg1OTZaAPQFAZIC8QMhNjJJMmp3akZpSTBURUpQOC1XWVlBQ0NiczN3d0FEZ0FRQUJJeWs1UTdQWERDRmdBWUlVR2FBQndBSGdBZ0FFQWlBRUFrQUVBbUFFQW9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxa1A4RUJHaVh6a290dnB6X0pBUUFBQUFBQUFQQV8yUUdDSEpRdzBfYnJQLUFCMmV2N0FmVUJDdGNqUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6RTZORE01Ti1BRDlDeUFCSnU5MlFPSUJKeTkyUU9RQkFDWUJBR2dCQlRCQkFBQUEBiBBBQUF5URGVJEFBQU5nRUFQRUUBCwkBMENJQmEwaXFRV0NISlEJrAg3RUYJHAEBQERCQlhzVXJrZmhlcVFfeVFVARUYQUFBRHdQOTIoAARaQhFn8ENQQV80QVhoSV9BRl84TzlCZmdGc3BxVUFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2cEQtb0JnU3lCaVFKQQFjCQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFpeGM1bEE29QFAbTdOOElBQW9BREY3Rks1SDQhuXx6b0pRVTFUTVRvME16azNRUFFzU1lJY2xERFQ5dXNfVRHNDEFBQVcdDABZHQwAYR0MAGMdDBBlQUNKQREQ8MJQQV_YAgDgApuFTuoCEWh0dHBzOi8vbS5kaXIuYmcvgAMAiAMBkAMAmAMZoAMBqgMAwAOsAsgDANgD2tUo4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDTkxLjE5OS4xMTguNzaoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA8xMDA1OCNBTVMxOjQzOTfaBAIIAeAEAPAEk_z5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAABDHgAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGCSMo8D_QBrsz2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIABgJtjC5BkAAyAeFkAXSBw0JEToBOAjaBwYJJzDgBwDqBwIIAPAHopAD&s=e29d5780111176697f7b0109097efe3f1d06c3c0&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=5074730611849716656&vd=ct~0|rr~5&sv=221&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=17890028&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 07:43:51 GMT
X-Proxy-Origin: 91.199.118.76; 91.199.118.76; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2b33d04e-0ce0-4259-8b38-f57f1d259938
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://likevertising.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/ Frame 4ABA 0
145 B 30ms
30ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/postback?si=298198&ap=&dm=15&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000&di=likevertising.com&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&ci=873648&sid=AObg92UBEPdll0zZ&oz_sc=4ff0da59c037d247d0280bc9&oz_df=1636962231526&oz_l=1200&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.38.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Nov 2021 07:43:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame F318 0
150 B 34ms
12ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=95525100042453501467939011779020&a=5767fda8&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fm.dir.bg%2F&ancestorOrigins=https%3A%2F%2Fm.dir.bg&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:m.dir.bg&redirectClick=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3Fc51GWipvpz8Z_LtG5B6fPwAAAOCjcAFAGfy7RuQenz9znUZaKm-nPzYBB4SMk7xLvdbUAav-7Di1D5JhAAAAAOz6EAEYKAAASicAAAIAAAATft4MmxkfAAAAAABVU0QARVVSACwB-gBUVwAAAAABAgUCAAAAANgA1yMwfAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixc5lAjFiI0TEJP8-WYYm7N8IAAoADF7FK5H4XqkPzoJQU1TMTo0Mzk3QPQsSYIclDDT9us_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMTo0Mzk3%2Fbn%3D83973%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
BLOB 200
OK 7ef426c3-694a-45c2-909a-9c6e5e1132a4
https://likevertising.com/ Frame 4ABA 795 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://likevertising.com/7ef426c3-694a-45c2-909a-9c6e5e1132a4
Requested by: Host: likevertising.com
URL: https://likevertising.com/count?i=or4a09mbyy4djkim55&a=3f365a130536d068c3dd8aedaf5efba05&cb=2147061636962229651
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a20b1f6d32a4479511617a127cd395ac7a6f045d921ca79f6ad5bb51bf4fafc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 795

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/ Frame 4ABA 0
145 B 30ms
30ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/postback?si=298198&ap=&dm=15&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000&di=likevertising.com&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&ci=873648&sid=AObg92UBEPdll0zZ&oz_sc=4ff0da59c037d247d0280bc9&oz_df=1636962231688&oz_l=1174&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.38.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Nov 2021 07:43:51 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame D6E4 0
150 B 34ms
12ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=12152000042454901649441011779020&a=01cc7527&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1d7e4600d0b2NJcpt4NLkd0VjHXfObInhczs5WxKnyQHnWcoOMydB50SyvmCm0lfV_YX_FYByxmYOy0IW9wA38FJi0mCmvlb0vFg8HmXmp0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=95525100042453501467939011779020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fptbqbu5u5lgws38%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 07:43:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 all
csm.eu.criteo.net/ Frame 9636 0
99 B 20ms
20ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=Tb9D25b9tt7KagrJVdhvWR1jvXFPWPN8btjrLffKIG5E4bHy74HS267jZ3-gA65Z2RN_Svxt6iKQ3yZxiNzn_r-9pktmM5S-4o1y7iwuCCxZUnsUJhyODVphwdd7VTB4R3GkIZc8HYqzlRU5sWc4XJ-o4WZqiaaZy9KaMOBfV1g4ju_zIAtgMJZ5-b299gwo2IsixgpF0z46NgG3qsTD826eMFJy2Em0fLQCA90TBvq1y_WPu1ERQFB2vFOh18jzo0JopQ&sds=2&rev=79295.5&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=B487125EFAA30D21&u=%7CFOQa5rU5%2B8YW9GyCjowjxXAhrOn1bSIQVV2mJS74PNU%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqreeP7UeLgZPHT9X9J7oRurh8fI7PbiIbJ2-mKDIkUnojfRKh1almRXqdzQ2GS0qifdCdxzpEXculRzfjyI2kBhoqbUdgjiM2CWtnvQx9niADa91uemrCRLiOOPPb5GyuVVfc5X_cNc4b-0e-1QKLBgN9NdO9sovprhJao13SqHXgL6YB7nqDAyAXhnIag7WdCol4cU1fCBlqgZTGZxZ9zOWMIpIFMEh4XvVlqd-JdENP2DnYQoY6cqJeX4C0-ijOfX6k0Lwe-qklSlUqD460QRLbUHRZ0bw73D4hjOrZocwVkEwob_CJTADhMb_3PikdAJ_kBpfrfDNQ_kghgOQ6pImUEIwyDqai0QW0KyYmQqdPlQeXJjkfU5D0SRcU7_iklcstCL2UeMf6cWYJJschP4QofBqtH67PFOJwlY2HCnSCbzFHmic9Rx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 15 Nov 2021 07:43:51 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/ Frame 4ABA 0
145 B 32ms
32ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.38.2/873648/AObg92UBEPdll0zZ/postback?si=298198&ap=&dm=15&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000&di=likevertising.com&pi=1500018&ti=dbe69c68-3429-4671-a039-2dc8bbcd613c&ci=873648&sid=AObg92UBEPdll0zZ&oz_sc=4ff0da59c037d247d0280bc9&oz_df=1636962231851&oz_l=2888&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.38.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Nov 2021 07:43:51 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 /
adx.adform.net/adx/unload/ Frame A980 35 B
490 B 18ms
18ms Ping
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1636962231902

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://likevertising.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 07:43:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://likevertising.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 all
csm.eu.criteo.net/ Frame 2F53 0
99 B 20ms
20ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=M8_s2Zb9tt7KagrJ-UeYeDGU-U4df79eI-8zdD7vHojgeedbjh4-uZ6wxbCwCmpKy0hGZJgz96DmEiqwOLTqmj6t-tq5PmOvBcRjGE4gOj9t7k-0-avODtr7M0WONG6v7OzJorpcc7T_2-VUFF7XS5oLCTI88lhy2aKUqdqK_WiS4ICgS8KE1h3w61nV_TsKcd4YfhSktkYwoCWoOYTrLXZ7azZej0_LkobsU1Igng08bCgjylAdGlxnPTX-1bqMfwbH-g&sds=2&rev=79295.5&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=95050CDA31D3E484&u=%7CFOQa5rU5%2B8afMKIJ9ZWa80jlc0KPzDny9zLKqpMf26o%3D%7C&c1=glLBMxGOcDkVeXb5sc-R1zOKyjdREGFRMh3rl7nxjt-pc4Izn_1OyUXyHLKqzjaQjIt7CqKZYQDzQAb_pXaIY70GHGmOZLf2lxD_V5stfqpCcycUQp8y9VxDHlMcF8wpy7GwkZxOlb8UOun6Cxb-xmQsDHNlNC-olikzzzumDa-fw6ImLdKiuXyDSz3qGuIHIDeGpz92bboUDyQ15s26T7FQdGqy3x_XGKjD9zw2n0SSGR4lUdpOMnW-wDDdW0rb9tatSgJEMiTUEkKdhmde6nSyjImPEvdccjf58y_LUQ0I4wCi2bjAs_Rjqntx_exONQ-sIT_9IRKRrq_1x3-4pZu8hdVzF9x5bsLcUCgu5rkj-9V9s_N459c_c9WGLD7pny6sS9vAHfEqDBQpHNvT-XchSHRq4Osv0pnGiBnCiOf0VtTcLjWNm4aoq6Nap_P6DmOIIio2oh30ob7AycPTyZUUKMKYVEFXakX96eyG_5RfJwUj5ZrmsrazH-IQ6CC4rAWGbCxwkzV8tuZbHExOTNc4qwIHpztL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 15 Nov 2021 07:43:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame F780 0
260 B 55ms
13ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:51 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 44B9 0
39 B 17ms
17ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23994386&p=155495&s=639493&a=2503544&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:53 GMT
content-length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 835A 1 KB
2 KB 18ms
17ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31317076&p=156383&s=638919&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: bf07ca996b259956d34c15f0fca0d7cad3ba55a820923ff12a5d9842f9b37419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1202
content-type: text/html; charset=UTF-8

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame C89E
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f1f5198-6b5d-4582-be5d-07d965d8a6f0-tuct88b9537&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
148 B

37ms
17ms

Document
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f1f5198-6b5d-4582-be5d-07d965d8a6f0-tuct88b9537&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Mon, 15 Nov 2021 07:43:53 GMT
via: 1.1 varnish
x-served-by: cache-fra19149-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1636962234.954496,VS0,VE10
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f1f5198-6b5d-4582-be5d-07d965d8a6f0-tuct88b9537&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Mon, 15 Nov 2021 07:43:53 GMT
via: 1.1 varnish
x-served-by: cache-fra19145-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1636962234.918800,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 44C9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HhXHlPTX1MMwEF5&gdpr=0&gdpr_consent=

42 B
387 B

18ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HhXHlPTX1MMwEF5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:53 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug017:0:476
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Mon, 15 Nov 2021 07:43:53 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HhXHlPTX1MMwEF5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame 1289 0
114 B 301ms
97ms Document
text/plain 38.27.122.158
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 15 Nov 2021 07:43:54 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E8CC
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C25119B56AA41669D5F6B0E5A3DCA5D

1 B
146 B

17ms
17ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C25119B56AA41669D5F6B0E5A3DCA5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:53 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug009:0:396
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Mon, 15 Nov 2021 07:43:53 GMT
content-type: text/html
content-length: 138
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C25119B56AA41669D5F6B0E5A3DCA5D
expires: Sun, 14 Nov 2021 07:43:53 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3685
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zk9UW_38RNFc7WWnQOZVWlvHdkw

42 B
371 B

18ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zk9UW_38RNFc7WWnQOZVWlvHdkw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 15 Nov 2021 07:43:54 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug012:0:431
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Mon, 15 Nov 2021 07:43:54 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zk9UW_38RNFc7WWnQOZVWlvHdkw
Content-Length: 159
Connection: keep-alive

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 835A
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c8568d1b-45e7-11ec-b40a-db78886add51&gdpr=0&gdpr_consent=

1 B
372 B

18ms
17ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c8568d1b-45e7-11ec-b40a-db78886add51&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 07:43:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:505
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c8568d1b-45e7-11ec-b40a-db78886add51&gdpr=0&gdpr_consent=
Date: Mon, 15 Nov 2021 07:43:53 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: c8568d1c-45e7-11ec-b40a-db78886add51

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg

Domain: gum.criteo.com
URL: https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40

Domain: partner.mediawallahscript.com
URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg&custom=&tag_format=img&tag_action=sync&custom=&cb=481cf89f-889a-4f6a-a135-2056b5e66091

Domain: cm.mgid.com
URL: https://cm.mgid.com/m?cdsp=617660&c=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-IWKIa0FdV4Mpw_q1kphpyz5PQv_oQ6iN0hYYCg

Domain: ads.yahoo.com
URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Domain: sp.analytics.yahoo.com
URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k--H2u0UFdV4Mpw_q1kphpyz5PQv80UNeywMAlUw

Domain: cw.addthis.com
URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5mKjlUFdV4Mpw_q1kphpyz5PQv9i1_0LCem_lw&expires=30

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/setuid?entity=52&code=k-2sFWPUFdV4Mpw_q1kphpyz5PQv_y_BJB3_XVvw&seg=95287

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-2sFWPUFdV4Mpw_q1kphpyz5PQv_y_BJB3_XVvw&expires=30&user_group=5

Domain: ad.tpmn.co.kr
URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-oWfhMkFdV4Mpw_q1kphpyz5PQv_HFKoxFXX0eA

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-BtwsTUFdV4Mpw_q1kphpyz5PQv_1moswSlGiHA

Domain: crb.kargo.com
URL: https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg

Domain: an.yandex.ru
URL: https://an.yandex.ru/mapuid/criteois/k-Tqxy7kFdV4Mpw_q1kphpyz5PQv98lDhB0oROYA

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-wFR700FdV4Mpw_q1kphpyz5PQv-nsDOIS4KpKw&dongle=013b

Domain: r.casalemedia.com
URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-I7_VtEFdV4Mpw_q1kphpyz5PQv8-yg7z8et3vg

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-W0k5PUFdV4Mpw_q1kphpyz5PQv9XHVJsShQCjA

Domain: s.ad.smaato.net
URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ucgIy0FdV4Mpw_q1kphpyz5PQv_ojLeYlApB2A

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-hnbqgkFdV4Mpw_q1kphpyz5PQv-EqPpaefjYrg

Domain: trends.revcontent.com
URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-EfNZNkFdV4Mpw_q1kphpyz5PQv-Wt3vGyr97Rg

Domain: sync-t1.taboola.com
URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-prq-d0FdV4Mpw_q1kphpyz5PQv-rfI_FQcG-oA

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-QlDf10FdV4Mpw_q1kphpyz5PQv_NOawQYjBPPA&expires=30&user_group=5

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:k-BtwsTUFdV4Mpw_q1kphpyz5PQv_1moswSlGiHA

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-5mKjlUFdV4Mpw_q1kphpyz5PQv9i1_0LCem_lw&expires=30

Domain: cw.addthis.com
URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-5mKjlUFdV4Mpw_q1kphpyz5PQv9i1_0LCem_lw

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

158 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dir.bg/	1970-01-19 22:42:43	Name: __io_d Value: 1_506885243
m.dir.bg/	1970-01-20 07:28:18	Name: __io_lv Value: 1636962228687
m.dir.bg/	1970-01-20 07:28:18	Name: __io Value: ac2856c09.6871f1dca_1636962228687
.dir.bg/	1970-01-19 22:42:44	Name: __io_session_id Value: 3b4147fe3.aae8f9f3b_1636962228688
.dir.bg/	1970-01-19 22:42:43	Name: __io_nav_state25984 Value: %7B%22current%22%3A%22%2Fobshtestvo%2Fd-r-dencheva-patsientite-s-kovid-pristigat-v-nepredvidimo-sastoyanie%22%2C%22currentDomain%22%3A%22dnes.dir.bg%22%2C%22previousDomain%22%3A%22%22%7D
m.dir.bg/	1970-01-20 07:28:18	Name: __io_unique_25984 Value: 15
m.dir.bg/	1970-01-19 22:42:43	Name: __io_visit_25984 Value: 1
.dir.bg/	1970-01-19 22:42:49	Name: XSRF-TOKEN Value: eyJpdiI6IkZcLzRBRmFsbmw1NWNYZHR6cDJ5SndBPT0iLCJ2YWx1ZSI6ImozbFlPRWJsVlNPVFwvcHFweTdrVWFGZXQ1b21BRk4rdTBseXZlMlF4QVYweXkwV2RTVFJhdVdPc0VDNmJWMlRXRmxNM2gxZFh5N0JYMXBwYnV5U1YrZz09IiwibWFjIjoiMDRiYjY0NmUzYjI4YWM0ZTQ2YmUwOWNlOTBiZWNhNjg2N2Q1OTUzYmIxMjcxNDhkNzI1MGRjODg5ZTI3MmQ5YSJ9
.dir.bg/	1970-01-19 22:42:49	Name: dir_session Value: eyJpdiI6IkR1cStmZzVwZG9xSkRTOXQrQU1XZlE9PSIsInZhbHVlIjoiSjFjRlVWZStDQUZiUWNDRDh6NWs5c2I1bHpnRUNZYWRWQTJkRldUblBqSTJRY1N0WXBvWStTektpZFozcm16SjhyVGxcLzJvWXdjTjZBTlFZQldoU0h3PT0iLCJtYWMiOiIzMGJlMWNjYjBlZGIzMTc5NmQ2ZTFhOTdmZTI4NWIwMjY4MTQ2MDRlOGZlYjI3MGFlMjFlYjI3Y2M0ZWJiNmMzIn0%3D
.dir.bg/	1970-01-20 16:13:54	Name: _ga Value: GA1.2.529222093.1636962229
.dir.bg/	1970-01-19 22:44:08	Name: _gid Value: GA1.2.1706703756.1636962229
.dir.bg/	1970-01-19 22:42:42	Name: _gat_UA-436010-38 Value: 1
.dir.bg/	1970-01-19 22:42:42	Name: _gat_UA-436010-11 Value: 1
.dir.bg/	1970-01-20 08:11:30	Name: __gfp_64b Value: WSrHo5BwC7H2QJLgf5iigPhiRMfPP5d8vb7HpP29_Tz.N7\|1636962228
.dir.bg/	1970-01-20 00:52:18	Name: _fbp Value: fb.1.1636962228901.1052509176
.hit.gemius.pl/	1970-01-20 08:11:30	Name: Gtest Value: KlQ-uRGGQMQG8y7Ervx38naissGMXP8c25nSGDUR9xS8XBG.
.hit.gemius.pl/	1970-01-20 08:11:30	Name: Gdyn Value: KlGdqRXGQMQG8y7Ervx38naissGMXP8c25nSGDUR9xS8FRxSG7RrGS6GtoGBFlMMYH7hRjBGqSRxSG8.
.dir.bg/	1970-01-20 08:04:18	Name: gdpr-auditId Value: 58c3e89a9af748abae5434da28da374d
.privacymanager.io/	1970-01-20 08:04:18	Name: gdpr-auditId Value: 58c3e89a9af748abae5434da28da374d
.privacymanager.io/	1970-01-20 08:04:18	Name: addtl_consent Value: undefined
.dir.bg/	1970-01-19 22:44:08	Name: geo-location Value: {"country":"DE","region":"HE"}
.privacymanager.io/	1970-01-19 22:44:08	Name: geo-location Value: {"country":"DE","region":"HE"}
.doubleclick.net/	1970-01-20 16:13:54	Name: IDE Value: AHWqTUnl67SuxbZqlmBy0h1peQxIGuZcefaNV-P5xwwligJWXyerHoY6E-oUEtgH71M
.dir.bg/	1970-01-20 08:04:18	Name: __gads Value: ID=8c137d630c112a23:T=1636962228:S=ALNI_MYK1WW-yvs1S6CL33e9TJ35ZH_spg
likevertising.com/	1970-01-19 22:45:35	Name: SSID Value: f61cf393c01ad34625229cd56338a1a676475b50
.adnxs.com/	1970-01-20 00:52:18	Name: uuid2 Value: 4101933371051267773
.doubleclick.net/	1970-01-19 22:42:45	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 00:52:18	Name: icu Value: ChgIme5iEAoYASABKAEwtp_IjAY4AUABSAEQtp_IjAYYAA..
.zeotap.com/	1970-01-20 07:28:18	Name: zc Value: f8a89c8e-3b5f-4299-4cdc-14b37a2d8f46
.zeotap.com/	1970-01-19 22:44:08	Name: zsc Value: %7D%E6%D2%89%BA%04%F8%81ow%CF5%EA%DC%84%3A%02%FF%28%B3%0C%F1%E6%18x%E3%11%25%D3%AAY%C7%1C%9F%9B%A4-%81x%D4%E7%8C%08%9E%C9hte.%9B%D7V%A8B%A5%DE%CA%FC%96%07%60f%BD+_%B63%B1%FF%5C%AB%C1%E2%BA%D4%8F%BA%D6E%B3%7D%D7w%E0%22%E5%F4%09%89%03%FA%0D%2A%9B%14%98%CAG%94w
.id5-sync.com/	1970-01-19 22:42:42	Name: cf Value:
.id5-sync.com/	1970-01-19 22:42:42	Name: cip Value:
.id5-sync.com/	1970-01-19 22:42:42	Name: cnac Value:
.id5-sync.com/	1970-01-19 22:42:42	Name: car Value:
.id5-sync.com/	1970-01-19 22:42:42	Name: gdpr Value:
.id5-sync.com/	1970-01-19 22:42:42	Name: id5 Value: d8530246-e894-49e6-944c-ba1a00f61a47#1636962224395#1
.id5-sync.com/	1970-01-19 22:42:42	Name: callback Value:
.adform.net/	1970-01-19 23:25:54	Name: C Value: 1
.adsrvr.org/	1970-01-20 07:28:18	Name: TDID Value: 8efd733c-417c-42b5-a902-85f0ecfda817
.adform.net/	1970-01-20 00:09:06	Name: uid Value: 5590461365333053461
.ad-srv.net/	1970-01-20 00:52:18	Name: u8x7eovwf3h6_uid Value: e622e0d2883bb0a4
.agkn.com/	1970-01-20 07:28:18	Name: ab Value: 0001%3AmfDFFH%2Ffwgfdl0trG4QEO9uetchxYqwG
.pubmatic.com/	1970-01-20 00:52:18	Name: KADUSERCOOKIE Value: 2FF1D2C2-919A-4F06-B567-4FC48FF68EC2
.pubmatic.com/	1970-01-20 00:52:18	Name: DPSync3 Value: 1638144000%3A201_197_219%7C1637020800%3A174
.pubmatic.com/	1970-01-20 00:52:18	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 00:52:18	Name: pp Value: 156383
.pubmatic.com/	1970-01-19 22:44:08	Name: PMDTSHR Value: cat:
.rubiconproject.com/	1970-01-20 07:28:18	Name: khaos Value: KW0D1OP6-19-KDIP
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3IXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx
.demdex.net/	1970-01-20 03:01:54	Name: demdex Value: 39692177400187621883186628633934710719
.quantserve.com/	1970-01-20 00:52:18	Name: d Value: ELkBCwHdJPijAA
.quantserve.com/	1970-01-20 08:12:56	Name: mc Value: 61920fb6-6a89b-8e2d9-c2141
.adfarm1.adition.com/	1970-01-20 00:52:18	Name: UserID1 Value: 7030699242646075534
.cpx.to/	1970-01-20 07:28:18	Name: cpSess Value: 6e135095f5f8984b
.bidswitch.net/	1970-01-20 07:28:18	Name: tuuid Value: 54b91606-4a77-4a4e-a0c9-51d8066aaebb
.bidswitch.net/	1970-01-20 07:28:18	Name: c Value: 1636962230
.bidswitch.net/	1970-01-20 07:28:18	Name: tuuid_lu Value: 1636962230
.dpm.demdex.net/	1970-01-20 03:01:54	Name: dpm Value: 39692177400187621883186628633934710719
.mathtag.com/	1970-01-20 08:08:37	Name: uuid Value: 322f6192-0fb6-4a00-b8d3-ff32c12a0d3d
.erne.co/	1970-01-20 07:28:18	Name: u Value: oLq87Hac10nbxDYfIhaNX0fP
.onaudience.com/	1970-01-20 07:28:18	Name: cookie Value: 6fa5f400d405f827
.onaudience.com/	1970-01-19 22:44:08	Name: done_redirects104 Value: 1
.simpli.fi/	1970-01-20 07:29:44	Name: suid Value: 5C25119B56AA41669D5F6B0E5A3DCA5D
.de17a.com/	1970-01-20 07:21:06	Name: guid2 Value: 1.6343099854596445264
.ad-srv.net/	1970-01-20 00:52:18	Name: v0rur7gqspb3_uid Value: d828ff8dc0b568f9
.1rx.io/	1970-01-20 07:28:18	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003%22%7D
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_1101 Value: 23040-7030699242646075534
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_377 Value: 6810-8efd733c-417c-42b5-a902-85f0ecfda817&KRTB&22918-8efd733c-417c-42b5-a902-85f0ecfda817&KRTB&23031-8efd733c-417c-42b5-a902-85f0ecfda817
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_27 Value: 16735-uid:322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&KRTB&16736-uid:322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&KRTB&23019-uid:322f6192-0fb6-4a00-b8d3-ff32c12a0d3d&KRTB&23114-uid:322f6192-0fb6-4a00-b8d3-ff32c12a0d3d
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_57 Value: 22776-4101933371051267773
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_409 Value: 22966-oLq87Hac10nbxDYfIhaNX0fP
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_80 Value: 22987-CAESEDJPcGhBZfoO9u-1OsQUb2c&KRTB&16514-CAESEDJPcGhBZfoO9u-1OsQUb2c&KRTB&23025-CAESEDJPcGhBZfoO9u-1OsQUb2c
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_153 Value: 19420-s9P_-rWEpP6o1KfwvIDr8ODQovGogfT5sdOuPh15&KRTB&22979-s9P_-rWEpP6o1KfwvIDr8ODQovGogfT5sdOuPh15
.iprom.net/	1970-01-20 03:01:54	Name: UID Value: 413414937079319
.everesttech.net/	1970-01-20 07:28:18	Name: everest_g_v2 Value: g_surferid~YZIPtgAEu8MLRgBG
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_391 Value: 22924-5590461365333053461&KRTB&23263-5590461365333053461
.adsrvr.org/	1970-01-20 07:28:18	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjOwPmotoWUOhAFGAEgASgCMgsItqLh1syFlDoQBTgBWgcwZmtjaW90YAI.
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_1277 Value: 23327-413414937079319
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_336 Value: 5844-6343099854596445264
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_218 Value: 4056-YZIPtgAEu8MLRgBG&KRTB&22978-YZIPtgAEu8MLRgBG&KRTB&23194-YZIPtgAEu8MLRgBG&KRTB&23209-YZIPtgAEu8MLRgBG
.targeting.unrulymedia.com/	1970-01-20 07:28:18	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003%22%7D
.rubiconproject.com/	1970-01-20 07:28:18	Name: audit Value: 1\|hLZGFuTafB3SIXXEQAp8t6Q/Fn9jJ2Tlph+Ceuqbr/f24WPzaViPwRVPNP+czaXyh/ApB/GLQHDqxQ2gHk24EuBxGCOXoSK1SmfLDfg9TArc6UO785F0Pw==
ads.playground.xyz/	1970-01-19 22:52:42	Name: connect.sid Value: s%3AqRRZRomVsOtJwJtrISmmkOPHxiqvYd73.6u7sthKS8c1GPaUowk0gcgDQTSC7%2ByWOhY%2Bl5wjC%2B4Q
.bidr.io/	1970-01-20 08:11:12	Name: bito Value: AACMWU7DJB8AACg2-hZV4w
.bidr.io/	1970-01-20 08:11:12	Name: bitoIsSecure Value: ok
.smartadserver.com/	1970-01-20 08:11:30	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 08:11:30	Name: pbw Value: %24b%3d16950%3b%24o%3d11100
.cpx.to/	1970-01-20 07:28:18	Name: dsp_dbm Value: CAESEE28uHVLc60CnqVhifAUlmY#1636962230580
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_594 Value: 17107-RX-80d0b836-27da-4c87-a9e4-5f4b33a95a5e-003
.adsby.bidtheatre.com/	1970-01-19 22:52:47	Name: __kuid Value: dac730e2-13c7-43fd-bdc2-6489bb8f0fbf.406176230
.turn.com/	1970-01-20 03:01:54	Name: uid Value: 3011783490284999467
.cpx.to/	1970-01-20 07:28:18	Name: dsp_pubmatic Value: 2FF1D2C2-919A-4F06-B567-4FC48FF68EC2#1636962230611
.smartadserver.com/	1970-01-20 08:11:30	Name: pid Value: 4185775479397634008
.smartadserver.com/	1970-01-20 08:11:30	Name: pdomid Value: 8
.cpx.to/	1970-01-20 07:28:18	Name: dsp_TTD Value: 8efd733c-417c-42b5-a902-85f0ecfda817#1636962230637
.cpx.to/	1970-01-20 07:28:18	Name: dsp_rubicon Value: KW0D1OP6-19-KDIP#1636962230644
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.adhigh.net/	1970-01-20 07:28:18	Name: gi_u Value: uMoxQV6tNtNT.AikABlF9Io1hdQ
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_22 Value: 14911-3011783490284999467
.crwdcntrl.net/	1970-01-20 05:11:28	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:11:28	Name: _cc_id Value: d219833c0975f0d84a8a3e4d7ab8b9b
.crwdcntrl.net/	1970-01-20 05:11:30	Name: _cc_cc Value: "ACZ4XmOQTzEytLQwNk42sDQ3TTNIsTBJtEg0TjVJMU9MskiyTGIAgsRJ%2FNtANBQAAEHiCm0%3D"
.crwdcntrl.net/	1970-01-20 05:11:30	Name: _cc_aud Value: "ABR4XmNgYGBInMS%2FDUhBAQAVUAG5"
.cpx.to/	1970-01-20 07:28:18	Name: dsp_app_nexus Value: 4101933371051267773#1636962230668
.onaudience.com/	1970-01-19 22:44:08	Name: done_redirects161 Value: 1
.adhigh.net/	1970-01-20 07:28:18	Name: bsw_sync Value: IYr
.awin1.com/	1970-01-19 22:52:47	Name: awpv14098 Value: 559379\|1636962230\|c63dbee1-45e7-11ec-b06a-226397119453
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379074:2519519
.criteo.com/	1970-01-20 08:04:18	Name: uid Value: 88a52ed7-e86f-4020-9af3-67d37b2b66b1
.tribalfusion.com/	1970-01-20 00:52:18	Name: ANON_ID Value: aGnseFoNIvbpmVrCJZalRROZc8n7EJ2bZbCtfJ9CfC8W11tFYU8PXRaLf796s6mKp71LnLlMu15yo2gfJhlr4Iu
.exelator.com/	1970-01-20 01:35:30	Name: EE Value: "407a02f3c9c2d84b43b2774884d31487"
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_466 Value: 16530-54b91606-4a77-4a4e-a0c9-51d8066aaebb
.exelator.com/	1970-01-20 01:35:30	Name: ud Value: "eJxrXxzq6XKLQcHEwDzRwCjNONky2SjFwiTJxDjJyNzcxMLCJMXY0MTCfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ0SX5RZvoiF9fFRSlpDItKik8F75voDgBC1ilG"
.analytics.yahoo.com/	1970-01-20 07:29:44	Name: IDSYNC Value: "18z8~21jj:18zh~21jj"
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_97 Value: 3385-uid:k-BtwsTUFdV4Mpw_q1kphpyz5PQv_1moswSlGiHA&KRTB&23286-uid:k-BtwsTUFdV4Mpw_q1kphpyz5PQv_1moswSlGiHA&KRTB&23287-uid:k-BtwsTUFdV4Mpw_q1kphpyz5PQv_1moswSlGiHA&KRTB&23288-uid:k-BtwsTUFdV4Mpw_q1kphpyz5PQv_1moswSlGiHA
.tapad.com/	1970-01-20 00:09:06	Name: TapAd_TS Value: 1636962231083
.tapad.com/	1970-01-20 00:09:06	Name: TapAd_DID Value: b6ed2c7c-9fc9-4258-a449-c43e27e9e199
.3lift.com/	1970-01-20 00:52:18	Name: tluid Value: 15160989058506286215
.casalemedia.com/	1970-01-20 07:28:18	Name: CMID Value: YZIPt6aGn5w4KwyZ9NW7PgAA
.casalemedia.com/	1970-01-20 00:52:18	Name: CMPS Value: 5227
cm.mgid.com/	1970-01-19 23:25:54	Name: mg_sync Value: {"617660":1636962231}
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: laePT04nkaHn
.mgid.com/	1970-01-19 22:42:44	Name: __cf_bm Value: XWX7iLpkMTJiaiExJPoUctNL66zjCZTwo7q_px1jkDk-1636962231-0-AdwtPLy+M7R7WI9H9NzchSSNnM4Cj+x9x6DcDCPDfM50k5KSDrxxRnj72uA1/tuXY9j47gvXoHlraML2U76eW9s=
.mediawallahscript.com/	1970-01-20 16:13:54	Name: mCookie Value: -1
.yandex.ru/	1970-01-23 14:18:42	Name: yuidss Value: 2099633821636962231
.yandex.ru/	1970-01-23 14:18:42	Name: yandexuid Value: 2099633821636962231
.adnxs.com/	1970-01-20 00:52:18	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2Ilgmm:G`!hPC#e(jRIEbFnYEb4J0]dYt(-7'TU7ikmBBUENFYIj?/GH/+E%!iCU(AsocbBU(UZug^cUQ0-bAA_!2>h9/+0J2!/7N:g8dQF
.taboola.com/	1970-01-20 07:28:18	Name: t_gid Value: 8f1f5198-6b5d-4582-be5d-07d965d8a6f0-tuct88b9537
.yahoo.com/	1970-01-20 07:28:39	Name: A3 Value: d=AQABBLYPkmECEKV_cWwwXjQ2RUYoHMQRyxMFEgEBAQFhk2GbYQAAAAAA_eMAAA&S=AQAAApyfl8YwaLwPXDlgzFaqIeU
.mathtag.com/	1970-01-19 23:25:54	Name: mt_mop Value: 9:1636962230
.media.net/	1970-01-20 07:28:18	Name: visitor-id Value: 2799638319860419000V10
.media.net/	1970-01-19 23:25:54	Name: data-c-ts Value: 1636962231
.media.net/	1970-01-19 23:25:54	Name: data-c Value: k-W0k5PUFdV4Mpw_q1kphpyz5PQv9XHVJsShQCjA~~3
.revcontent.com/	1970-02-07 04:42:42	Name: __ID Value: ea6e3fa64eb74defa719049d802dc111
.revcontent.com/	1970-01-19 23:25:54	Name: v1_151 Value: 1
.addthis.com/	1970-01-20 08:04:18	Name: ouid Value: 61920fb700010e8536cf9e273f9e02a9a9e8b96133d3c8fd281b
.addthis.com/	1970-01-20 08:04:18	Name: uid Value: 61920fb759aa801f
.addthis.com/	1970-01-20 08:04:18	Name: na_id Value: 2021111507435120400634759098
.tpmn.co.kr/	1970-01-20 07:28:18	Name: uuid Value: 22995c30299247d791032dad3d9c0505
.tpmn.co.kr/	1970-01-19 23:25:54	Name: criteo Value: k-oWfhMkFdV4Mpw_q1kphpyz5PQv_HFKoxFXX0eA
.outbrain.com/	1970-01-20 00:52:18	Name: obuid Value: b506979b-3cbf-4e43-8508-5f0f264d6978
.outbrain.com/	1970-01-19 23:25:54	Name: criteo Value: k-IWKIa0FdV4Mpw_q1kphpyz5PQv_oQ6iN0hYYCg
.adtdp.com/	1970-01-20 16:13:54	Name: uid Value: 67be5fa0-1c54-4557-bd4e-f7654f966f07
.adtdp.com/	1970-01-20 16:13:54	Name: pr Value: aja
.pubmatic.com/	1970-01-19 23:25:54	Name: SPugT Value: 1636962231
.ads.pubmatic.com/	1970-01-19 22:44:08	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 00:52:18	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-19 22:44:08	Name: pi Value: 156383:4
.pubmatic.com/	1970-01-20 00:52:18	Name: SyncRTB3 Value: 1638144000%3A222_176_54_234_5_204_81_88_165_55_231_57_8_166_21_3_220_7_238_13_230_233_104_189_22_56_161_71_99%7C1638230400%3A35%7C1642118400%3A69%7C1637798400%3A63%7C1637539200%3A2_15_223%7C1639526400%3A203
.w55c.net/	1970-01-20 08:11:30	Name: wfivefivec Value: HhXHlPTX1MMwEF5
.w55c.net/	1970-01-19 23:25:54	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 00:52:18	Name: KRTBCOOKIE_107 Value: 1471-uid:HhXHlPTX1MMwEF5
.ipredictive.com/	1970-01-20 07:28:18	Name: cu Value: c8568d1b-45e7-11ec-b40a-db78886add51\|1636962234252
sync.srv.stackadapt.com/	1970-01-20 07:28:18	Name: sa-user-id Value: s%3A0-ce4f545b-fdfc-44d1-5ced-65a740e6555a.TbIiGmaIhG5qPv8g5bjJRMQQczs9TLLEUG9QR6VSlmY
.srv.stackadapt.com/	1970-01-20 07:28:18	Name: sa-user-id-v2 Value: s%3A0-ce4f545b-fdfc-44d1-5ced-65a740e6555a%24ip%2491.199.118.76.RHULH%2BaCtMtW7gun1zUpXnAzOTaOH0dMT4nu347KPhs
.pubmatic.com/	1970-01-19 23:25:54	Name: KRTBCOOKIE_279 Value: 22890-c8568d1b-45e7-11ec-b40a-db78886add51&KRTB&23011-c8568d1b-45e7-11ec-b40a-db78886add51
.pubmatic.com/	1970-01-19 23:25:54	Name: PugT Value: 1636962234
.pubmatic.com/	1970-01-20 00:52:18	Name: KRTBCOOKIE_860 Value: 16335-zk9UW_38RNFc7WWnQOZVWlvHdkw

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-2sFWPUFdV4Mpw_q1kphpyz5PQv_y_BJB3_XVvw&expires=30&user_group=5 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k--H2u0UFdV4Mpw_q1kphpyz5PQv80UNeywMAlUw Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://secure.adnxs.com/setuid?entity=52&code=k-2sFWPUFdV4Mpw_q1kphpyz5PQv_y_BJB3_XVvw&seg=95287 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-BtwsTUFdV4Mpw_q1kphpyz5PQv_1moswSlGiHA Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5mKjlUFdV4Mpw_q1kphpyz5PQv9i1_0LCem_lw&expires=30 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:k-BtwsTUFdV4Mpw_q1kphpyz5PQv_1moswSlGiHA Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
worker	error	URL: blob:https://likevertising.com/5b6d2dc0-4b54-4379-8f3a-1c31a8c7fa8e Message: Mixed Content: The page at 'blob:https://likevertising.com/5b6d2dc0-4b54-4379-8f3a-1c31a8c7fa8e' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://likevertising.com/5b6d2dc0-4b54-4379-8f3a-1c31a8c7fa8e Message: Mixed Content: The page at 'blob:https://likevertising.com/5b6d2dc0-4b54-4379-8f3a-1c31a8c7fa8e' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-wFR700FdV4Mpw_q1kphpyz5PQv-nsDOIS4KpKw&dongle=013b Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-I7_VtEFdV4Mpw_q1kphpyz5PQv8-yg7z8et3vg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://cm.mgid.com/m?cdsp=617660&c=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ucgIy0FdV4Mpw_q1kphpyz5PQv_ojLeYlApB2A Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-hnbqgkFdV4Mpw_q1kphpyz5PQv-EqPpaefjYrg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg&custom=&tag_format=img&tag_action=sync&custom=&cb=481cf89f-889a-4f6a-a135-2056b5e66091 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://an.yandex.ru/mapuid/criteois/k-Tqxy7kFdV4Mpw_q1kphpyz5PQv98lDhB0oROYA Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-QlDf10FdV4Mpw_q1kphpyz5PQv_NOawQYjBPPA&expires=30&user_group=5 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-prq-d0FdV4Mpw_q1kphpyz5PQv-rfI_FQcG-oA Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-5mKjlUFdV4Mpw_q1kphpyz5PQv9i1_0LCem_lw&expires=30 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-W0k5PUFdV4Mpw_q1kphpyz5PQv9XHVJsShQCjA Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-EfNZNkFdV4Mpw_q1kphpyz5PQv-Wt3vGyr97Rg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-lBs-X0FdV4Mpw_q1kphpyz5PQv8Jblwdp1Ffmg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-oWfhMkFdV4Mpw_q1kphpyz5PQv_HFKoxFXX0eA Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-5mKjlUFdV4Mpw_q1kphpyz5PQv9i1_0LCem_lw Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-IWKIa0FdV4Mpw_q1kphpyz5PQv_oQ6iN0hYYCg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3pd.criteo.com
5931236223f5dd945ad5f01e61afe94b.safeframe.googlesyndication.com
734bcf58-a1d2-4d27-849c-79cb79c9e350.gdpr.privacymanager.io
a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ad.ad-srv.net
ad.as.amanad.adtdp.com
ad.tpmn.co.kr
ad.turn.com
ad20.ad-srv.net
ad4m.at
ads.eu.criteo.com
ads.playground.xyz
ads.projectagoraservices.com
ads.pubmatic.com
ads.rubiconproject.com
ads.themoneytizer.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
ams1-ib.adnxs.com
an.yandex.ru
api.rlcdn.com
as-sec.casalemedia.com
beacon-fra2.rubiconproject.com
bidder.criteo.com
c.tmyzer.com
c1.adform.net
cat.nl.eu.criteo.com
cdn-adtrue.com
cdn.adnxs.com
cdn.adtrue.com
cdn.ampproject.org
cdn.contentspread.net
cdn.onthe.io
cdn.projectagora-adtag-library.com
ced-ns.sascdn.com
ced.sascdn.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cmp-consent-tool.privacymanager.io
connect.facebook.net
contextual.media.net
core.iprom.net
crb.kargo.com
csm.eu.criteo.net
csync.loopme.me
cw.addthis.com
d2zur9cc2gf1tx.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
eb2.3lift.com
eus.rubiconproject.com
exchange.adtrue.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gabg.hit.gemius.pl
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.adpone.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
likevertising.com
loada.exelator.com
ls.hit.gemius.pl
m.dir.bg
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
media.kaspersky.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.mediawallahscript.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.grid-data.bidswitch.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.adhigh.net
r.casalemedia.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
s.ad.smaato.net
s.cpx.to
s.tribalfusion.com
s.update.rubiconproject.com
s1.adform.net
secure-gl.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smarttag.rubiconproject.com
sp.analytics.yahoo.com
spl.zeotap.com
sshowads.pubmatic.com
static.criteo.net
static.dir.bg
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tag.leadplace.fr
tm.ad-srv.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trends.revcontent.com
tt.onthe.io
um.simpli.fi
ups.analytics.yahoo.com
widget.nl.eu.criteo.com
ww1097.smartadserver.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www5.smartadserver.com
x.bidswitch.net
ad.tpmn.co.kr
ads.yahoo.com
an.yandex.ru
cm.mgid.com
contextual.media.net
crb.kargo.com
cw.addthis.com
eb2.3lift.com
gum.criteo.com
partner.mediawallahscript.com
pixel.rubiconproject.com
pixel.tapad.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sync-t1.taboola.com
sync.outbrain.com
trends.revcontent.com
ups.analytics.yahoo.com
x.bidswitch.net
104.111.239.217
116.202.11.240
136.243.76.13
142.250.186.66
142.250.186.98
143.204.101.7
143.204.98.115
143.204.98.26
143.204.98.29
143.204.98.34
143.204.98.69
145.239.192.166
145.239.193.145
146.59.148.16
146.59.30.96
15.197.193.217
151.101.1.44
151.101.129.108
151.101.66.49
151.139.241.23
159.65.196.12
162.55.6.213
169.197.150.7
169.50.137.182
178.250.0.139
178.250.0.163
178.250.0.165
178.250.0.173
178.250.2.148
178.250.2.150
178.250.2.151
178.63.52.121
18.156.0.31
18.168.102.56
18.195.255.254
18.195.72.140
18.196.197.61
185.29.132.241
185.33.220.100
185.33.220.216
185.33.220.240
185.64.190.75
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.113
185.86.138.144
188.40.118.169
194.145.63.11
194.190.76.38
195.5.165.20
198.47.127.20
199.187.193.165
2.16.186.26
2.18.232.130
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.44
23.37.42.132
23.79.143.124
2600:9000:2156:1a00:1e:a43d:b640:93a1
2600:9000:2156:4a00:16:f82a:8600:93a1
2600:9000:2156:9a00:6:44e3:f8c0:93a1
2600:9000:2156:f000:11:2a6a:9480:93a1
2602:803:c004:200::141
2602:803:c004:200::155
2606:4700:10::6816:1857
2606:4700:10::ac43:607
2606:4700:20::681a:a19
2606:4700:20::681a:ad1
2606:4700:20::ac43:47c9
2606:4700:3038::6815:ead6
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a02:2638:1::11
2a02:2638:1::13
2a02:2638::3
2a02:26f0:1700:6::17d5:a18e
2a02:26f0:6c00::210:ba42
2a02:26f0:6c00::210:ba69
2a02:fa8:8806:20::2010
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::300
3.227.93.166
34.102.253.54
34.120.133.55
34.194.7.56
34.248.11.216
34.253.43.221
34.254.122.11
34.254.143.3
35.244.174.68
37.157.2.249
37.157.5.142
37.157.6.246
38.27.122.158
44.231.252.170
51.38.120.206
52.17.84.146
52.19.29.184
52.19.63.112
52.210.129.48
52.51.58.216
54.228.184.61
54.36.109.48
54.38.64.100
66.155.71.25
69.173.144.138
69.173.144.165
72.251.245.179
78.128.6.42
85.114.159.118
88.99.70.21
93.159.228.11
94.23.73.243
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
015aba87846f9bc4564b3eefb4de4e21d9e17a8c5e6f130e771f8775abe6791d
01f7d641b9d6382f5081cc6aaa6991b2bf0c34bd5b2b0b4be9c77ea83ea9d2e4
0239422dd34c651b8f12d1f59501dbe815b80bac2f7f33d09a995d02c29fb3fa
03736b108efeca49e24b0f35ff8b9ac3fb4468b6c64de144b1b441cba12f46e2
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
07ae40ec9e146b94925e0c4e92abb30b649c43db74af7c2df704850db6dd8492
091cbd0929ef01f1551896e19ee5ca36edc5872046433deae5ab068cc183652c
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098e6856ffe0ba776af0c94d1bc4cc68cf9e5c5173131b1b8a9c0c285a00d309
0a7591c2c8a91194a263198ae97e3677ded2d5d4316dea3ed1837706c87c4db9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e43e22ff4f2bd3f5f680ed6382e4321212aeb252ffaf6f465b7ee22ca6b9820
0eab85a4383045144ef624b43823a228b64db824f1e49f8c8ee0dba65272e8d3
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112cb2cf09f8d5ad6da61118d88f500168137c5e84b2a1ea5de48c12c35bcf33
11d00cbabd9fe84c3debdf7a1ea73e0209ed00dabeaf662a24aea4f758583464
167982fa128d47a62bd03befe22b8adb08f6d0a1590601b325d3d1a14f7c309d
16ab7db819e3f61f6a8fffa3e5b3cfbe0bba9e9b9b8b4555887f3318dcbb726d
17cf5b1a00d4e21469b3c92296066435b70975e118eca65ef93e7dc6eeb82ff7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1d6daf8a31df357bceb9881b4179c576e20ed2266daaff4de7d6c7d5b53facb5
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
23174e7134705d8dac302ee10d5c199529b48e0d4812e946928f9fc9430e3777
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
288a802d337a509fc6b624f3200fffe93b3b2c26b76414b4c380b2f17002d916
290a4e5c17f2e4384b984db6d604d8ab95a7f00f0cb2eb296b56d818027496a7
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
2a46a16fc061faeaf0f72654263d3222095cfde3cb0088f72a333824ffa62cf6
2d898e04162a4c3c4c9158a8fa95d1f32ef7b468f31dcd157e3a1bb8f94cc1e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
309510aebb8bc255381dcb30cff85699481253daeb282b6be69be38b29bb1745
3100792864ca02b95aacd0e557139c011b65c9b6fc27676407a619cff590ee97
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33b8a86d292ce4a53436d5165402c3d00ff49f66f0b73be3822bafbdaef816c7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36dc8627546125c2446359d123c1d11a8afbe6a5100862e2319217e335d985d2
372e27a98e15f91ddb34daa986eb2c55a24ac059fa849b56093087e29b635e1b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38156f937de4977740afd3fa12d0fe6b5a9889c68db4871d348f66b37000d018
3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059
3c3fd6c63da4e4a1a7c6200535a6b43c30d5d8fdabe5536cdf224e92703a6a1b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed6d2b0fa5a5283b7cb81cde055de9caaca8dbb9aa25074fdd9b0e84cef1317
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
410b0953031ef77b9d36384b058a9a5a7e0bae047962a1b28ce95bd94a86d586
424e700bc8038db3b6782dcaf5d734ec0a8b11faedbb3f7b712d682ef429ca91
42f2a400a42fa66f4044e5ebd76c9832c2ce8993a5fa43846f9ff56e84c04424
43c2b6cf3b3cb1e1fd877dcbf9fc99c7590ae356501281fab9eac7a970183d5e
44fc2a697315ffcdc0cee664925ce26396f989244d21e27db38256d844ae9579
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e
4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49dd4046728bbc2bf3b18f8ec2b828507163ff7e081a985ab9c97cba3f2f4609
4b69dad99378a9d812f1810e1e3882b502892b59b3094bf8aaa485caee477d9d
4cd4ad55326b0aa8af16cc9080273f0cb9889c7e43c17b7e6d2026175eddbae5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2ada55781ff0f08855ee05820dfbaea3633355e175ff858334430cf20bb70a
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5029298dca15df84867f262f278a503c3cfe7dc9df69b3a7f9a4a528e1171fb0
502b218502d7385066a0652a4f2a97879b6aadf7361796b405dd70eff7247e27
50ae46fa7e695109b25176a1174ac6b65cf92735ee0724331b83c54b1ab5e452
5380c842e9cb6f9dce3a59b48418793f9595cb90bf9ba10b046fbc113aa587ca
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55db00ecc34e264b63b8d276855be7b32400968b7f43e52c67c65c3d57bd7f27
568cb3e658abb40b15c6aaa277df5d58d154e7e60622b2a37e87773b0ba6780e
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94
5e989c73d4619245c02effe1617e729f20424e24ed30d3b5adb68aece5c4ef41
5ece35dd3ce49708758c40c200e161cefc0dfce8b87703ea46fbefd0a8faeef7
5ed4c8c7aa8eb782014c1e18a199a4ffb01f313868bda916f73331e4bd0f9a62
604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8
611e8746096ac033a5dbf3c95a3e9304d6fdd671621fe4834e9f3656a167bf8a
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
6413f52c9b7735d3d5ff1555cb6273aab9d24a03b4243099bb1a54a18c0a195e
66a8f22977a88effa3d50b4af9e8f1ad9e763b3c8ed4dd0e79301d9839362b9c
67b08c185967e7dbda1aecb9e42a11c61f24a20c0ccefe9ebfea250a4d67990c
683fab3b2841b37a2587e2ea8f6b7910cd1f222f33481f99fd79c6c6cb6399dd
697159901203076cda4c9bc43daf64b7e30035deb239b36b354363bb86c1a887
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6287a18b1fcdffddc570a4567d2f30dda5ed57bf046296a8f4d250b781b9d8
6b7980af1c60db4997b93bd715945863c6ecc6c7bfb2f45aaf1a38c861a64f94
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d34b4c6b741b60eeb229c5fd0f9ca0ebc3ccbccf1aa73c7e9846d5b06f29758
6dbbd0dd3d38c1f0a7d46b8ed0fb11fb1e15acd60858d0cb8b444da444411ae4
6f2c3da94b752f17cd7e87b03124117b2315e8a41a9fb0eefad81cb899e2b08d
70f4209beb6d138283d0eb17250577bfee3a0654170e756b606b67f8003bb308
761ce3c51dcf364d47350d9f1db8d751eeb877cdb02c40bd1b99b6f575093df9
76ea9f89e9d33f3ebc99e57ab943e64be3a3d9e9bf05c41305c22e2a5eb97d20
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7c5f211702c8326bc845d9d539cabfdf2094d91b2b08b622b4aceeeac2170a72
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
7e944dee615571f80a8bd93892f886d18e735bcc2bca3d4b25dc91f902fe27c7
7f3b48829c52eca43e62f65531b70419e0b71a8f2fa72f4cfc6c2a2f3aadc6c3
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
82edbdabf49d8335e340a3ff29bf54cbd0e7ff7cf3ecf25e2c1473976ed2e235
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847a77e11f3d357062dcc0b048f8db68965b8e8395ce297893c9620bb246403f
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8934864a56420b2936d8fdee7215a3742b7a642623ca9adac7558a4bfda5b401
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ecb66a310d4f8e9cbde7cbf0debdffd84fa1ad0bb3bf3586b16089f7558f1bf
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fceb9666c98db92674eadc3bf22b5811f633e794c6400d43d9e1075e9d7618d
90a6ebbc2eb21096fbeb0af3707c8f76f775f44789d3e9b3592865a22f6b4327
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
971ba60f3d516461bdff7ec672a2b6cb4bd7d6e9d391c22b336ff5ac1dc832d8
986666978ec693519a80dca8e262f2714ef1f5146b2afa266ec5de38db7f6d38
998e1202c2e488520a53e1d57ca8727b4949a877a7859b792b2e09c24478d91e
99a336d42e4e130971fac5e498ac76a43d12fd0acb56a846543dfaa37eccb67c
9a19209483cd31f0227408730c75f1f372ea1218f347a7fe97db8a480d16081e
9b3ccf47c2e1bcc53354580194b2e159ab90a22d0b26ff7305fe69ccfaebe242
9d49ffb2d1eb78628166257bad0f24a773b8b6d9b227e668e19f629059555bf9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0f9ac16ad01f17c1666af19f1d4be7918b27406b67b71cf085c4eef5b6a70e7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20b1f6d32a4479511617a127cd395ac7a6f045d921ca79f6ad5bb51bf4fafc4
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a72dcaad1ca7c29cb0a5f2e08d8bb0d6fc123603d1ad99cb366ad08c4c17faba
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74ebdb9b778dd47fb7eb6aca491bcea676204c3a7b6e9f638e74f8c58e44434
a86b5d86f054a5bb2f9a944c8c55c93e8300cbdcac59c15939308092032b6da0
aa5ab198a4dc6bd735732c995e91fc85cab8fd41d5ec9cfba80490c6d3eaa38a
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
ae9a2c00f97493190ca4e964b81ae7dd271bc051374bf1ca9e1dfc3af88f938a
aeef4c2d6f37558a6507007cfe87edd4fc561f59b405b97f154106950783212e
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
b0b6c903871e02b188453a84de19e6f4021fd6159086b9f37026d3e1103bc84e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6f9b6614ad3b53648681b4765348ca40d33cdce75bcd874cdbfc86ae9b0e99e
b896afc83022a9cba3d395cdb8f1c09f49df5869b96d9c41af7bfdca6286d005
b9a66b98b64e23d42ac08f029eb1f160a89dd22da4b27ddc612b929b498646cf
bac32abbd1af0872391d93e24d851ad4a8c810a6ee9739eb20b19a552d124f5a
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bbfda82cd4c6c62ae0d0caceaaff178359f49c4acaac4feb5d7566266331f62b
bd47e11f786a55e1999e5ad7ced555a79c2f1de7b39dac2d20a74d66c495b156
bdbed939f0ee92c2c08b187b0a7b0fed0f939ba4b6845bfa9d764c16e402998e
bdca4da25ccf227401f4cdc9529883a99d689366ad62f9dbee1e9c44e16daf45
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
be3b0f048147bdc559755a2c79e52394a764fcc6c9f871cd9d00561b86efce4d
bf07ca996b259956d34c15f0fca0d7cad3ba55a820923ff12a5d9842f9b37419
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c0cdc8506fe075f01b9d1b35ed9cf11dfaf74197747e429d3b4bf4f1b6d7d39e
c175a44435cc9d92352d9bdd419ee7c1e7adfb75ab4ed5fcf72232984e945588
c20fb3853e78f1fd105254860320de5dba68c02eccade762896c91c205954a98
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c42db1cad65c603f9f853fec97040b57c71d9fe48dacbccae41f01f24e9888cc
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c606acd58d74e664f7150eb4a246a0c4fd66909fbf5625f206bbbe97fc28fbcf
c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c7fa24917e874800e051036490e173aed40b5758b1f249051f42d2dbab21b916
c846a0262d82ade117a598538a1e27fa05b9fff6bd028516417f32f6d1613230
cad624cae07717993f770db059226bac75a687bb5f4ad2b5b7d18e15e60dc783
cbcad4e849330388b117e95faf73447fc06f299b72f05b5294384cd87b40f88c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1130cdd4fefa1ae93c7389e23f6fc68200b0e7be18245ab2e153bdfbc003a24
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8bd004f653ace0a12041e605f2b474b927cc7c5364d8567e20a017acc2222e9
d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da913c5532c512206c7eab6fd77ce0027e07e533dd3c66db8a1d9486c531f5a2
dab7387b134889bcf737d6da12f2b63ad7b746f651c79e6f9e73ac3f1cfc87b8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec0c6bed7a4ae5edf14dd70251e3c7746230befd51dcdc4bb89d816d99ff404
e082294630f01fe8c1754f194c9ab266daf508bdd6353949cadf922f6396301e
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e29df6cb7b78091dea9b58a6412063cfe513b1d348630176973957a05809faae
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e2f271de4b0aeb8339915506f63ee5ab6b1968db88578bd4ae177eebc2c8b8df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5434c4b2edd5290ce5898f2a23f9de3024a10d4d1ba621daab1bb274520eb01
e8d514e24cb9846887d8a05e49256ef6f8fa5a34a595fdd3b5ab227b4ecafd47
ebd7bb4813a955b3869e8e96fda4e17cdce38b75de2debbd39abdf0dc1d8a2a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c

m.dir.bg Open in urlscan Pro 194.145.63.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

384 Requests

80 %HTTPS

32 %IPv6

98 Domains

161 Subdomains

111 IPs

15 Countries

4323 kBTransfer

11049 kBSize

158 Cookies

29 Outgoing links

Redirected requests

384 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.dir.bg Open in urlscan Pro
194.145.63.11 Public Scan

Screenshot
Live screenshot

Full Image

384
Requests

80 %
HTTPS

32 %
IPv6

98
Domains

161
Subdomains

111
IPs

15
Countries

4323 kB
Transfer

11049 kB
Size

158
Cookies

384 HTTP transactions
8 data transactions