urlscan.io logo urlscan.io
SecurityTrails logo

dekor.delfi.ee Open in urlscan Pro
185.20.100.193  Public Scan

Go To Rescan Add Verdict Report
URL: https://dekor.delfi.ee/
Submission: On February 14 via manual from EE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 119 IPs in 14 countries across 98 domains to perform 551 HTTP transactions. The main IP is 185.20.100.193, located in Harjumaa, Estonia and belongs to EKSPRESS-DIGITAL, EE. The main domain is dekor.delfi.ee.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 4th 2022. Valid for: a year.
This is the only time dekor.delfi.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
76 185.20.100.193 199328 (EKSPRESS-...)
23 185.20.100.195 199328 (EKSPRESS-...)
3 37.157.2.247 198622 (ADFORM)
5 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
31 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.77.42.191 16625 (AKAMAI-AS)
17 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 146.59.21.33 16276 (OVH)
3 20.54.110.135 8075 (MICROSOFT...)
2 185.180.12.68 60068 (CDN77 ^_^)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 27 37.157.5.141 198622 (ADFORM)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 145.239.237.56 16276 (OVH)
1 51.144.7.192 8075 (MICROSOFT...)
1 2 20.205.115.81 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
11 11 3.67.118.188 16509 (AMAZON-02)
3 3 193.0.160.129 54312 (ROCKETFUEL)
4 17 37.157.5.142 198622 (ADFORM)
14 35 142.250.201.194 15169 (GOOGLE)
7 8 37.252.172.123 29990 (ASN-APPNEX)
3 3 159.65.196.12 14061 (DIGITALOC...)
2 2 35.210.53.219 15169 (GOOGLE)
7 52.223.40.198 16509 (AMAZON-02)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a00:1450:402... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 193.200.125.237 43811 (TELIA-LIE...)
2 193.200.125.15 43811 (TELIA-LIE...)
2 20.96.88.162 8075 (MICROSOFT...)
3 147.75.83.64 54825 (PACKET)
1 18.204.184.179 14618 (AMAZON-AES)
1 8 147.75.85.120 54825 (PACKET)
8 13.32.28.197 16509 (AMAZON-02)
4 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 10 2a02:2638:1::13 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
7 178.250.0.157 44788 (ASN-CRITE...)
5 141.95.98.65 16276 (OVH)
2 13.227.198.171 16509 (AMAZON-02)
2 4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 23.65.195.36 20940 (AKAMAI-ASN1)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
8 50.16.15.12 14618 (AMAZON-AES)
2 162.19.138.118 16276 (OVH)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.180.230 15169 (GOOGLE)
3 130.211.23.194 15169 (GOOGLE)
2 85.206.141.183 43811 (TELIA-LIE...)
4 6 172.64.154.237 13335 (CLOUDFLAR...)
2 185.89.210.82 29990 (ASN-APPNEX)
4 212.77.99.29 12827 (WIRTUALNA...)
2 52.58.123.114 16509 (AMAZON-02)
2 185.106.140.18 7979 (SERVERS-COM)
1 92.123.36.4 16625 (AKAMAI-AS)
6 216.52.2.30 30282 (AS-INAPCD...)
5 35.244.159.8 15169 (GOOGLE)
1 3.124.92.31 16509 (AMAZON-02)
2 2602:803:c004... 26667 (RUBICONPR...)
2 185.86.138.124 201081 (SMARTADSE...)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
2 185.184.8.90 204995 (RTB-HOUSE...)
2 193.200.125.19 43811 (TELIA-LIE...)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a02:2638:1::3 ()
1 2600:9000:215... ()
1 34.102.146.192 ()
1 2a04:4e42:200... ()
1 2 34.120.107.143 ()
3 2a00:1450:400... ()
1 2a00:1450:400... ()
2 2a00:1450:400... ()
3 15 185.80.39.216 ()
18 2a00:1450:400... ()
1 2 54.217.61.24 ()
1 2 2620:1ec:21::14 ()
1 34.96.105.8 ()
2 2 54.225.207.120 ()
3 3 213.155.156.180 ()
2 8 69.173.144.139 ()
2 2 18.159.14.212 ()
2 4 76.223.111.18 ()
1 2a00:1450:400... ()
2 2 54.81.177.226 ()
1 174.137.133.49 ()
1 1 2600:9000:211... ()
1 1 23.203.124.21 ()
3 2600:9000:230... ()
2 142.251.208.130 ()
6 2600:1f18:1ac... ()
2 2606:4700:e6:... ()
2 104.18.36.94 ()
4 104.96.145.246 ()
6 2600:9000:206... ()
2 212.77.98.32 ()
2 2 8.2.110.113 ()
10 135.125.163.79 ()
2 4 52.46.151.131 ()
1 5 2a05:d018:d29... ()
1 1 34.111.151.213 ()
1 104.18.33.19 ()
6 6 185.29.134.248 ()
1 1 2001:678:cb4:... ()
1 2 34.255.210.6 ()
2 172.64.151.162 ()
20 3.67.148.232 ()
1 1 37.252.171.53 ()
3 3 3.126.56.137 ()
2 3 151.101.194.49 ()
6 6 52.211.240.68 ()
1 2606:4700:20:... ()
2 2 62.209.227.211 ()
4 4 69.173.144.138 ()
1 3 52.94.223.167 ()
3 3 178.250.2.151 ()
4 2a02:6ea0:cb0... ()
4 4 3.124.13.195 ()
4 2.18.36.193 ()
1 3 185.64.190.78 ()
12 185.64.189.110 ()
1 1 2620:116:800d... ()
1 1 141.94.170.64 ()
2 2 35.201.96.126 ()
1 185.64.189.229 ()
1 34.91.62.186 ()
1 1 35.186.253.211 ()
3 52.59.131.191 ()
3 185.64.190.81 ()
1 1 85.114.159.93 ()
1 1 185.86.138.151 ()
1 1 198.148.27.139 ()
1 2 77.243.60.138 ()
1 2606:4700:10:... ()
1 2 54.237.145.190 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
1 1 3.125.71.9 ()
1 2a02:fa8:8806... ()
1 98.98.134.243 ()
551 119
76    185.20.100.193 (Harjumaa, Estonia)

ASN199328 (EKSPRESS-DIGITAL, EE)
PTR: proxy2.delfi.ee
dekor.delfi.ee
g1.nh.ee
g.delfi.ee
h.delfi.ee
api.delfi.ee
ee-production-portal-root-3dc.s3.delfi.net
ts.delfi.ee
af1.nh.ee
23    185.20.100.195 (Harjumaa, Estonia)

ASN199328 (EKSPRESS-DIGITAL, EE)
PTR: proxy4.delfi.ee
ee-production-portal-root-3dc.s3.delfi.ee
3    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
5    2a02:26f0:11a:398::268b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
31    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
apis.google.com
1    104.77.42.191 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-42-191.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
17    2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    146.59.21.33 (France)

ASN16276 (OVH, FR)
PTR: ip33.ip-146-59-21.eu
sgaee.hit.gemius.pl
3    20.54.110.135 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.delfi.ee
2    185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net
l.getsitecontrol.com
2    2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a02:26f0:11a:391::268b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
scdn.cxense.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
27    37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
5    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu
ls.hit.gemius.pl
1    51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
2    20.205.115.81 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
11    3.67.118.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-118-188.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
17    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
dmp.adform.net
c1.adform.net
35    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
8    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2400:52e0:1e00::1080:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
s2.getsitecontrol.com
1    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
6    193.200.125.237 (Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
keytarget.adnet.lt
2    193.200.125.15 (Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
banners.adnetmedia.lt
2    20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
3    147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
1    18.204.184.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-184-179.compute-1.amazonaws.com
events.getsitectrl.com
8    147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
stats-collector.cxense.com
api.cxense.com
csyn-r.cxense.com
8    13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net
c.amazon-adsystem.com
4    2606:4700:4400::6812:271f (United States)

ASN13335 (CLOUDFLARENET, US)
macro.adnami.io
2    2a00:1450:400d:80a::2010 (Ireland)

ASN15169 (GOOGLE, US)
storage.googleapis.com
10    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    13.227.198.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-198-171.ams54.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
4    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    23.65.195.36 (Paris, France)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-65-195-36.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
8    50.16.15.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-15-12.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    142.250.180.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net
ad.doubleclick.net
3    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    85.206.141.183 (Vilnius, Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
PTR: 85-206-141-183.static.zebra.lt
cc-endpoint.digitalmatter.ai
6    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
2    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs-simple.com
4    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
2    52.58.123.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-123-114.eu-central-1.compute.amazonaws.com
hb.adscale.de
2    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
1    92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com
a.teads.tv
6    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adnet-d.openx.net
google-bidout-d.openx.net
u.openx.net
1    3.124.92.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-92-31.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
2    193.200.125.19 (Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
bid-collector.digitalmatter.ai
4    2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
5    2a02:2638:1::3 (None, )

ASN- ()
static.criteo.net
1    2600:9000:215d:e200:a:e047:752:5701 (None, )

ASN- ()
cdn.prod.uidapi.com
1    34.102.146.192 (None, )

ASN- ()
oa.openxcdn.net
1    2a04:4e42:200::485 (None, )

ASN- ()
cdn.jsdelivr.net
2    34.120.107.143 (None, )

ASN- ()
oajs.openx.net
3    2a00:1450:400d:805::2003 (None, )

ASN- ()
www.gstatic.com
1    2a00:1450:400d:80e::200a (None, )

ASN- ()
fonts.googleapis.com
2    2a00:1450:400d:805::2002 (None, )

ASN- ()
www.googletagservices.com
15    185.80.39.216 (None, )

ASN- ()
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
18    2a00:1450:400d:807::2006 (None, )

ASN- ()
s0.2mdn.net
2    54.217.61.24 (None, )

ASN- ()
fw.adsafeprotected.com
2    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
2    54.225.207.120 (None, )

ASN- ()
fksnk.com
3    213.155.156.180 (None, )

ASN- ()
d5p.de17a.com
8    69.173.144.139 (None, )

ASN- ()
pixel.rubiconproject.com
2    18.159.14.212 (None, )

ASN- ()
match.360yield.com
4    76.223.111.18 (None, )

ASN- ()
eb2.3lift.com
1    2a00:1450:400d:806::2003 (None, )

ASN- ()
fonts.gstatic.com
2    54.81.177.226 (None, )

ASN- ()
sync.srv.stackadapt.com
1    174.137.133.49 (None, )

ASN- ()
dsp.adkernel.com
1    2600:9000:211a:1e00:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
1    23.203.124.21 (None, )

ASN- ()
cs.media.net
3    2600:9000:2304:4200:8:48e:53c0:93a1 (None, )

ASN- ()
static.adsafeprotected.com
2    142.251.208.130 (None, )

ASN- ()
googleads4.g.doubleclick.net
6    2600:1f18:1aca:4281:2d4d:67a7:4e93:963f (None, )

ASN- ()
dt.adsafeprotected.com
2    2606:4700:e6::ac40:c012 (None, )

ASN- ()
adxbid.info
2    104.18.36.94 (None, )

ASN- ()
js-sec.indexww.com
4    104.96.145.246 (None, )

ASN- ()
eus.rubiconproject.com
6    2600:9000:206f:8c00:f:4f64:8940:93a1 (None, )

ASN- ()
js.adscale.de
2    212.77.98.32 (None, )

ASN- ()
std.wpcdn.pl
2    8.2.110.113 (None, )

ASN- ()
as.ck-ie.com
10    135.125.163.79 (None, )

ASN- ()
user-sync.adxpremium.services
4    52.46.151.131 (None, )

ASN- ()
s.amazon-adsystem.com
5    2a05:d018:d29:3605:6b2a:5cae:833b:4670 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
1    104.18.33.19 (None, )

ASN- ()
dsum.casalemedia.com
6    185.29.134.248 (None, )

ASN- ()
sync.mathtag.com
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
2    34.255.210.6 (None, )

ASN- ()
dpm.demdex.net
2    172.64.151.162 (None, )

ASN- ()
cdn.indexww.com
20    3.67.148.232 (None, )

ASN- ()
ih.adscale.de
1    37.252.171.53 (None, )

ASN- ()
secure.adnxs.com
3    3.126.56.137 (None, )

ASN- ()
ups.analytics.yahoo.com
3    151.101.194.49 (None, )

ASN- ()
sync-tm.everesttech.net
6    52.211.240.68 (None, )

ASN- ()
match.prod.bidr.io
1    2606:4700:20::681a:ad1 (None, )

ASN- ()
ad4m.at
2    62.209.227.211 (None, )

ASN- ()
bbnaut.ibillboard.com
4    69.173.144.138 (None, )

ASN- ()
token.rubiconproject.com
3    52.94.223.167 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
3    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
4    2a02:6ea0:cb00::2 (None, )

ASN- ()
vid.vidoomy.com
vpaid.vidoomy.com
4    3.124.13.195 (None, )

ASN- ()
tracking.m6r.eu
tracking-a.dsp.m6r.eu
4    2.18.36.193 (None, )

ASN- ()
ads.pubmatic.com
3    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
12    185.64.189.110 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (None, )

ASN- ()
cms.quantserve.com
1    141.94.170.64 (None, )

ASN- ()
pixel.onaudience.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
1    34.91.62.186 (None, )

ASN- ()
um.simpli.fi
1    35.186.253.211 (None, )

ASN- ()
rtb.openx.net
3    52.59.131.191 (None, )

ASN- ()
a.vidoomy.com
3    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
image4.pubmatic.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    185.86.138.151 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    198.148.27.139 (None, )

ASN- ()
bh.contextweb.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
1    2606:4700:10::ac43:db6 (None, )

ASN- ()
mwzeom.zeotap.com
2    54.237.145.190 (None, )

ASN- ()
a.audrte.com
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
1    3.125.71.9 (None, )

ASN- ()
sonata-notifications.taptapnetworks.com
1    2a02:fa8:8806:13::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    98.98.134.243 (None, )

ASN- ()
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
67 delfi.ee
dekor.delfi.ee
ee-production-portal-root-3dc.s3.delfi.ee — Cisco Umbrella Rank: 315770
g.delfi.ee — Cisco Umbrella Rank: 221307
h.delfi.ee — Cisco Umbrella Rank: 639268
api.delfi.ee — Cisco Umbrella Rank: 293166
s.delfi.ee — Cisco Umbrella Rank: 394483
ts.delfi.ee — Cisco Umbrella Rank: 431404
6 MB
50 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 224
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 195
ad.doubleclick.net — Cisco Umbrella Rank: 166
googleads4.g.doubleclick.net
404 KB
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
398 KB
47 adform.net
s1.adform.net — Cisco Umbrella Rank: 7922
adx.adform.net — Cisco Umbrella Rank: 4048
cm.adform.net — Cisco Umbrella Rank: 1309
track.adform.net — Cisco Umbrella Rank: 3791
dmp.adform.net — Cisco Umbrella Rank: 7424
c1.adform.net
86 KB
32 nh.ee
g1.nh.ee — Cisco Umbrella Rank: 286273
af1.nh.ee — Cisco Umbrella Rank: 400935
3 MB
28 adscale.de
hb.adscale.de — Cisco Umbrella Rank: 15370
js.adscale.de
ih.adscale.de
31 KB
23 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
simage4.pubmatic.com
image4.pubmatic.com
36 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 514
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
26 KB
22 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 409
mug.criteo.com — Cisco Umbrella Rank: 2431
bidder.criteo.com — Cisco Umbrella Rank: 725
dis.criteo.com
26 KB
18 2mdn.net
s0.2mdn.net
2 MB
18 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 469
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
26 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 307
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 504
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
112 KB
17 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4826
scdn.cxense.com — Cisco Umbrella Rank: 12669
p1cluster.cxense.com — Cisco Umbrella Rank: 8711
comcluster.cxense.com — Cisco Umbrella Rank: 5809
id.cxense.com — Cisco Umbrella Rank: 11448
stats-collector.cxense.com — Cisco Umbrella Rank: 93638
api.cxense.com — Cisco Umbrella Rank: 9444
csyn-r.cxense.com — Cisco Umbrella Rank: 52526
93 KB
12 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9128
user-sync.adxpremium.services
13 KB
11 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
100 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 309
4 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 85
apis.google.com — Cisco Umbrella Rank: 126
www.google.com — Cisco Umbrella Rank: 2
118 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 225
secure.adnxs.com
9 KB
8 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
4 KB
8 openx.net
adnet-d.openx.net — Cisco Umbrella Rank: 163598
oajs.openx.net
google-bidout-d.openx.net
u.openx.net
rtb.openx.net
2 KB
8 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 723
2 KB
8 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 420
cdn.id5-sync.com — Cisco Umbrella Rank: 1061
53 KB
7 vidoomy.com
vid.vidoomy.com
vpaid.vidoomy.com
a.vidoomy.com
39 KB
7 btloader.com
btloader.com — Cisco Umbrella Rank: 873
api.btloader.com — Cisco Umbrella Rank: 1026
15 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 340
2 KB
6 bidr.io
match.prod.bidr.io
3 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 630
2 KB
6 adnet.lt
keytarget.adnet.lt — Cisco Umbrella Rank: 506799
535 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1214
c.clarity.ms — Cisco Umbrella Rank: 1768
k.clarity.ms — Cisco Umbrella Rank: 7978
21 KB
5 criteo.net
static.criteo.net
130 KB
5 gemius.pl
sgaee.hit.gemius.pl — Cisco Umbrella Rank: 432541
ls.hit.gemius.pl — Cisco Umbrella Rank: 11760
22 KB
4 m6r.eu
tracking.m6r.eu
tracking-a.dsp.m6r.eu
2 KB
4 indexww.com
js-sec.indexww.com
cdn.indexww.com
3 KB
4 3lift.com
eb2.3lift.com
1 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
36 KB
4 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 9124
1012 B
4 digitalmatter.ai
cc-endpoint.digitalmatter.ai — Cisco Umbrella Rank: 567269
bid-collector.digitalmatter.ai — Cisco Umbrella Rank: 141405
578 B
4 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1032
2 KB
4 adnami.io
macro.adnami.io — Cisco Umbrella Rank: 13612
61 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 7767
www.google.de — Cisco Umbrella Rank: 5268
1 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
898 B
3 everesttech.net
sync-tm.everesttech.net
904 B
3 de17a.com
d5p.de17a.com
867 B
3 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1701
rtb-csync.smartadserver.com
2 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 437
fonts.googleapis.com
2 KB
3 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2303
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 837
a.rfihub.com
3 KB
3 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 15308
s2.getsitecontrol.com — Cisco Umbrella Rank: 24999
65 KB
3 delfi.net
ee-production-portal-root-3dc.s3.delfi.net — Cisco Umbrella Rank: 460661
20 KB
2 audrte.com
a.audrte.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 ibillboard.com
bbnaut.ibillboard.com
405 B
2 demdex.net
dpm.demdex.net
2 KB
2 ck-ie.com
as.ck-ie.com
968 B
2 wpcdn.pl
std.wpcdn.pl
32 KB
2 adxbid.info
adxbid.info
6 KB
2 stackadapt.com
sync.srv.stackadapt.com
1009 B
2 360yield.com
match.360yield.com
785 B
2 fksnk.com
fksnk.com
1 KB
2 linkedin.com
px.ads.linkedin.com
915 B
2 googletagservices.com
www.googletagservices.com
96 KB
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5769
353 B
2 adnxs-simple.com
ib.adnxs-simple.com — Cisco Umbrella Rank: 9376
10 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1174
802 B
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1234
34 KB
2 adnetmedia.lt
banners.adnetmedia.lt — Cisco Umbrella Rank: 502244
23 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5244
747 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
136 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 41
20 KB
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
322 B
1 zeotap.com
mwzeom.zeotap.com
382 B
1 contextweb.com
bh.contextweb.com
715 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 simpli.fi
um.simpli.fi
611 B
1 onaudience.com
pixel.onaudience.com
419 B
1 quantserve.com
cms.quantserve.com
589 B
1 ad4m.at
ad4m.at
1 turn.com
ad.turn.com
425 B
1 brand-display.com
dmp.brand-display.com
350 B
1 media.net
cs.media.net
1 KB
1 smaato.net
s.ad.smaato.net
434 B
1 adkernel.com
dsp.adkernel.com
233 B
1 blismedia.com
tr.blismedia.com
174 B
1 jsdelivr.net
cdn.jsdelivr.net
900 B
1 openxcdn.net
oa.openxcdn.net
8 KB
1 uidapi.com
cdn.prod.uidapi.com
2 KB
1 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1099
157 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1353
389 B
1 getsitectrl.com
events.getsitectrl.com — Cisco Umbrella Rank: 20150
857 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 264
741 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 12852
257 B
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3636
17 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
601 B
551 98
Domain Requested by
31 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
30 api.delfi.ee dekor.delfi.ee
ee-production-portal-root-3dc.s3.delfi.ee
26 pagead2.googlesyndication.com dekor.delfi.ee
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
23 track.adform.net 2 redirects af1.nh.ee
dekor.delfi.ee
23 ee-production-portal-root-3dc.s3.delfi.ee dekor.delfi.ee
ee-production-portal-root-3dc.s3.delfi.ee
20 ih.adscale.de js.adscale.de
ih.adscale.de
18 s0.2mdn.net 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
dekor.delfi.ee
s0.2mdn.net
18 g1.nh.ee dekor.delfi.ee
g1.nh.ee
17 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
14 cm.adform.net 3 redirects dekor.delfi.ee
14 af1.nh.ee adx.adform.net
dekor.delfi.ee
af1.nh.ee
12 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 x.bidswitch.net 11 redirects
10 user-sync.adxpremium.services adxbid.info
ads.pubmatic.com
vid.vidoomy.com
10 gum.criteo.com 5 redirects static.criteo.net
9 securepubads.g.doubleclick.net keytarget.adnet.lt
securepubads.g.doubleclick.net
8 pixel.rubiconproject.com 2 redirects adxbid.info
vid.vidoomy.com
8 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
8 c.amazon-adsystem.com keytarget.adnet.lt
c.amazon-adsystem.com
8 ib.adnxs.com 7 redirects googleads.g.doubleclick.net
7 simage2.pubmatic.com ads.pubmatic.com
7 mug.criteo.com dekor.delfi.ee
7 match.adsrvr.org dekor.delfi.ee
ssum-sec.casalemedia.com
ih.adscale.de
ads.pubmatic.com
6 match.prod.bidr.io 6 redirects
6 sync.mathtag.com 6 redirects
6 js.adscale.de keytarget.adnet.lt
js.adscale.de
ih.adscale.de
6 dt.adsafeprotected.com e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
6 ap.lijit.com keytarget.adnet.lt
adxbid.info
6 stats-collector.cxense.com ee-production-portal-root-3dc.s3.delfi.ee
6 keytarget.adnet.lt dekor.delfi.ee
keytarget.adnet.lt
5 image2.pubmatic.com ads.pubmatic.com
5 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
5 static.criteo.net securepubads.g.doubleclick.net
keytarget.adnet.lt
static.criteo.net
5 id5-sync.com keytarget.adnet.lt
cdn.id5-sync.com
5 www.google.com tpc.googlesyndication.com
9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
5 cdn.cxense.com dekor.delfi.ee
scdn.cxense.com
cdn.cxense.com
keytarget.adnet.lt
4 ads.pubmatic.com adxbid.info
ads.pubmatic.com
4 ssum.casalemedia.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 eus.rubiconproject.com keytarget.adnet.lt
eus.rubiconproject.com
4 eb2.3lift.com 2 redirects adxbid.info
4 ssp.wp.pl keytarget.adnet.lt
4 ad-delivery.net dekor.delfi.ee
btloader.com
4 btloader.com 2 redirects dekor.delfi.ee
4 macro.adnami.io keytarget.adnet.lt
macro.adnami.io
4 adx.adform.net dekor.delfi.ee
s1.adform.net
keytarget.adnet.lt
4 sgaee.hit.gemius.pl 1 redirects ee-production-portal-root-3dc.s3.delfi.ee
sgaee.hit.gemius.pl
4 g.delfi.ee dekor.delfi.ee
ee-production-portal-root-3dc.s3.delfi.ee
4 dekor.delfi.ee ee-production-portal-root-3dc.s3.delfi.ee
3 a.vidoomy.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 dis.criteo.com 3 redirects
3 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
3 static.adsafeprotected.com fw.adsafeprotected.com
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
3 d5p.de17a.com 3 redirects
3 www.gstatic.com 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
3 api.btloader.com btloader.com
3 cdn.id5-sync.com dekor.delfi.ee
securepubads.g.doubleclick.net
3 match.adsby.bidtheatre.com 3 redirects
3 s.delfi.ee ee-production-portal-root-3dc.s3.delfi.ee
3 ee-production-portal-root-3dc.s3.delfi.net ee-production-portal-root-3dc.s3.delfi.ee
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 s1.adform.net dekor.delfi.ee
g.delfi.ee
2 cr.frontend.weborama.fr 2 redirects
2 a.audrte.com 1 redirects
2 uipglob.semasio.net 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 vpaid.vidoomy.com vid.vidoomy.com
2 tracking-a.dsp.m6r.eu 2 redirects
2 tracking.m6r.eu 2 redirects
2 vid.vidoomy.com adxbid.info
2 bbnaut.ibillboard.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 as.ck-ie.com 2 redirects
2 std.wpcdn.pl ssp.wp.pl
2 u.openx.net keytarget.adnet.lt
2 js-sec.indexww.com keytarget.adnet.lt
2 adxbid.info keytarget.adnet.lt
2 googleads4.g.doubleclick.net dekor.delfi.ee
2 sync.srv.stackadapt.com 2 redirects
2 match.360yield.com 2 redirects
2 fksnk.com 2 redirects
2 px.ads.linkedin.com 1 redirects
2 fw.adsafeprotected.com 1 redirects dekor.delfi.ee
2 www.googletagservices.com 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
2 oajs.openx.net 1 redirects
2 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bid-collector.digitalmatter.ai keytarget.adnet.lt
2 prebid-eu.creativecdn.com keytarget.adnet.lt
2 bidder.criteo.com keytarget.adnet.lt
2 prg.smartadserver.com keytarget.adnet.lt
2 fastlane.rubiconproject.com keytarget.adnet.lt
2 adnet-d.openx.net keytarget.adnet.lt
2 rtb.adxpremium.services keytarget.adnet.lt
2 hb.adscale.de keytarget.adnet.lt
2 ib.adnxs-simple.com keytarget.adnet.lt
2 htlb.casalemedia.com keytarget.adnet.lt
2 cc-endpoint.digitalmatter.ai keytarget.adnet.lt
2 ad.doubleclick.net dekor.delfi.ee
btloader.com
2 lb.eu-1-id5-sync.com keytarget.adnet.lt
2 secure.cdn.fastclick.net dekor.delfi.ee
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 storage.googleapis.com keytarget.adnet.lt
2 k.clarity.ms ee-production-portal-root-3dc.s3.delfi.ee
2 banners.adnetmedia.lt dekor.delfi.ee
2 pool.admedo.com 2 redirects
2 p.rfihub.com 2 redirects
2 c.clarity.ms 1 redirects
2 www.facebook.com
2 connect.facebook.net ee-production-portal-root-3dc.s3.delfi.ee
connect.facebook.net
2 www.clarity.ms ee-production-portal-root-3dc.s3.delfi.ee
www.clarity.ms
2 l.getsitecontrol.com ee-production-portal-root-3dc.s3.delfi.ee
2 www.google-analytics.com ee-production-portal-root-3dc.s3.delfi.ee
2 apis.google.com ee-production-portal-root-3dc.s3.delfi.ee
apis.google.com
2 h.delfi.ee dekor.delfi.ee
1 pixel-sync.sitescout.com
1 pubmatic-match.dotomi.com
1 image4.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 idsync.frontend.weborama.fr
1 mwzeom.zeotap.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb.openx.net 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 cms.quantserve.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects
1 ad.turn.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 a.rfihub.com 1 redirects
1 cs.media.net 1 redirects
1 s.ad.smaato.net 1 redirects
1 dsp.adkernel.com e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 tr.blismedia.com 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 fonts.googleapis.com 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 btlr.sharethrough.com keytarget.adnet.lt
1 a.teads.tv keytarget.adnet.lt
1 dmp.adform.net
1 csyn-r.cxense.com 1 redirects
1 api.cxense.com scdn.cxense.com
1 events.getsitectrl.com ee-production-portal-root-3dc.s3.delfi.ee
1 id.cxense.com scdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 p1cluster.cxense.com cdn.cxense.com
1 www.google.de
1 stats.g.doubleclick.net ee-production-portal-root-3dc.s3.delfi.ee
1 s2.getsitecontrol.com l.getsitecontrol.com
1 c.bing.com 1 redirects
1 c.cintnetworks.com
1 ls.hit.gemius.pl sgaee.hit.gemius.pl
1 ts.delfi.ee
1 scdn.cxense.com ee-production-portal-root-3dc.s3.delfi.ee
1 appleid.cdn-apple.com ee-production-portal-root-3dc.s3.delfi.ee
1 partner.googleadservices.com pagead2.googlesyndication.com
551 174
Subject Issuer Validity Valid
*.delfi.ee
Sectigo RSA Domain Validation Secure Server CA		 2022-07-04 -
2023-08-03		 a year crt.sh
*.nh.ee
Sectigo RSA Domain Validation Secure Server CA		 2022-07-04 -
2023-08-03		 a year crt.sh
s3.delfi.ee
R3		 2023-01-24 -
2023-04-24		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-17 -
2023-04-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
s3.delfi.net
R3		 2023-01-24 -
2023-04-24		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
s.delfi.ee
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2022-03-05 -
2023-04-06		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-24 -
2023-02-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
c.cintnetworks.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-11-04 -
2023-05-04		 6 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
keytarget.adnet.lt
Sectigo RSA Organization Validation Secure Server CA		 2022-05-05 -
2023-05-07		 a year crt.sh
*.adnetmedia.lt
Sectigo RSA Organization Validation Secure Server CA		 2022-10-10 -
2023-11-07		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.getsitectrl.com
Amazon		 2022-12-14 -
2024-01-13		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-26 -
2023-06-26		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2022-12-18 -
2023-03-18		 3 months crt.sh
*.digitalmatter.ai
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-19		 a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2022-02-25 -
2023-03-28		 a year crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-10 -
2023-03-15		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M02		 2023-02-10 -
2023-05-08		 3 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
teads.tv
R3		 2023-01-20 -
2023-04-20		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-01-29 -
2023-04-29		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-05-27		 4 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-02-12 -
2023-05-13		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-13 -
2023-05-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M01		 2023-02-10 -
2023-06-11		 4 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 67 frames:

Primary Page: https://dekor.delfi.ee/
Frame ID: 51544159C85A1AFB4DBD20EA1843C402
Requests: 135 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20190131/zrt_lookup.html
Frame ID: 784345A74104F4E948DBEB3B4185B32B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5295995486288553&output=html&adk=1812271804&adf=3025194257&lmt=1676393878&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdekor.delfi.ee%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676393878346&bpp=4&bdt=741&idt=296&shv=r20230209&mjsv=m202302080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4919503840672&frm=20&pv=2&ga_vid=835921100.1676393879&ga_sid=1676393879&ga_hid=1753315872&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44779794&oid=2&pvsid=1308697954452468&tmod=930262455&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=363
Frame ID: 4439A1EA87382C18692327552649631B
Requests: 1 HTTP requests in this frame

Frame: https://adx.adform.net/adx/?mid=562979&mkw=channel_vue,channel_dekor,logged_out,channel_frontpage,dekor_frontpage&mkv=channel:dekor,network:4g,screen_width:1600,screen_height:1200,locale:et_EE,position:pos_001,chn_pos:dekor_001,chn_fp_pos:dekor_001&adid=57735dcf-d89c-4cf6-b132-857d48b8b4b2
Frame ID: 890816CFDEFF2AB4B160559F4C27CFCC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3018FFD434BC7CBB59A7517F9C2A145C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BDECC33A68CFE138ED735267E5B5F123
Requests: 2 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 7F01B50A3F203782974D23F1790C7E5D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: E73466CED1D5C66A953C60DAE6DCA4AA
Requests: 4 HTTP requests in this frame

Frame: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Frame ID: D60F7744F21DC307ABE4A20DA930A740
Requests: 9 HTTP requests in this frame

Frame: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Frame ID: 95A2C779E89E73DA6E93FF964F413542
Requests: 8 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/146996/2932089/siteheader.js?bn=61584290;v=1
Frame ID: 51460CC0981E24AD6408EC9B0962EB1B
Requests: 23 HTTP requests in this frame

Frame: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Frame ID: 2B1D1E9824B945BED5AF2069C8E7828B
Requests: 52 HTTP requests in this frame

Frame: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Frame ID: 550A1F8B51370774D3F4FB2CD3C7A1CD
Requests: 60 HTTP requests in this frame

Frame: https://af1.nh.ee/Banners/Elements/Files/147901/12380176/main/12380176.js?ADFassetID=12380176&bv=1027
Frame ID: 939371A308EA925F3AA0CE63C7975C85
Requests: 7 HTTP requests in this frame

Frame: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 6EF9F1E3921A725D8CEE428CD90FA01F
Requests: 1 HTTP requests in this frame

Frame: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: F79719D48746D3F18429E343F28C0A96
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B61E880B3F99B6AE0ED516429953BF4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D568037CA8363CEEA4357DBDB7326B46
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3847216BC93D571C80035842729666C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96BC1DEED14B430EA911E8240A39CC75
Requests: 2 HTTP requests in this frame

Frame: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: AB0C712E601D01890C49EC292A93CA28
Requests: 27 HTTP requests in this frame

Frame: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 6F4D9A8E1A80EBEBDC54C2EB8206F2BD
Requests: 17 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=dekor.delfi.ee
Frame ID: B66FD39F7CA16BD30A4376FFFF6A473A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQ5uqlogQYxYvl3gEwAQ&v=APEucNWOaXBikSnA5AwZopGqmW5u1TKKtmlyjCt_G7ilBtiXqdxJxCPItIyi5I3gDaq9PU9R2lT029kO3k4uIoAdI_0GEi4tOQjimxqHhJfIC3DdPAskjlZu2vBYsgq9E9VzccZ0pqNaMxb1-AFB-ICDIxhJoB51y9BmaYGrqFtu3Y2ILLD5EZkrYq-Ga6WqtOeA_ak0vwv_CLiW2GXnkrDhqdp67M55Og
Frame ID: D5151A8BBD3BB108F1A96E3979F12439
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B0047285AC3EC91D735286D9A0F0926
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dekor.delfi.ee
Frame ID: 5E0B8EB107354ED8514AD20F92D77FEE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dekor.delfi.ee
Frame ID: DA87AA7FBF0867F65265BC510364BCD9
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 48EB58FAB2E482F5D7B173502BF166AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1BABAEAC669A9B0AE6152643AC27C88F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CFA967D9C325B97C04F4A6B1784F5B67
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
Frame ID: 44538F7B4E4698C5A400FB52F650C048
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8DD3212346A51908E5B55D4A682885A8
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: D9750960C9C76A200C3886010F60E302
Requests: 7 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13408460
Frame ID: 9C8C6DBEEB6464A1C868F89F2925D401
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=1953517997540887800&sn=mc_adapter
Frame ID: A2C4437D4381772381B4818D6850B213
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 69D9793BC20EE496CB56309715C65914
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 40EE2211F2800FC976472934D593EAE2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1
Frame ID: 0AC68677679E2F9C1AFE9DA0CCF7D28B
Requests: 2 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=1&gdpr_consent=
Frame ID: B7B0D4556B6CEABFE585A770632F3BD2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1
Frame ID: 8FE6F459D7BFEA32125CD79C8E6ACC4D
Requests: 10 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13408460
Frame ID: 6ED3F68F578AF52CAB9883D7ACC7EE2E
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 3D84C32C393C8B43E225A4046A92968C
Requests: 7 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=80302907569481170000&sn=mc_adapter
Frame ID: 55EB10C69AF282D0A301F296B310B642
Requests: 2 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=1&gdpr_consent=
Frame ID: 9D1C7665769BE6A4B581A4A7914B3569
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 7619304B49D813748497DBAC4938BFCC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 37CF8A0150DD6445370E64877DDCDA13
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 83CEC963C853F1FC27DC862056772BC7
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E46BCE839161B892A6FF6A07042E4618
Requests: 10 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Frame ID: FB01D76C97C6F49B5CB92EE5A55C71C6
Requests: 11 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Frame ID: E4BD713C7303E5DA74270AA3261DC4A2
Requests: 11 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 984757B72AD78051217856A88A165B09
Requests: 6 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: CF094CCC90718C1C9875358FC72E3C46
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 203710433FF6D938C3332ABF2EF2F166
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 59DA35659DEAF8B63CA07D4633BD8684
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=702368EB-BF93-4702-B129-500AC7A3037B&gdpr=0&gdpr_consent=
Frame ID: 8E3BE74FBA38E29E9D167E9A4EAE4F70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2db263eb-bda0-4100-95f5-6014c985a428&gdpr=0&gdpr_consent=
Frame ID: 9EB2A5020D2D6DBF185871B6695F2622
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3221908229510423063
Frame ID: AEF882665DC4D3F9E1B8FA68B5C6CF30
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 492E5E642AFA0AFC95E11CC507F247D0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kxyUJMdLkHeITsgknEvcdMZJxSKIF8Z2wBfqC69w
Frame ID: B03B74D8891FAE97578FBFCD45E6BB52
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=702368EB-BF93-4702-B129-500AC7A3037B&redir=true&gdpr=0&gdpr_consent=
Frame ID: 4C6E5F29310E08A04B4940B0547CAFE1
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=702368EB-BF93-4702-B129-500AC7A3037B
Frame ID: 7DD447729CB604306F6E132FD687B13F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3019568783745404024&gdpr=0&gdpr_consent=
Frame ID: 7419610C8B921BBDB8ED15848C4D9A52
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7200056941381417105&gdpr=0&gdpr_consent=
Frame ID: F65A714C1E301F8F10375CF3948D932E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=J0FVUZCESRhtjksP7BZXs7nVm6I&gdpr=0&gdpr_consent=
Frame ID: FEAEF82EF44E5D2633FBD0528D09B0AC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH5s07H13sAACFxawaxvA&gdpr=0&gdpr_consent=
Frame ID: 2E6EB223A5ED74097D7DA7B7BA9F291C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: B3708F476AD3C1836B4ED49B250FF8E3
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=702368EB-BF93-4702-B129-500AC7A3037B
Frame ID: 6148C2773BAA5212C691C8CB2EAF596C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Декор

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

551
Requests

83 %
HTTPS

32 %
IPv6

98
Domains

174
Subdomains

119
IPs

14
Countries

13621 kB
Transfer

19964 kB
Size

55
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0E1F54A7528C4B67BB7C36AF47D18AC6&RedC=c.clarity.ms&MXFR=10CBE57D3D34636B3974F7C539346D2B HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0E1F54A7528C4B67BB7C36AF47D18AC6&MUID=32B8A7179F2F6E2F17AAB5AF9EFD6FC7
Request Chain 124
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adform HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329524285247713&expires=30&ssp=adform HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&adform_v=1
Request Chain 125
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEB-naZeFvjdaeDRh1jzVkTk&google_cver=1&adform_v=1
Request Chain 126
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
Request Chain 127
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=4c35e5f3-cd1b-4dab-95ed-283eb237606d
Request Chain 129
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_custom_parameter=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_custom_parameter=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8226dc0c-98ad-4d56-b0df-7fe84f48306a&user_group=1&ssp=adform&bsw_param=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&adform_v=1
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEOf30CdpsVy_NB5wGCydpVQ&google_cver=1&adform_v=1
Request Chain 131
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
Request Chain 132
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=96b9477b-14df-47b2-a638-8a791e801306
Request Chain 134
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=adform&gdpr=&gdpr_consent=
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEBjraQaVAeCSIKEev01UNLc&google_cver=1&adform_v=1
Request Chain 136
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
Request Chain 137
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=96b9477b-14df-47b2-a638-8a791e801306
Request Chain 158
  • https://sgaee.hit.gemius.pl/_1676393881145/rexdot.js?l=106&sendf=8&id=bP.gjYN6d708X7b5xAv1I_UUnM9pLnAC7JzqiqGligv.q7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fdekor.delfi.ee%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=AHiwH5BDj7TB3748RL5C2Nib8lEg9Go6iUHrKwhmfdr.q7CZIYZjIEPZay18DGeLpNohjacZRvUNcTytV2T8teN2t.gx/FiPvaMHAICajf/&fpdata=KmPAHRgnnjes3i4k7nI5T35gtj3_crq7_d2sYxh3QsX.B7&ltime=469&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63ebbd98283932d2&brts=1676393881&fpcap= HTTP 301
  • https://sgaee.hit.gemius.pl/__/_1676393881145/rexdot.js?l=106&sendf=8&id=bP.gjYN6d708X7b5xAv1I_UUnM9pLnAC7JzqiqGligv.q7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fdekor.delfi.ee%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=AHiwH5BDj7TB3748RL5C2Nib8lEg9Go6iUHrKwhmfdr.q7CZIYZjIEPZay18DGeLpNohjacZRvUNcTytV2T8teN2t.gx/FiPvaMHAICajf/&fpdata=KmPAHRgnnjes3i4k7nI5T35gtj3_crq7_d2sYxh3QsX.B7&ltime=469&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63ebbd98283932d2&brts=1676393881&fpcap=
Request Chain 194
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdekor.delfi.ee%2F&domain=dekor.delfi.ee&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=URb0rnxjaWNBS1ZkUHJVY1BpM2hkSW9yd2ZVS0ttUGlaT2VCMldxOXZRclJyc3J4aVFNcXFJTkZqR3hMR2RyNVppd0E5bzhKd010M1Y3d1BRYlcyNmdJVjdIenI5dkEvMk1FSVVyOXVxeXVpSTRIaW5RbURQdGFkaTU5OEVlbjMzblNDbzRLTkdQMUxIQksrOStzVmEvZytyTGRHRWtiYkpIWjRXQkUycHYvamlWVFBtbW5PU1N0Y3l5ZHhlY1BQT2tNUFU5bzIzSndkdFFHUTJ0R25GQVkvNndxSjc0cFVjci9CRFhaRXVRZWxZZTlvPXw&cppv=2
Request Chain 200
  • https://csyn-r.cxense.com/?cxsite=1145189970857384309&partnerId=csr&cxckp=cx%3Aqwo8wfxslz05w9drj7zdatob%3A25mm80z00mkg8 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1077&cid=2di00u41i0iit2w6ym6x3sjz8t
Request Chain 204
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdekor.delfi.ee%2F&domain=dekor.delfi.ee&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=O4l3gnxoTmJxaktqTE1LZ2Y5dzU2SzN0Y3puNWtKL0JpRFU3SHp2alo3Z21BSHlicmlJaEJIQmpYem1yUlNYOFAvcmQzTUIrS3IwWG1FSUtnU05sVmE3S3RPaW1kelhScWRZMnhObk9EbERvMmMvRmlZK08zblhEei9yYk5reXZFWEpUeDV0YlF3dUM0SGpZS0wrcFNUdHJPRnpxUWFuOEUzcnhxVElFb2xXL0JxVVFBNTNtaEdqYUtxbExrenBlYlhKVUxJNmI5SldFeURla09PbnJLODZNajEzM3dZV0JQMTFjUUtuMkFpbnpLd1VVQjEyeEM2TFR5TUVta3FJRTJKbTZHfA&cppv=2
Request Chain 209
  • https://btloader.com/tag?aax_id=AAXEYBR49&upapi=true HTTP 302
  • https://btloader.com/tag?o=5749741711261696&upapi=true
Request Chain 216
  • https://btloader.com/tag?aax_id=AAXEYBR49&upapi=true HTTP 302
  • https://btloader.com/tag?o=5749741711261696&upapi=true
Request Chain 310
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdekor.delfi.ee%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdekor.delfi.ee%2F&rid=esp&cc=1
Request Chain 329
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=delfi.ee&sn=ChromeSyncframe&so=3&topUrl=dekor.delfi.ee&bundle=m41tMV9zaFYlMkJmSk4lMkY1bk9WSktDaEpSQWo2QWNmMjFaOXlaUnAlMkZsbXV4UU5MYmJrOWhLJTJGUlZOQ08lMkJXYWZ5Y0V2Sk9UeTRmd1hxVDlrcXNxbjVzYTVENFRkaUlMTEp5OUtLSzF0dWY3ck5RcWdrJTJCcFR5S0NqVEhCckFPYWclMkZuMHJTZ2cz&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=HEHwUHxYWHg0dW9zUGE4UnNVS0tRNll6UCtCcGpNdSt3L1lCK0tsTm9ObGtDWG0vTXZDNTkxRjBXUG9IWFdRaWZqcEY0aERReUFMQ1F1SzI4cFJwZWVmcVVvR2thcVBhcWx0NG52dU5STkVwaGFQbFlwQnZwV2liaXRkQ2RUbis5ZXZBb0p1NnJGcStGOSttVVF2TzIxa0VvR1cvMC9DVGVJdlRNOHBrdEdlZ2lPM2Y2anhQN3FIQUZ0RSsvOUJCVVI1VTdCL3ZJbGR1NkVwRC9IeUxxTktTYnl1ME8zekY4allLVTN1YU5RZ0hQUHBOWTRQbkxycWpxZUhWcUJEaUR2eURseWpWTUZqb0pybW1hMVJQMlVPNUlsQT09fA&cppv=2
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1&C=1
Request Chain 331
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.u9nj3ver2KnIsSxzEP4gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1&google_hm=2
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_FQdvJ1ljCLKvjlKNnTwA&google_cver=1
Request Chain 333
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAxOTU2ODc4Mzc0NTQwNDAyNA%3D%3D
Request Chain 356
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=delfi.ee&sn=ChromeSyncframe&so=3&topUrl=dekor.delfi.ee&bundle=0idyV19zaFYlMkJmSk4lMkY1bk9WSktDaEpSQWo2S2MwJTJGVGdNZGlobHFjeklkM1pYVlV1Vm5DS05ZcVFaWDJhWGplMHBaZGtIOHZXTVMzYWtma2NQV1BiNVYlMkJVSGJLMmJSbmF0UVU1QTVxS0Z6TEo1ZThPamMwcDU0dzU0T1VSb2VWTUFsZ3BNTGFMNXNja1BTZkRzUUthVTNPalpaZyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=FReqF3xkUEs3bENLbFpVR09HWTBjTkd5akVhckJwYzc3d05ET3ZjL1dEc0FyaDB4bEp4TE9peGNERGE4dzNZM3RERk54cWFCSFdma2dld2ovSDFYNUpaZ0NQUFBVOXkvQXdOR1EwdlNtazdkaXJKSGEvanF0MitFWHk2eVlqWE5tMTBzMnd1NDdSS3lzMktKeFp6VWhzSGh1RTZ5Y0pDV2U1dWM0QTFROC9YazlBVDBWOE1QRFplRk5HZzlWa09FWnVWajdvMkdWMlpkSGJWWndodmJWVUkwNlVJOWhUVmM3ckRUZ1RlWnFOLzFuNnppdDN2U3NPQ0pmOFJpRFNvQ1E1dHI0MXlCNU1sek5rVWRlWHgyalFrOFBUQT09fA&cppv=2
Request Chain 357
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIksteE-JRbA8Vwyxfuanjk&google_cver=1&google_push=Aa02lx-bQlieKRn_uE9kzPY9oEcKh69IKNjk7JSF7sZb81iFQxqchsMunlgFJNWPlBQgd0hmzsebEicp99Z6b_eI4hWdEJbxJw6k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx-bQlieKRn_uE9kzPY9oEcKh69IKNjk7JSF7sZb81iFQxqchsMunlgFJNWPlBQgd0hmzsebEicp99Z6b_eI4hWdEJbxJw6k
Request Chain 359
  • https://fksnk.com/cs/google?google_gid=CAESEMl23iEK73Nu3TsqALBmjqM&google_cver=1&google_push=Aa02lx_jlbPrT_oWX1ytbeHpcZdswG8aWSsEt0k7t-5FxWOGG0Nd1FD_fC24PxjRo5drkmBOShiL5_8GBESVAqvycNL0MzMzUKM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTIwQTZGMENBMjdBMTVGMA==
Request Chain 360
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEM-A17L5cM96Nnbn-hl1mDA&google_cver=1&google_push=Aa02lx_fDXu19eRLTRPwawDflUj-iuVnFXukVYOnjK95BI1sgfspU5yRsbLYwTALIKkYtJD14z5YA7PCq4lrR2M8lhonHIMyDxlg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEM-A17L5cM96Nnbn-hl1mDA&google_cver=1&google_push=Aa02lx_fDXu19eRLTRPwawDflUj-iuVnFXukVYOnjK95BI1sgfspU5yRsbLYwTALIKkYtJD14z5YA7PCq4lrR2M8lhonHIMyDxlg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_fDXu19eRLTRPwawDflUj-iuVnFXukVYOnjK95BI1sgfspU5yRsbLYwTALIKkYtJD14z5YA7PCq4lrR2M8lhonHIMyDxlg
Request Chain 361
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDfGoae2lqbjuvZ5nTVQrwI&google_cver=1&google_push=Aa02lx9DBEkiJ3c1NAgFNK-Yt2crMBKdsHF2_74fOY9kOLyxnv7IZb7C7hpczf18rpzdaIcpHICTo-xZijWyrWAYIbFWVgsSnCrh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&google_push=Aa02lx9DBEkiJ3c1NAgFNK-Yt2crMBKdsHF2_74fOY9kOLyxnv7IZb7C7hpczf18rpzdaIcpHICTo-xZijWyrWAYIbFWVgsSnCrh
Request Chain 362
  • https://match.360yield.com/match/ebda?google_gid=CAESENojbdJ9JK3_qdAEkAcReiQ&google_cver=1&google_push=Aa02lx_KAFzKoJ5nDM78BymYtruo05rtIaYOlgr0wMmLdcPXPCYFbzchMQE0NcHeQiqgKCfupAAI3HOjo8_gz5FRFw1BrjIvAhio HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENojbdJ9JK3_qdAEkAcReiQ&google_cver=1&google_push=Aa02lx_KAFzKoJ5nDM78BymYtruo05rtIaYOlgr0wMmLdcPXPCYFbzchMQE0NcHeQiqgKCfupAAI3HOjo8_gz5FRFw1BrjIvAhio HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=UYTpUvY4TpqhMRh1FafmGw&google_push=Aa02lx_KAFzKoJ5nDM78BymYtruo05rtIaYOlgr0wMmLdcPXPCYFbzchMQE0NcHeQiqgKCfupAAI3HOjo8_gz5FRFw1BrjIvAhio
Request Chain 363
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED4UZKeIDiwZA040oNdfc04&google_cver=1&google_push=Aa02lx-wIW8zVhLd1oJ6bCLto1GLhD9FA3RoVIyQGjz7U7bjT8OeyDBhhVibQr78MECTMPzYjgQi12ywme5SRSE8r2_faiqjT0U HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-wIW8zVhLd1oJ6bCLto1GLhD9FA3RoVIyQGjz7U7bjT8OeyDBhhVibQr78MECTMPzYjgQi12ywme5SRSE8r2_faiqjT0U&google_gid=CAESED4UZKeIDiwZA040oNdfc04 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyOTQyMTIxMTIwMDEwOTgwNjYyNg%3D%3D&google_push=Aa02lx-wIW8zVhLd1oJ6bCLto1GLhD9FA3RoVIyQGjz7U7bjT8OeyDBhhVibQr78MECTMPzYjgQi12ywme5SRSE8r2_faiqjT0U
Request Chain 369
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=delfi.ee&sn=ChromeSyncframe&so=3&topUrl=dekor.delfi.ee&bundle=0idyV19zaFYlMkJmSk4lMkY1bk9WSktDaEpSQWo2S2MwJTJGVGdNZGlobHFjeklkM1pYVlV1Vm5DS05ZcVFaWDJhWGplMHBaZGtIOHZXTVMzYWtma2NQV1BiNVYlMkJVSGJLMmJSbmF0UVU1QTVxS0Z6TEo1ZThPamMwcDU0dzU0T1VSb2VWTUFsZ3BNTGFMNXNja1BTZkRzUUthVTNPalpaZyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=k3cO8XxPMDFsRWcrcjlGZHVnNW1SWUhaMkFCVVBaN2dCSmIyVjl5TWZhcHRJc3R4a0t1bVFCeFB4dDJHZ2hpK2RvMWdxZmgwaXhEbXJHcTZFN1k1MFdWd2VMbE53SVZ6VGl5eGRxejVXQWdmSUJXMG1xbEJWYmc2VTF4RHpnSHNPcE9kejY3QWIwTzNjRy8rOWtqZlRnMTJ2L0k3cXhMd1BqY2hiaEJJbzdlaGMzNTZKS1RjSWxlTUpJcTFaQVpHODdMcUZ3MENLUEkyTCtHQVdmM2dVUUUzZnMwK3hVcmdLL1JuUk1kWGt3cjhCZzZOb2haTEk0Z2VkVEtuYWd3STE1NVdodzcvQkZWUUFncjNGanlkK1hsZm5qQT09fA&cppv=2
Request Chain 371
  • https://fksnk.com/cs/google?google_gid=CAESEMl23iEK73Nu3TsqALBmjqM&google_cver=1&google_push=Aa02lx8sLciBhPa_GLXjXZSOvX2OzByZVGaTYOpgetq0TTYnozAQZElZ6RDlZDVtTRA_wl9JMrj_od9eIhIyZp78KL8_sVLgrFoK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODYwRUNBMDhEOEM3QjY5Qg==
Request Chain 372
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEESPoARRvOE2qakTxO_f_q0&google_cver=1&google_push=Aa02lx_4WG-FXxIpwlXHCt3WI7h4Bf_vkDtrgMjkDHS6Sn4Yiq_u9LdCkKDBU-Mm5MqYmDGV-ljAUoigYw3_mecMxzNsJI7NrOe3TQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=J0FVUZCESRhtjksP7BZXs7nVm6I&google_push=Aa02lx_4WG-FXxIpwlXHCt3WI7h4Bf_vkDtrgMjkDHS6Sn4Yiq_u9LdCkKDBU-Mm5MqYmDGV-ljAUoigYw3_mecMxzNsJI7NrOe3TQ
Request Chain 373
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDfGoae2lqbjuvZ5nTVQrwI&google_cver=1&google_push=Aa02lx9YbiVRcd0X47Ud2q8fmbaLbvYq5yZb-0OM5_QQiiSqDmnR_MdZxycwqQolzZNCTIXdJqNe2ovCnb8jmzDx5bnN7CgCQcR3zA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&google_push=Aa02lx9YbiVRcd0X47Ud2q8fmbaLbvYq5yZb-0OM5_QQiiSqDmnR_MdZxycwqQolzZNCTIXdJqNe2ovCnb8jmzDx5bnN7CgCQcR3zA
Request Chain 375
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGNJX-1HaH1JAl9_dkD0t5I&google_cver=1&google_push=Aa02lx_9oByGyW4U2YSm3s9-etM5tOgSP0rUSeQ0_x65VekwRjDsxjouXQWYlQ7Gseg7vSSkeapm9t_EneDduBARwsucdbSx3dlx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_9oByGyW4U2YSm3s9-etM5tOgSP0rUSeQ0_x65VekwRjDsxjouXQWYlQ7Gseg7vSSkeapm9t_EneDduBARwsucdbSx3dlx
Request Chain 376
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGBbyrJDNyO7E3aNNhut1GI&google_cver=1&google_push=Aa02lx8b5t1Qc-cumtQRwvgLW_aSV_o-J89GNMzyM3LUFY2kfWdOxcbxMz8CVJZ6idyUutczqlW30NN1IM0iI448qacgfIbCeeU_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE5Mzk1NDg2ODM5NzAyMjAwMFYxMA%3d%3d&mn_hm=MzE5Mzk1NDg2ODM5NzAyMjAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx8b5t1Qc-cumtQRwvgLW_aSV_o-J89GNMzyM3LUFY2kfWdOxcbxMz8CVJZ6idyUutczqlW30NN1IM0iI448qacgfIbCeeU_&gdpr=&gdpr_consent=
Request Chain 377
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEgyiV1-4CjZ2gBcl5kyK3k&google_cver=1&google_push=Aa02lx-5v0kgpOZJERuO0RzVfS0c4ACxuI_0Gez-JxA_DLfIWgHZeBkTNWILkXBZBAlHQFZnPWSiE-DgKjh-9lLZLp1IXiB21aglRQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx-5v0kgpOZJERuO0RzVfS0c4ACxuI_0Gez-JxA_DLfIWgHZeBkTNWILkXBZBAlHQFZnPWSiE-DgKjh-9lLZLp1IXiB21aglRQ&google_hm=NTEzMzMyOTUyNDI4NTI0NzcxMw==
Request Chain 392
  • https://fw.adsafeprotected.com/rfw/st/1347715/69353376/skeleton.js?adsafe_url=https%3A%2F%2Fdekor.delfi.ee&adsafe_type=g&adsafe_url=https%3A%2F%2Fdekor.delfi.ee%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&adsafe_type=d&adsafe_jsinfo=,id:ae2875f5-72f8-b50e-f753-49214f9841d5,c:4dprh1,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-69f5898b7f-n72tm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:153,mot:0,app:0,maw:0,fm:tvRfUdB+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1713*.1347715-69353376%7C17131%7C17132%7C171331%7C17134%7C1714%7C1811%7C1812%7C18131%7C19%7C1a%7C1b%7C1c%7C1d,idMap:1713*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:176,oid:c098eaf2-ac88-11ed-95c8-46adac40971f,v:19.8.394,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 438
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1170fc5bb54a5409804d0f37098c30bcea4a03101686653a2da4cf22ddbf647f
Request Chain 439
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1170fc5bb54a5409804d0f37098c30bcea4a03101686653a2da4cf22ddbf647f
Request Chain 440
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN9Rk53okckJw0_h75qq4H0&google_cver=1
Request Chain 441
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&dcc=t
Request Chain 444
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3a52e9b5-30f9-3f2d-33e73ab8
Request Chain 445
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2db263eb-bda0-4100-95f5-6014c985a428
Request Chain 446
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3507218930593461888
Request Chain 447
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Request Chain 450
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3019568783745404024
Request Chain 451
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB
Request Chain 452
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y_u9oAAFXGLTmwBh HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_u9oAAFXGLTmwBh&_test=Y_u9oAAFXGLTmwBh
Request Chain 453
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAH5s07H13sAACFxawaxvA&expiration=1677603488
Request Chain 454
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329524285247713
Request Chain 455
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e84463eb-bda0-4300-84f8-0dc173e05491
Request Chain 464
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=87e135d3b73947ff84267b415158d608&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
  • https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?tpid=101&tpuid=BBID-01-03511078885440211-16841016
Request Chain 465
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=87e135d3b73947ff84267b415158d608&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
  • https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?tpid=101&tpuid=BBID-01-03511078886128249-16841016
Request Chain 466
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJQMysHoC6Ah3pW16CnbcX8&google_cver=1
Request Chain 467
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&gdpr=1
Request Chain 468
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CFYDvnUSCCU3bdV252ClOcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pyzrIbFE2oLFCdZlBGDQ8K2oCIkmD95dG7hSuQ--~A
Request Chain 469
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&dcc=t
Request Chain 470
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&dcc=t
Request Chain 471
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWQ2YmNjNGQ2ODgyZmU5M2NlMzU4M2QzN2EyODE0Njk4NGYyNzFlZQ&gdpr=1
Request Chain 472
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LE4HMVZW-1Q-M2ZF&gdpr=1
Request Chain 474
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=258281407d3d711a4595ccb901605297f573a9a727a6906d2c43a5e60d03455b&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Request Chain 475
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=258281407d3d711a4595ccb901605297f573a9a727a6906d2c43a5e60d03455b&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Request Chain 478
  • https://track.adform.net/serving/cookie/match/?party=9&uid=eb937fa22c04d0fa571bb6bc8ae76bca4ade00775480261bd6031deb11a356dd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?tpid=42&tpuid=6129535923113100799
Request Chain 479
  • https://track.adform.net/serving/cookie/match/?party=9&uid=eb937fa22c04d0fa571bb6bc8ae76bca4ade00775480261bd6031deb11a356dd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?tpid=42&tpuid=6129535923113100799
Request Chain 480
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=831f52c29d856a63f30481e46824109f5e36cc71bc19e57f9c52d1e4f00b48e7&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5ad3ff57-e6a3-467a-8b50-e87c26a6eba5
Request Chain 481
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=831f52c29d856a63f30481e46824109f5e36cc71bc19e57f9c52d1e4f00b48e7&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5ad3ff57-e6a3-467a-8b50-e87c26a6eba5
Request Chain 484
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=cc2c3aaa2f9acf27c05f309d3a4a1b18531a354dc9ffee90a28d1c4c44398eb3&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=2db263eb-bda0-4100-95f5-6014c985a428
Request Chain 485
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=cc2c3aaa2f9acf27c05f309d3a4a1b18531a354dc9ffee90a28d1c4c44398eb3&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=2db263eb-bda0-4100-95f5-6014c985a428
Request Chain 486
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&tpuid=CAESELtxSFHnNZ_O0_LL1FMGWb4&google_cver=1
Request Chain 487
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fimg HTTP 302
  • https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&tpuid=CAESELtxSFHnNZ_O0_LL1FMGWb4&google_cver=1
Request Chain 488
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Request Chain 489
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Request Chain 492
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=f9abcc07c5da3d9d5cd08d907b6c606be05abdffcc0aa1665d9bc59db592a994&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fjs HTTP 302
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=f9abcc07c5da3d9d5cd08d907b6c606be05abdffcc0aa1665d9bc59db592a994&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fjs&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/js?tpid=48&tpuid=aa607d48864f56e3be0caa02a00fa258
Request Chain 493
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=f9abcc07c5da3d9d5cd08d907b6c606be05abdffcc0aa1665d9bc59db592a994&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fjs HTTP 302
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=f9abcc07c5da3d9d5cd08d907b6c606be05abdffcc0aa1665d9bc59db592a994&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fjs&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/js?tpid=48&tpuid=9d40cf7568a8a65b0eb024f61c99ba53
Request Chain 503
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6129535923113100799
Request Chain 505
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2db263eb-bda0-4100-95f5-6014c985a428&gdpr=0&gdpr_consent=
Request Chain 506
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3221908229510423063
Request Chain 507
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 508
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kxyUJMdLkHeITsgknEvcdMZJxSKIF8Z2wBfqC69w
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cCNo67-TRwKxKVAKx6MDew%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 512
  • https://pixel.onaudience.com/?partner=214&mapped=702368EB-BF93-4702-B129-500AC7A3037B&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 513
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=702368EB-BF93-4702-B129-500AC7A3037B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=702368EB-BF93-4702-B129-500AC7A3037B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=702368EB-BF93-4702-B129-500AC7A3037B&addseg=19,36,42
Request Chain 514
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzAyMzY4RUItQkY5My00NzAyLUIxMjktNTAwQUM3QTMwMzdC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 515
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOFJyjcNx7olaICaEPV938g&google_cver=1
Request Chain 517
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6129535923113100799
Request Chain 522
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6129535923113100799
Request Chain 526
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=6ca7441c-0fb3-402e-89b7-9e22bcaf31da&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
Request Chain 528
  • https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=2db263eb-bda0-4100-95f5-6014c985a428&expires=30&ssp=vidoomy&bsw_param=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&gdpr=0&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd
Request Chain 529
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf HTTP 303
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=6129535923113100799&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Request Chain 535
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3019568783745404024&gdpr=0&gdpr_consent=
Request Chain 536
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7200056941381417105&gdpr=0&gdpr_consent=
Request Chain 537
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=J0FVUZCESRhtjksP7BZXs7nVm6I&gdpr=0&gdpr_consent=
Request Chain 538
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFINXMwN0gxM3NBQUNGeGF3YXh2QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAH5s07H13sAACFxawaxvA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7983959275830541028&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAH5s07H13sAACFxawaxvA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7983959275830541028%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7983959275830541028&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAH5s07H13sAACFxawaxvA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH5s07H13sAACFxawaxvA&gdpr=0&gdpr_consent=
Request Chain 541
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=702368EB-BF93-4702-B129-500AC7A3037B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=702368EB-BF93-4702-B129-500AC7A3037B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 543
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=702368EB-BF93-4702-B129-500AC7A3037B HTTP 302
  • https://a.audrte.com/p
Request Chain 544
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=361324025 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=702368EB-BF93-4702-B129-500AC7A3037B
Request Chain 545
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_afd94998-ec83-4b72-8dc0-b5e758bc6c29&bsw_param=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 547
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=702368EB-BF93-4702-B129-500AC7A3037B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIHCuz9E2uXbZfGQF_0W8HFMGPk1Qa4-~A&gdpr=0

551 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dekor.delfi.ee/ 		639 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
0a76b85e697813fc51676112ff4ea247ac7d642f671c997151678e1611f4afa0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://*.delfi.ee
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
29
cache-control
public, max-age=60
content-encoding
gzip
content-length
94077
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' https://*.delfi.ee
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 16:57:27 GMT
server
DWS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-envoy-upstream-service-time
472
inter.css
g1.nh.ee/fonts/inter/ 		3 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/fonts/inter/inter.css
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
1f4a93acd6eee48d66e7b64e5f8631ea21b6190d013ee7b85debf7ad35efe424

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:49:35 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 10:05:08 GMT
server
DWS
age
502
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
accept-ranges
bytes
content-length
383
expires
Sat, 21 Jan 2023 16:45:43 GMT
roboto.css
g1.nh.ee/fonts/roboto/ 		7 KB
742 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/fonts/roboto/roboto.css
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
46ab61748e150272aab5c0224e72d0c8a3c6df9f40277db62a52f9f7b02ee637

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:43:04 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 09:51:17 GMT
server
DWS
age
22493
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
accept-ranges
bytes
content-length
556
expires
Thu, 09 Mar 2023 10:42:36 GMT
moodnekodu-root-variables-css.css
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/moodnekodu-root-variables-css.css
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
f8b491dadebd033401986d85a2ee758763f22d7516ff9a614ef570a73498d302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:05 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
e05d81c8-2a63-1fd6-bc2e-b8830381bef0
age
52
content-type
text/css
cache-control
max-age=30
accept-ranges
bytes
content-length
3326
main-root-styles.css
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		104 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/main-root-styles.css
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
af3909aa6a6fe89f312d8d34ee3fb59a1cd673f54bfb58744be46a1c5897dde1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:14 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
78541988-d576-1f99-8737-040973e279e8
age
42
content-type
text/css
cache-control
max-age=30
accept-ranges
bytes
content-length
106067
/
g.delfi.ee/scms/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/scms/?g=j
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
39235861d9bc9a21651d032048c05298d7018a1a70de913b10fd48902e0cd339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:44 GMT
content-encoding
gzip
last-modified
Wed, 25 Nov 2015 13:19:47 GMT
server
DWS
age
12
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=1800
accept-ranges
bytes
content-length
33447
expires
Tue, 14 Feb 2023 17:27:44 GMT
adx.js
s1.adform.net/banners/scripts/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:57 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx00000e1a19ebb6cf54ca0-00637b6787-3293aae9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
g.delfi.ee/scms/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/scms/?g=afp.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
34f366db74b3f0394bfef7413c8416176c7a06946ef5352bc97a7f8d4f19da71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:45:54 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 10:11:54 GMT
server
DWS
age
723
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=1800
accept-ranges
bytes
content-length
11482
expires
Tue, 14 Feb 2023 17:15:54 GMT
/
g.delfi.ee/scms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/scms/?g=topbar
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
128fe826f7377e487b7bf20d8a42b8f6c5acdb47def31508215d4e2a92a4e3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:33 GMT
content-encoding
gzip
last-modified
Thu, 19 Dec 2019 07:46:40 GMT
server
DWS
age
24
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=1800
accept-ranges
bytes
content-length
1288
expires
Tue, 14 Feb 2023 17:27:33 GMT
c.js
g1.nh.ee/js/ 		698 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/js/c.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
859ca09d35e47fed4262ed3230d408da83dc76731555d4a22663f8f54ab61b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:48:37 GMT
content-encoding
gzip
last-modified
Thu, 13 Sep 2018 07:36:30 GMT
server
DWS
age
560
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
accept-ranges
bytes
content-length
430
expires
Sat, 21 Jan 2023 16:45:43 GMT
track_banners_init.js
cdn.cxense.com/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/track_banners_init.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2b2f95356652b862c3994e8425b07a396418c62aecce8c63ca20639064de0fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:57:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Feb 2023 07:20:00 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6300
Expires
Tue, 14 Feb 2023 17:57:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48aff1d666f53f7b69d718cbe52234a90665daed42bd1ce545cc945e8082a802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49747
x-xss-protection
0
server
cafe
etag
3612522595229470793
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Feb 2023 16:57:58 GMT
runtime.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
bcec855983d0f91c80b990053d4984b799ba8c14dcf3a210ddefed9cf88c2c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:13 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:16 GMT
server
DWS
x-amz-request-id
a0c62444-422f-1f8e-a501-b8830381eeb0
age
44
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
8532
app.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/commons/ 		284 KB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/commons/app.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
96a98f9460ee711db398da161bd1176038788cc112090705e132c43868b2613f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:14 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
517ff64e-3143-1fe8-be5f-9440c9becf54
age
43
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
290530
app.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/ 		884 KB
885 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
d145253703a360ab1651a59ec9f675663831918d541515720bddbc7ac85a6005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:13 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:16 GMT
server
DWS
x-amz-request-id
e05d8550-2a63-1fd6-bc2e-b8830381bef0
age
44
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
905441
app.css
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		153 KB
154 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.css
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
081a5bd68c731a03d33c0531b8f3605b427d25b3d363ed57d561ccf31a8a1127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:14 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
d6595d94-fe7f-1fb6-a306-9440c9b74b80
age
43
content-type
text/css
cache-control
max-age=30
accept-ranges
bytes
content-length
157067
app.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		925 KB
926 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
ed58ac34535ea8ee1a46f4ec3eb69da7a4d2b9a744ddb3abf46015ae4f813293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:10 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
7854141e-d576-1f99-8737-040973e279e8
age
47
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
947519
Frontpage.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Frontpage.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
98dc160dfed39fda5ff70fb2c4bbbdfe36bfe85a618bec19d7d791327dd466cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:15 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
7854199e-d576-1f99-8737-040973e279e8
age
41
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
8039
Frontpage.css
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Category/page/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Category/page/Frontpage.css
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
d6d360fbeb75b28351d8a4f41cb0714cbabdf52eb253bf643d877972f901cbf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:15 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
a0c6282e-422f-1f8e-a501-b8830381eeb0
age
42
content-type
text/css
cache-control
max-age=30
accept-ranges
bytes
content-length
1945
Frontpage.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Category/page/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Category/page/Frontpage.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
45e9a7d593ad90119c54535c776a7f09c8974be37724d569eda2515fc830703b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:15 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
517ff7ac-3143-1fe8-be5f-9440c9becf54
age
41
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
14952
dekor.svg
h.delfi.ee/g/l/svg/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.delfi.ee/g/l/svg/dekor.svg
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
4f0e56016291fb04cf08d069e25d2d5a522943ca215eabc22b245925d63d0569

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:05:21 GMT
content-encoding
gzip
last-modified
Wed, 27 Jan 2021 14:41:50 GMT
server
DWS
age
3156
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2930
expires
Sat, 31 Dec 2022 16:46:40 GMT
BIIJ4A_home-v2.svg
g1.nh.ee/wd/f/16538/ 		1 KB
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/16538/BIIJ4A_home-v2.svg
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
cdd9258e1dff12b31b6033b9062f211ca59beba17e118ad46d2363b376b213d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:53:17 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 12:46:06 GMT
server
DWS
age
280
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
628
expires
Sat, 21 Jan 2023 16:45:56 GMT
FA9XYQ_home-active-v2.svg
g1.nh.ee/wd/f/16538/ 		627 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/16538/FA9XYQ_home-active-v2.svg
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
6f60b024b9991c6c8235adc277353ad6624bfa4f2c3384e1ee1e107131dcb5de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:41:06 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 12:46:06 GMT
server
DWS
age
1010
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
358
expires
Sat, 21 Jan 2023 16:45:56 GMT
HAY962_all-news.svg
g1.nh.ee/wd/f/16538/ 		911 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/16538/HAY962_all-news.svg
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
b318b43a62302eba28a5b555ac5bf701feb1c17717036f6ca1f4c706ad941a28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:31:38 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:21:38 GMT
server
DWS
age
1579
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
326
expires
Sat, 21 Jan 2023 16:46:05 GMT
3P4MES_all-news-active.svg
g1.nh.ee/wd/f/16538/ 		1 KB
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/16538/3P4MES_all-news-active.svg
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
7665a78398ac9159d54d1ebca3f257a5fbe564425cbef3492508e288c0439cb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:31:38 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:21:38 GMT
server
DWS
age
1579
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
346
expires
Sat, 21 Jan 2023 16:45:56 GMT
ZCN8AD_bublik.svg
g1.nh.ee/wd/f/16538/ 		1 KB
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/16538/ZCN8AD_bublik.svg
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
80006734e4dbd5a0e60f885b1d9c9b5d440bf496e80b254238dc20271272352b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:31:38 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:21:38 GMT
server
DWS
age
1579
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
391
expires
Sat, 21 Jan 2023 16:45:56 GMT
GTKMQD_bublik-active.svg
g1.nh.ee/wd/f/16538/ 		1 KB
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/16538/GTKMQD_bublik-active.svg
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
808e6c1287361172a67028f278c1d530fbb90923d433047b5b350a06bfa9c12f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:31:38 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:21:38 GMT
server
DWS
age
1579
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
390
expires
Sat, 21 Jan 2023 16:45:56 GMT
U7TWEY_sport.svg
g1.nh.ee/wd/f/16538/ 		901 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/16538/U7TWEY_sport.svg
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
0113743e37aa07d12dd6d38d0faa2ffa9dbd0baff8d3c389a512e5a4ea2b9ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:08:47 GMT
content-encoding
gzip
last-modified
Tue, 31 Jan 2023 14:56:27 GMT
server
DWS
age
2950
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
347
expires
Tue, 07 Mar 2023 14:59:27 GMT
K8FQJD_sport-active.svg
g1.nh.ee/wd/f/16538/ 		2 KB
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/16538/K8FQJD_sport-active.svg
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
44d24cfbd544a681ebcc61438641cbc17722f3274866752eedb82625ddf058d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:08:47 GMT
content-encoding
gzip
last-modified
Tue, 31 Jan 2023 14:56:27 GMT
server
DWS
age
2950
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
708
expires
Tue, 07 Mar 2023 14:59:27 GMT
inter-v7-latin-ext_latin-regular.woff2
g1.nh.ee/fonts/inter/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/fonts/inter/inter-v7-latin-ext_latin-regular.woff2
Requested by
Host: g1.nh.ee
URL: https://g1.nh.ee/fonts/inter/inter.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5

Request headers

Referer
https://g1.nh.ee/fonts/inter/inter.css
Origin
https://dekor.delfi.ee
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:53:50 GMT
last-modified
Wed, 23 Feb 2022 08:03:32 GMT
server
DWS
age
247
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
33580
expires
Sat, 21 Jan 2023 16:45:40 GMT
inter-v7-latin-ext_latin-600.woff2
g1.nh.ee/fonts/inter/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/fonts/inter/inter-v7-latin-ext_latin-600.woff2
Requested by
Host: g1.nh.ee
URL: https://g1.nh.ee/fonts/inter/inter.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812

Request headers

Referer
https://g1.nh.ee/fonts/inter/inter.css
Origin
https://dekor.delfi.ee
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:53:50 GMT
last-modified
Wed, 23 Feb 2022 08:03:32 GMT
server
DWS
age
247
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
36488
expires
Sat, 21 Jan 2023 16:43:46 GMT
inter-v7-latin-ext_latin-500.woff2
g1.nh.ee/fonts/inter/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/fonts/inter/inter-v7-latin-ext_latin-500.woff2
Requested by
Host: g1.nh.ee
URL: https://g1.nh.ee/fonts/inter/inter.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2

Request headers

Referer
https://g1.nh.ee/fonts/inter/inter.css
Origin
https://dekor.delfi.ee
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:53:43 GMT
last-modified
Wed, 23 Feb 2022 08:03:32 GMT
server
DWS
age
254
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
36304
expires
Sat, 21 Jan 2023 16:45:40 GMT
inter-v7-latin-ext_latin-700.woff2
g1.nh.ee/fonts/inter/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/fonts/inter/inter-v7-latin-ext_latin-700.woff2
Requested by
Host: g1.nh.ee
URL: https://g1.nh.ee/fonts/inter/inter.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a

Request headers

Referer
https://g1.nh.ee/fonts/inter/inter.css
Origin
https://dekor.delfi.ee
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:54:01 GMT
last-modified
Wed, 23 Feb 2022 08:03:32 GMT
server
DWS
age
236
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
36520
expires
Sat, 21 Jan 2023 16:45:46 GMT
roboto-v29-latin-ext_latin_cyrillic-regular.woff2
g1.nh.ee/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/fonts/roboto/roboto-v29-latin-ext_latin_cyrillic-regular.woff2
Requested by
Host: g1.nh.ee
URL: https://g1.nh.ee/fonts/roboto/roboto.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Referer
https://g1.nh.ee/fonts/roboto/roboto.css
Origin
https://dekor.delfi.ee
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:55:42 GMT
last-modified
Wed, 23 Feb 2022 07:47:34 GMT
server
DWS
age
135
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
50240
expires
Sat, 21 Jan 2023 16:45:40 GMT
5b50b7b0-ac6e-11ed-8cc3-0b68733b66fa.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/5b50b7b0-ac6e-11ed-8cc3-0b68733b66fa.jpg?noup&w=1200&h=450&ch=0.3746&cw=1&cx=0&cy=0.3807&r=16:9
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
fa54f89966969c8efda97a165feefc2191b78f5d8d0800217a712507e56ce360

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:07:51 GMT
server
DWS
age
10206
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
68
accept-ranges
bytes
content-length
97773
0efa0fa0-abb6-11ed-b6c5-ddb8ace890f6.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/0efa0fa0-abb6-11ed-b6c5-ddb8ace890f6.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
d7376900ed06e630d37f2d3fc0b8305400072836275c9c070a0b7cdfd79d8d3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:35:43 GMT
server
DWS
age
1334
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
149
accept-ranges
bytes
content-length
194238
4c33af60-8510-11ed-b72b-01ddf5a7b220.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/4c33af60-8510-11ed-b72b-01ddf5a7b220.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
d4256d63b2a57d8cf4fdea040ae35a01e762c85644b964c7e0a454448c1dc0b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:40:54 GMT
server
DWS
age
11823
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
42
accept-ranges
bytes
content-length
132759
ae8393f0-ab77-11ed-95fb-239baa76afc6.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/ae8393f0-ab77-11ed-95fb-239baa76afc6.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
e75c85bf47f2dd4a26bd3ed7cfc867047539c5c95fe5e809271cec0078bccc8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:31:57 GMT
server
DWS
age
1560
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
108
accept-ranges
bytes
content-length
159936
a5a013a0-3dc0-11ed-ba2e-eba81a7812cc.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		159 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/a5a013a0-3dc0-11ed-ba2e-eba81a7812cc.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
a33c3749cbeefbb4b745b0966a5f8d6125b4f3bb779416491059c2e4a61aef0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:28:22 GMT
server
DWS
age
12575
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
234
accept-ranges
bytes
content-length
162793
d48d6160-a970-11ed-a6ca-7910cd193c39.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		285 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/d48d6160-a970-11ed-a6ca-7910cd193c39.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
e31e156ac243c4707ca5e03e1470d7a17c870afe5ecfa5e337c79a5765a5351b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:58:33 GMT
server
DWS
age
10764
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
162
accept-ranges
bytes
content-length
291539
b6b9be00-a974-11ed-a6ca-7910cd193c39.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/b6b9be00-a974-11ed-a6ca-7910cd193c39.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
a6dd4c92bf9ff88b1c1a5640b447412726139322acb924812ffce7b153811f6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:31:56 GMT
server
DWS
age
1561
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
122
accept-ranges
bytes
content-length
76222
c217d610-a6ef-11ed-a6ca-7910cd193c39.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/c217d610-a6ef-11ed-a6ca-7910cd193c39.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
66b0b91e982db62ea6b5439ea192f5ba5e7d4ffd99fe098a89fbf79b4836c472

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:21:50 GMT
server
DWS
age
12968
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
94
accept-ranges
bytes
content-length
61121
81bfac40-a97a-11ed-92ef-9979847b0d0d.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/81bfac40-a97a-11ed-92ef-9979847b0d0d.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
8c3934d35760a650d44b3116e9df6ad49ce597da426fdfe72cc32ca6c10c52bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:28 GMT
server
DWS
age
30
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
125
accept-ranges
bytes
content-length
55715
7af7a6d0-a97d-11ed-b67f-9ff6f4052bec.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/7af7a6d0-a97d-11ed-b67f-9ff6f4052bec.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
4d8a252b3c1ea2559fdd3786da4f32b182d9a780533315103bffbd6aa81b0498

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:07:51 GMT
server
DWS
age
10207
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
170
accept-ranges
bytes
content-length
118039
8700d350-a966-11ed-92ef-9979847b0d0d.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/8700d350-a966-11ed-92ef-9979847b0d0d.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
8acc4ecd21841390489dc022ab190c753b64c363185a99d45cceba3e23b3888c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:57:20 GMT
server
DWS
age
3637
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
160
accept-ranges
bytes
content-length
91265
59984fe0-1fb1-11ed-ac79-6995a85377a1.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		260 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/59984fe0-1fb1-11ed-ac79-6995a85377a1.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
2ffb6db274553f1e53040cbd9cef4e8a4823d0048cfb7754326273128acbbd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:08:03 GMT
server
DWS
age
13794
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
128
accept-ranges
bytes
content-length
265735
2ca6a300-a941-11ed-92ef-9979847b0d0d.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/2ca6a300-a941-11ed-92ef-9979847b0d0d.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
1810a6403b291b58492325c75efebcb58e1ce8469ba9b3804a293cd0829f1a51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:08:16 GMT
server
DWS
age
10181
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
118
accept-ranges
bytes
content-length
100045
6ab3b800-9b08-11ed-954c-11448e8db3b2.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/6ab3b800-9b08-11ed-954c-11448e8db3b2.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
b5b4f4c535f52ae39f2476d0fc3758c8db87f9b21f4b9a10cbeb501fa5d778cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:08:16 GMT
server
DWS
age
10181
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
130
accept-ranges
bytes
content-length
202899
961b1bc0-bbf6-11eb-9f43-df74a882a1bf.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/961b1bc0-bbf6-11eb-9f43-df74a882a1bf.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
04bcd678f7cbb4f1c0e335a9d19b38b0f41a9cd61ec1c59cd27c648d8ea31661

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:35:13 GMT
server
DWS
age
1364
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
132
accept-ranges
bytes
content-length
54773
5daf3470-ab9a-11ed-a6ca-7910cd193c39.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/5daf3470-ab9a-11ed-a6ca-7910cd193c39.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
3a4e93e9b0405c363a153d924c6e6e9a269c19363efc1f86bb1214ec0733be53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:43:51 GMT
server
DWS
age
4446
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
134
accept-ranges
bytes
content-length
57658
9f5fadb0-bd16-11eb-aab3-9363fd9b29b8.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/9f5fadb0-bd16-11eb-aab3-9363fd9b29b8.jpg?noup&w=882&h=496&ch=0.498&cw=0.5903&cx=0.3496&cy=0.1467&r=16:9
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
08a0669e6eccef3240a6c2e11da33d69a45a19fe97a12769518cbf550087c910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:25:25 GMT
server
DWS
age
12753
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
71
accept-ranges
bytes
content-length
69954
4e55f0d0-a8b7-11ed-8e5a-611b2bf8de56.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/4e55f0d0-a8b7-11ed-8e5a-611b2bf8de56.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
251696d5f38629eb591e510befe0d10e64e2f56916538013f3cba6c530f97929

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:08:13 GMT
server
DWS
age
13785
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
127
accept-ranges
bytes
content-length
170931
99ab3380-a874-11ed-8e5a-611b2bf8de56.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/99ab3380-a874-11ed-8e5a-611b2bf8de56.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
c6e9f1ded43f6bf0b1c1932404478ecbaef9dea0d804a4e764286dc6bcc091e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:13:23 GMT
server
DWS
age
13475
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
132
accept-ranges
bytes
content-length
120599
69f55510-a871-11ed-a21f-39b2de1ab402.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/69f55510-a871-11ed-a21f-39b2de1ab402.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
86f280a49df7f3f2ecfcbb9f0b2e3b24021b601a8cb97ea2bb166de26b4f8ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:28 GMT
server
DWS
age
30
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
91
accept-ranges
bytes
content-length
110988
b0982a50-a7cd-11ed-8f4c-ddf58cadafe4.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/b0982a50-a7cd-11ed-8f4c-ddf58cadafe4.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
24f3faaf4e5e2e7d742610d896743273c500aae0617c4627f139d535621648fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:15:23 GMT
server
DWS
age
13355
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
148
accept-ranges
bytes
content-length
65065
4f6af8b0-e195-11ec-b539-e31eb340972d.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/4f6af8b0-e195-11ec-b539-e31eb340972d.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
fe64a48d3bbecfe9f1b630e910a4f655a2e2dc42550cad62a59bf473cc2b9503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:15:23 GMT
server
DWS
age
13355
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
118
accept-ranges
bytes
content-length
76470
94fd5830-a78a-11ed-b6c5-ddb8ace890f6.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/94fd5830-a78a-11ed-b6c5-ddb8ace890f6.jpg?noup&w=1264&h=711&ch=0.9&cw=1&cx=0&cy=0.0386&r=16:9
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
c73b60cbdff28b19e5d19eecddb1c579391360e90145687f11024fdcae9716fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:21:50 GMT
server
DWS
age
12968
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
122
accept-ranges
bytes
content-length
109997
bf308510-a725-11ed-9c30-8f7d856304bd.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/bf308510-a725-11ed-9c30-8f7d856304bd.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
6c20331abdc043852ae7e985502e211d4edb4d7f55f0af21791658c0cab03557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:15:26 GMT
server
DWS
age
13352
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
116
accept-ranges
bytes
content-length
111822
8e2b8770-a6cc-11ed-af7a-a5e01c4c5e91.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/8e2b8770-a6cc-11ed-af7a-a5e01c4c5e91.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
ed1a6f20d6b26f15244630b9355842a1f206b2179873bc30df040e6e2e2eab82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:15:26 GMT
server
DWS
age
13352
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
152
accept-ranges
bytes
content-length
167669
913bcc20-a6b5-11ed-af7a-a5e01c4c5e91.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/913bcc20-a6b5-11ed-af7a-a5e01c4c5e91.jpg?noup&w=1264&h=711
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
988e27f42a1d2f659130dde78bbec44060cf1a8e3c0b7a21e118387056bb2c8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:51:11 GMT
server
DWS
age
7606
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
124
accept-ranges
bytes
content-length
236031
fe6c9a20-a653-11ed-ba72-f7a8fa818d53.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/fe6c9a20-a653-11ed-ba72-f7a8fa818d53.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
f90348af51b4aa0d28a64008d1e52de5c65cdcae03726b347a98db2e6514102e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:36:19 GMT
server
DWS
age
12099
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
289
accept-ranges
bytes
content-length
88043
bb122a40-a614-11ed-ba72-f7a8fa818d53.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/bb122a40-a614-11ed-ba72-f7a8fa818d53.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
943ce8a6b3f4050ec3051bf0c0568212216a2d7ffac33b0ffc1120206899c518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:36:19 GMT
server
DWS
age
12099
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
320
accept-ranges
bytes
content-length
110919
582bf1c0-b996-11eb-91fd-ad4b35308b0e.jpg
api.delfi.ee/media-api-image-cropper/v1/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.delfi.ee/media-api-image-cropper/v1/582bf1c0-b996-11eb-91fd-ad4b35308b0e.jpg?noup&w=882&h=496
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
9c0c60164a6c62ed5403f3355809187f907639e048cafc24a6d8d3ba87f76060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:13:53 GMT
server
DWS
age
13445
content-type
image/jpg
access-control-allow-origin
*
cache-control
public,max-age=7200
x-envoy-upstream-service-time
124
accept-ranges
bytes
content-length
95955
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/ 		365 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5295995486288553&plah=dekor.delfi.ee
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79653416f8da556b5c2e7fe5072f81682fe0b6ff4d40089468c0a2fa8fa9ec29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122940
x-xss-protection
0
server
cafe
etag
8761833095776180619
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Feb 2023 16:57:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230209/r20190131/ Frame 7843 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230209/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35803
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 07:01:15 GMT
etag
10353107486223812946
expires
Tue, 28 Feb 2023 07:01:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		383 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dekor.delfi.ee&callback=_gfp_s_&client=ca-pub-5295995486288553
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5295995486288553&plah=dekor.delfi.ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89053367ca0471a50274294eacfc92059c28fbd72c823ac79ca61682d19cb96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dekor.delfi.ee
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5295995486288553&plah=dekor.delfi.ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dekor.delfi.ee
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5295995486288553&plah=dekor.delfi.ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4439 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5295995486288553&output=html&adk=1812271804&adf=3025194257&lmt=1676393878&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdekor.delfi.ee%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676393878346&bpp=4&bdt=741&idt=296&shv=r20230209&mjsv=m202302080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4919503840672&frm=20&pv=2&ga_vid=835921100.1676393879&ga_sid=1676393879&ga_hid=1753315872&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44779794&oid=2&pvsid=1308697954452468&tmod=930262455&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=363
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5295995486288553&plah=dekor.delfi.ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:57:58 GMT
expires
Tue, 14 Feb 2023 16:57:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie
api.delfi.ee/login/v2/ 		31 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.delfi.ee/login/v2/cookie
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
257ee1e2ce38b9c99ba80cc4e2608f0597ff4fb6e7831aa6a5822270826466df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-correlation-id
c8d3e8f1-9bcf-40a2-a675-c47ffe39f1c2
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 16:57:59 GMT
x-permitted-cross-domain-policies
none
age
0
x-dns-prefetch-control
off
x-envoy-upstream-service-time
2
content-length
31
x-xss-protection
0
referrer-policy
no-referrer
server
DWS
expect-ct
max-age=0
vary
Origin, Accept-Encoding
x-download-options
noopen
access-control-allow-origin
https://dekor.delfi.ee
access-control-expose-headers
set-cookie
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
Frontpage.css
ee-production-portal-root-3dc.s3.delfi.net/1.3.39/page/Category/page/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.net/1.3.39/page/Category/page/Frontpage.css
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
d6d360fbeb75b28351d8a4f41cb0714cbabdf52eb253bf643d877972f901cbf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:53 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
d6596bec-fe7f-1fb6-a306-9440c9b74b80
age
6
content-type
text/css
cache-control
max-age=30
accept-ranges
bytes
content-length
1945
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230209&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5295995486288553&plah=dekor.delfi.ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abf86ee36738da2b8035276a38f8b6f8d6b262cc799b5f2844c57f60db00e2da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11188
x-xss-protection
0
api.js
apis.google.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea12dfa0a21ef0aff014277a2a2f37e1cdb77aa0d12418d163d32a24236228f1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 16:58:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6890
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"54342ea4be5fb089"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Feb 2023 16:58:00 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.42.191 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-42-191.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 14 Feb 2023 16:58:00 GMT
Last-Modified
Mon, 06 Feb 2023 17:47:00 GMT
Server
Apple
ETag
W/"42671-1675705620399"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17247
portal-root-ru_EE-json.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/portal-root-ru_EE-json.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
3fc322dcef5cb6e553b9157653cc74e88099e5f6aabefedf52eae368c99dbb0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:31 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:16 GMT
server
DWS
x-amz-request-id
10c3becd-ff4e-1fff-91e8-9440c97bf980
age
28
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
14897
portal-core-ru_EE-json.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/portal-core-ru_EE-json.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
8d25400c3d89a2d74221a25fb66c122f94365ee8d4ffbe2622cbad64ddc4f745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:44 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:16 GMT
server
DWS
x-amz-request-id
8af14b00-f3bd-1f12-8226-b88303829368
age
15
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
1080
portal-paywall-ru_EE-json.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/portal-paywall-ru_EE-json.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
bb96d5bb2d91fce2c8edd688d10c4f34cccab84083fa2282073b6a544f1ab514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:38 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:16 GMT
server
DWS
x-amz-request-id
c13c8d5f-ffd2-1fff-af9f-9440c97bf970
age
21
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
2887
portal-login-ru_EE-json.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/portal-login-ru_EE-json.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
53acd1d23d0957fe5dc1d36964cc501e65e3522406a29106d8fadcf02ec9142f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:20 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:16 GMT
server
DWS
x-amz-request-id
a0c62a88-422f-1f8e-a501-b8830381eeb0
age
40
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
8490
portal-Media-ru_EE-json.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/ 		220 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/portal-Media-ru_EE-json.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
98cd0f1162423e25e30f3146d59a282867582c86ed028cf2ac5e9b380a331f61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:20 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:16 GMT
server
DWS
x-amz-request-id
78541b22-d576-1f99-8737-040973e279e8
age
40
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
220
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5295995486288553&plah=dekor.delfi.ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 16:58:00 GMT
get-server-cookie
dekor.delfi.ee/api/ 		37 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dekor.delfi.ee/api/get-server-cookie
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
f42c0f8f346250ff215abbf141f82ce17d469f20bb5f38f7a0bc234060ae7b6f

Request headers

Accept
application/json, text/plain, */*
Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
gzip
x-envoy-upstream-service-time
13
server
DWS
age
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
get-server-cookie
dekor.delfi.ee/api/ 		37 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dekor.delfi.ee/api/get-server-cookie
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
f42c0f8f346250ff215abbf141f82ce17d469f20bb5f38f7a0bc234060ae7b6f

Request headers

Accept
application/json, text/plain, */*
Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
gzip
x-envoy-upstream-service-time
4
server
DWS
age
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
roboto-v29-latin-ext_latin_cyrillic-500.woff2
g1.nh.ee/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/fonts/roboto/roboto-v29-latin-ext_latin_cyrillic-500.woff2
Requested by
Host: g1.nh.ee
URL: https://g1.nh.ee/fonts/roboto/roboto.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75

Request headers

Referer
https://g1.nh.ee/fonts/roboto/roboto.css
Origin
https://dekor.delfi.ee
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:36 GMT
last-modified
Wed, 23 Feb 2022 07:47:34 GMT
server
DWS
age
23
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
50460
expires
Sat, 21 Jan 2023 16:45:42 GMT
adx.js
s1.adform.net/banners/scripts/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: g.delfi.ee
URL: https://g.delfi.ee/scms/?g=j
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx00000e1a19ebb6cf54ca0-00637b6787-3293aae9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 15:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6354
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 14 Feb 2023 17:12:06 GMT
/
g.delfi.ee/scms/ 		471 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/scms/?g=t
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
46bfcc499b55652cd794cfe8e7cedf8c301f90784055eda4cc5ff77e1b2c8c98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:40 GMT
content-encoding
gzip
last-modified
Thu, 13 Sep 2018 07:36:30 GMT
server
DWS
age
19
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=1800
accept-ranges
bytes
content-length
324
expires
Tue, 14 Feb 2023 17:27:40 GMT
xgemius.js
sgaee.hit.gemius.pl/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sgaee.hit.gemius.pl/xgemius.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.21.33 , France, ASN16276 (OVH, FR),
Reverse DNS
ip33.ip-146-59-21.eu
Software
GHC /
Resource Hash
1791cec4211d0c92c1a80e5a47e105627d42eeb8e1ebd8e837243800f7fe1c8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
gzip
last-modified
Mon, 13 Feb 2023 08:59:41 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
17134
expires
Wed, 15 Feb 2023 04:58:00 GMT
t.js
s.delfi.ee/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.delfi.ee/t.js?instanced
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.54.110.135 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
tracker /
Resource Hash
034759a545e372f8668347d5b9c8c6f1b32f6fed8249ff6df729ffb019e0aaf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
gzip
server
tracker
etag
"gz+A0dZpUXjcvhmg0fVucjG8bMvb+2CSf9t9yn/sBngqvA="
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
content-length
3763
zwxr83yw.js
l.getsitecontrol.com/ 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/zwxr83yw.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
BunnyCDN-AT1-731 /
Resource Hash
578df5aea91ff2cc8fb30ed380cc68137bf9f92ad755cfeb73d1e1c0929953bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
br
cdn-edgestorageid
731
x-amz-request-id
E29ZTJN7E04KBKAF
cdn-cachedat
02/11/2023 19:24:54
cdn-pullzone
89704
x-amz-id-2
zm00NMaV9rboRhLtnz+/dSsN5qguYL80tVIXBKHFdkoQ5SNsOuXars/4dPIg25KNf5xnzTS5UEg=
last-modified
Wed, 04 Jan 2023 11:41:33 GMT
server
BunnyCDN-AT1-731
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"af8b7a6b724f387d4e93b9db21a9a917"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
033efffd6b8a3efb4e0163e49ebe93c6
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
dhcdwcu0be
www.clarity.ms/tag/ 		721 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/dhcdwcu0be
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9902d2306f452022956d113268414d57ac0183fa038a24124a6af2de49016baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
application/x-javascript
date
Tue, 14 Feb 2023 16:58:00 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0mL3rYwAAAAD4Rr6mGqFBQrDTtio/bnqrRlJBMzFFREdFMDkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
cx.js
scdn.cxense.com/ 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.cxense.com/cx.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:391::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
da99004a3dd3736a976dbff7dfe56ebf70076475ba4e60d67506dead66e38ee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:58:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Jan 2023 05:10:31 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34709
Expires
Tue, 14 Feb 2023 17:58:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Feb 2023 16:58:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
txcvRaUSwgzXwy6oA2jUyDIkSW0DXKo8Lb9Yfoo4e4jYAwI8SPgE3GbU2It5yKxerRwFI00usB8tyChzOMD66Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
delfi.svg
h.delfi.ee/g/l/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.delfi.ee/g/l/svg/delfi.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
52036e323fca4d2cb6f0fee2d99bc0cff78cda2dfdded17e8280d92fc833e73c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:10:34 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 08:24:55 GMT
server
DWS
age
2846
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1686
expires
Sat, 31 Dec 2022 16:45:56 GMT
non-tcf-partners.json
dekor.delfi.ee/api/ 		2 KB
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dekor.delfi.ee/api/non-tcf-partners.json?ids[]=864&ids[]=89&ids[]=108&ids[]=1205&ids[]=326&ids[]=2677&ids[]=2046
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
ffbbe56bf8e357b215eafea3a0c591db1bfb363bb956399f0d5a9c0398faca29

Request headers

Accept
application/json, text/plain, */*
Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:55:40 GMT
content-encoding
gzip
server
DWS
age
140
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=604800
x-envoy-upstream-service-time
6
accept-ranges
bytes
content-length
590
header_img_left.15c0824.png
ee-production-portal-root-3dc.s3.delfi.net/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ee-production-portal-root-3dc.s3.delfi.net/img/header_img_left.15c0824.png
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
6b1a904496300b3e8367894aab2c9769af60c1bf58f349bd68938afb124db13c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ee-production-portal-root-3dc.s3.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:41:34 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:16 GMT
server
DWS
x-amz-request-id
a0c46fd2-422f-1f8e-a501-b8830381eeb0
age
985
content-type
image/png
cache-control
max-age=30
accept-ranges
bytes
content-length
8538
header_img_right.bf34fab.png
ee-production-portal-root-3dc.s3.delfi.net/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ee-production-portal-root-3dc.s3.delfi.net/img/header_img_right.bf34fab.png
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
60031fc7e21875f8d8e7e5275c013427dd04707dc262732711ac2c5e5f87b1e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ee-production-portal-root-3dc.s3.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:41:34 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:16 GMT
server
DWS
x-amz-request-id
c8f15368-f1b2-1fe7-be5f-9440c9becf54
age
985
content-type
image/png
cache-control
max-age=30
accept-ranges
bytes
content-length
9460
/
adx.adform.net/adx/ Frame 8908 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=562979&mkw=channel_vue,channel_dekor,logged_out,channel_frontpage,dekor_frontpage&mkv=channel:dekor,network:4g,screen_width:1600,screen_height:1200,locale:et_EE,position:pos_001,chn_pos:dekor_001,chn_fp_pos:dekor_001&adid=57735dcf-d89c-4cf6-b132-857d48b8b4b2
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f6c42d9e5fcaf58b27955d50545a7c093fc1324462e08160ec1e2460b50b864d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 		314 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7764c27fef5c3adde7c0ca7a3b4de6122a5ac205500946a7805a65d494c92133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109730
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Feb 2024 04:51:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3018 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 10:35:43 GMT
expires
Wed, 14 Feb 2024 10:35:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BDEC 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
61ea6d2146faefbfa5bac6c6b818e59cd41c5730afb968b6617c27c1d0f53a73
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JnczQxfYf_Vg7Spjr1cP3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-JnczQxfYf_Vg7Spjr1cP3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:00 GMT
expires
Tue, 14 Feb 2023 16:58:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
_d
ts.delfi.ee/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ts.delfi.ee/_d?s=dekor&u=https%3A//dekor.delfi.ee/&h=&r=&t=1676393880573
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
server
DWS
age
0
content-type
image/gif
cache-control
post-check=0, must-revalidate, no-store, no-cache, pre-check=0
content-length
43
expires
0
1884980121754918
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1884980121754918?v=2.9.95&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1105d5809e54d7baedd88406d9e72c240a38d60e1f894ab9affb0568eae29859
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Feb 2023 16:58:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110201
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
bIOIj2QqZQMYWePKMhnZsZscKizN4UUmQSngQ3qxuIW3BHci/snDqrQ0h3g39wDvnqCeY4wNSGz/zjzO0ArsQA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
adx.adform.net/adx/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTQzNTYxMiZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9kZWtvcixsb2dnZWRfb3V0LGNoYW5uZWxfZnJvbnRwYWdlLGRla29yX2Zyb250cGFnZSZta3Y9Y2hhbm5lbDpkZWtvcixuZXR3b3JrOjRnLHNjcmVlbl93aWR0aDoxNjAwLHNjcmVlbl9oZWlnaHQ6MTIwMCxsb2NhbGU6ZXRfRUUscG9zaXRpb246cG9zXzAwMSxjaG5fcG9zOmRla29yXzAwMSxjaG5fZnBfcG9zOmRla29yXzAwMQ&bWlkPTQ1MTQzNCZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9kZWtvcixsb2dnZWRfb3V0LGNoYW5uZWxfZnJvbnRwYWdlLGRla29yX2Zyb250cGFnZSZta3Y9Y2hhbm5lbDpkZWtvcixuZXR3b3JrOjRnLHNjcmVlbl93aWR0aDoxNjAwLHNjcmVlbl9oZWlnaHQ6MTIwMCxsb2NhbGU6ZXRfRUUscG9zaXRpb246cG9zXzAwMSxjaG5fcG9zOmRla29yXzAwMSxjaG5fZnBfcG9zOmRla29yXzAwMQ&bWlkPTk1NDg5NiZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9kZWtvcixsb2dnZWRfb3V0LGNoYW5uZWxfZnJvbnRwYWdlLGRla29yX2Zyb250cGFnZSZta3Y9Y2hhbm5lbDpkZWtvcixuZXR3b3JrOjRnLHNjcmVlbl93aWR0aDoxNjAwLHNjcmVlbl9oZWlnaHQ6MTIwMCxsb2NhbGU6ZXRfRUUscG9zaXRpb246cG9zXzAwMSxjaG5fcG9zOmRla29yXzAwMSxjaG5fZnBfcG9zOmRla29yXzAwMQ&bWlkPTk1NDg5MiZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9kZWtvcixsb2dnZWRfb3V0LGNoYW5uZWxfZnJvbnRwYWdlLGRla29yX2Zyb250cGFnZSZta3Y9Y2hhbm5lbDpkZWtvcixuZXR3b3JrOjRnLHNjcmVlbl93aWR0aDoxNjAwLHNjcmVlbl9oZWlnaHQ6MTIwMCxsb2NhbGU6ZXRfRUUscG9zaXRpb246cG9zXzAwMSxjaG5fcG9zOmRla29yXzAwMSxjaG5fZnBfcG9zOmRla29yXzAwMQ&adid=57735dcf-d89c-4cf6-b132-857d48b8b4b2&url=https%3A%2F%2Fdekor.delfi.ee%2F&callback=_adform_cb_1676393880596_8515966073704906
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
797b49f272d46e3b075cc18c6f8e4ecdbe7a5d3239e2576d2161099e13898648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
Category.css
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Category.css
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
1b9be055b4ebf8a9600730423bf4c7e1287e14adcc63386feba3e506fff84432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:23 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
10c3bcdf-ff4e-1fff-91e8-9440c97bf980
age
37
content-type
text/css
cache-control
max-age=30
accept-ranges
bytes
content-length
1520
Category.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Category.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
35497c029304e711703af33f1bc415b3db4f854b6c7e6e24a489221cf40c44c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:23 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
2c633710-41ce-1ffa-b6ba-9440c9b75b50
age
36
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
15038
ArticleBase.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ 		338 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ArticleBase.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
a8aa8dca6d3f41f762764727d05a94e5777de9bce6f31fd4fe5e051c810a60dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
d6595c0a-fe7f-1fb6-a306-9440c9b74b80
age
48
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
338
Issue.css
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Article/page/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Article/page/Issue.css
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
0ff6e3cb20b3dfaa3e4bed7d1b5882fd586760b00f37e5887525ef1875052117
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:13 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
8af1412c-f3bd-1f12-8226-b88303829368
age
46
content-type
text/css
cache-control
max-age=30
accept-ranges
bytes
content-length
18433
Issue.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Article/page/ 		100 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Article/page/Issue.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
25e3945c58ee32264dc6dbde8cbe845028f82c721c375cf1dba9830976670a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:11 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
9fa74075-4837-1ffb-9ee0-9440c9b7a930
age
49
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
102707
Article.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/Article.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
649a428192ef3f9a3c3569840cde04c4bc0f16f9fce5b87255185cf20fcd0999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
e05d8520-2a63-1fd6-bc2e-b8830381bef0
age
48
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
3612
ArticleComments.css
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ArticleComments.css
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
5ddc3339d37dfe2b34eb5dffe38ce9701d09d3e34451b57d42820c412369d6ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:26 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
a0c62ba0-422f-1f8e-a501-b8830381eeb0
age
34
content-type
text/css
cache-control
max-age=30
accept-ranges
bytes
content-length
2197
ArticleComments.js
ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/page/ArticleComments.js
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
2666547aa5f21c8976a98216692f3b6a049323f244593d67772523533e703b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:57:21 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 13:29:15 GMT
server
DWS
x-amz-request-id
78541b8a-d576-1f99-8737-040973e279e8
age
39
content-type
application/javascript
cache-control
max-age=30
accept-ranges
bytes
content-length
15841
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1884980121754918&ev=PageView&dl=https%3A%2F%2Fdekor.delfi.ee%2F&rl=&if=false&ts=1676393880635&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676393880633.2137689925&it=1676393880583&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 14 Feb 2023 16:58:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
zwxr83yw.json
l.getsitecontrol.com/ 		124 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/zwxr83yw.json
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
BunnyCDN-AT1-731 /
Resource Hash
805e50e94fbcb7d68b58ce9f186cde8113203b0874fc85c3e82038be7fd708fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
br
cdn-edgestorageid
731
x-amz-request-id
9NNX6ZR1V4MT59WM
cdn-cachedat
01/30/2023 09:54:02
cdn-pullzone
89704
x-amz-id-2
7aSYCImyiiNyDw+hVfhgE96igadXkvWcGCcLZOu4s9O6IGvwkI2O1SvXJ2bn4Pib/LmSqKEofn4=
last-modified
Wed, 04 Jan 2023 11:41:32 GMT
server
BunnyCDN-AT1-731
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"907ba4a91c60b217ad22d590bd2e5553"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
access-control-max-age
3000
cdn-requestid
2875a886e53a7c54c1fe218130b6593d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
fpdata.js
sgaee.hit.gemius.pl/ 		277 B
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sgaee.hit.gemius.pl/fpdata.js?href=dekor.delfi.ee
Requested by
Host: sgaee.hit.gemius.pl
URL: https://sgaee.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.21.33 , France, ASN16276 (OVH, FR),
Reverse DNS
ip33.ip-146-59-21.eu
Software
GHC /
Resource Hash
99f4cdef5ebd4fd33b153334aef03491f7ca6cead60ced5d0c881928650cce50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
277
expires
Thu, 16 Mar 2023 16:58:00 GMT
lsget.html
ls.hit.gemius.pl/ Frame 7F01 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: sgaee.hit.gemius.pl
URL: https://sgaee.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-145-239-237.eu
Software
GHC /
Resource Hash
7e32c53d6dac82707140d83d751315b79939d6ea4f818903d57e27e72f42df98

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2722
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:01 GMT
etag
PRIVATE7520710249
expires
Thu, 16 Mar 2023 16:58:01 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
sp1.html
cdn.cxense.com/ Frame E734 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Tue, 14 Feb 2023 16:58:00 GMT
Expires
Fri, 24 Feb 2023 16:58:00 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
/
c.cintnetworks.com/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/?a=2495&i=224&id=cxense_224:le4hmst48isqinfk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Arr-Disable-Session-Affinity
true
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
csc-event
s.delfi.ee/ 		37 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.delfi.ee/csc-event?p=0%3Ale4hmsua%3AHmnPnGbU8Ir2Ai0xbQoQ~yj5v98EDNU4&s=0%3Ale4hmsua%3A~okXn9zWHKUEEVF0fkeDRTRg9uR9xUtG&v=0%3AUimxbNcnKMYxXErndaUermnlM2mDhrIA&e=0%3AJvwc96bTyT_Rd~3_Jqpyh55scawfzuxj0&c=le4hmsud&n=t&f=t&l=https%3A%2F%2Fdekor.delfi.ee%2F&i=18g&j=xc&k=1&w=18g&h=xc&t=pageView&a=none&x=-7tuml0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.54.110.135 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
tracker /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
server
tracker
etag
"6b3edc43-20ec-4078-bc47-e965dd76b88a"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate
content-length
37
expires
Fri, 14 Apr 1995 11:30:00 GMT
csc-event
s.delfi.ee/ 		37 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.delfi.ee/csc-event?p=0%3Ale4hmsua%3AHmnPnGbU8Ir2Ai0xbQoQ~yj5v98EDNU4&s=0%3Ale4hmsua%3A~okXn9zWHKUEEVF0fkeDRTRg9uR9xUtG&v=0%3A4PlgCB4hgliyHGGX56jhkjk7JUs2BpGN&e=0%3Ai_Pi3b1bXNvQu6iFMlwqKmNaM8eaDxzx0&c=le4hmsug&n=f&f=f&l=https%3A%2F%2Fdekor.delfi.ee%2F&i=18g&j=xc&k=1&w=18g&h=xc&t=pageView&a=none&x=yzfim9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.54.110.135 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
tracker /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
server
tracker
etag
"6b3edc43-20ec-4078-bc47-e965dd76b88a"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate
content-length
37
expires
Fri, 14 Apr 1995 11:30:00 GMT
adx.js
af1.nh.ee/banners/scripts/ Frame 8908 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/banners/scripts/adx.js
Requested by
Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=562979&mkw=channel_vue,channel_dekor,logged_out,channel_frontpage,dekor_frontpage&mkv=channel:dekor,network:4g,screen_width:1600,screen_height:1200,locale:et_EE,position:pos_001,chn_pos:dekor_001,chn_fp_pos:dekor_001&adid=57735dcf-d89c-4cf6-b132-857d48b8b4b2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:48:13 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
DWS
x-amz-request-id
tx00000f43aa02298e7be1f-00637b6788-32940f80-default
age
587
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
25444
clarity.js
www.clarity.ms/eus2-e/s/0.7.2/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-e/s/0.7.2/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dhcdwcu0be
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0oZ/rYwAAAACTsRg7Uu1JQa3iAkmWZztZRlJBMjMxMDUwNDE3MDQ5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d93c95f148481c"
x-azure-ref
0mL3rYwAAAACzlYBBtbi+QIVEFQcIsCFaRlJBMzFFREdFMDkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0E1F54A7528C4B67BB7C36AF47D18AC6&RedC=c.clarity.ms&MXFR=10CBE57D3D34636B3974F7C539346D2B
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0E1F54A7528C4B67BB7C36AF47D18AC6&MUID=32B8A7179F2F6E2F17AAB5AF9EFD6FC7
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0E1F54A7528C4B67BB7C36AF47D18AC6&MUID=32B8A7179F2F6E2F17AAB5AF9EFD6FC7
Protocol
H2
Server
20.205.115.81 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 30 Jan 2023 17:35:34 GMT
server
Microsoft-IIS/10.0
etag
"e0c74342d134d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A42D6104E2D2403B9F911FA1AE5C3784 Ref B: FRAEDGE1317 Ref C: 2023-02-14T16:58:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0E1F54A7528C4B67BB7C36AF47D18AC6&MUID=32B8A7179F2F6E2F17AAB5AF9EFD6FC7
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1753315872&t=pageview&_s=1&dl=https%3A%2F%2Fdekor.delfi.ee%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B5%D0%BA%D0%BE%D1%80&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABEAAAACAAI~&jid=452476821&gjid=632691302&cid=835921100.1676393879&tid=UA-4729238-1&_gid=35143455.1676393881&_r=1&_slc=1&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=dekor.delfi.ee&cd7=ru&cd8=Online%20vaade&cd9=&cd10=&cd11=logged%20out&cd12=&cd13=logged%20out&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.96%20Safari%2F537.36&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&z=1572695729
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
pagead2.googlesyndication.com/bg/ Frame 3018 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 11:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
20907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14329
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 11:09:33 GMT
bootstrap.js
af1.nh.ee/stoat/626/af1.nh.ee/ Frame D60F 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
b7589ad815e0add1866a1717a065830d4a9251ad9e33c6808bd930eacef27c96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:47:02 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
DWS
age
657
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
16143
expires
Wed, 15 Feb 2023 20:33:42 GMT
pixel
cm.adform.net/ Frame D60F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adform
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329524285247713&expires=30&ssp=adform
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&adform_v=1
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&adform_v=1
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

location
//cm.adform.net/pixel?adform_pid=3&adform_pc=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&adform_v=1
date
Tue, 14 Feb 2023 16:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.adform.net/ Frame D60F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEB-naZeFvjdaeDRh1jzVkTk&google_cver=1&adform_v=1
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEB-naZeFvjdaeDRh1jzVkTk&google_cver=1&adform_v=1
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEB-naZeFvjdaeDRh1jzVkTk&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame D60F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

Date
Tue, 14 Feb 2023 16:58:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
687be3f4-6408-4c2f-84f8-e156e9d5d3b3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame D60F
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=4c35e5f3-cd1b-4dab-95ed-283eb237606d
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=4c35e5f3-cd1b-4dab-95ed-283eb237606d
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=4c35e5f3-cd1b-4dab-95ed-283eb237606d
Date
Tue, 14 Feb 2023 16:58:00 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
bootstrap.js
af1.nh.ee/stoat/626/af1.nh.ee/ Frame 95A2 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
b7589ad815e0add1866a1717a065830d4a9251ad9e33c6808bd930eacef27c96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:47:02 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
DWS
age
657
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
16143
expires
Wed, 15 Feb 2023 20:33:42 GMT
pixel
cm.adform.net/ Frame 95A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_custom_parameter=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_custom_parameter=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8226dc0c-98ad-4d56-b0df-7fe84f48306a&user_group=1&ssp=adform&bsw_param=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&adform_v=1
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&adform_v=1
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

location
//cm.adform.net/pixel?adform_pid=3&adform_pc=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&adform_v=1
date
Tue, 14 Feb 2023 16:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.adform.net/ Frame 95A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEOf30CdpsVy_NB5wGCydpVQ&google_cver=1&adform_v=1
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEOf30CdpsVy_NB5wGCydpVQ&google_cver=1&adform_v=1
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEOf30CdpsVy_NB5wGCydpVQ&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 95A2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

Date
Tue, 14 Feb 2023 16:58:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
01fc3c9b-da67-4f93-9525-571d734725b6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 95A2
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=96b9477b-14df-47b2-a638-8a791e801306
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=96b9477b-14df-47b2-a638-8a791e801306
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=96b9477b-14df-47b2-a638-8a791e801306
Date
Tue, 14 Feb 2023 16:58:00 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
siteheader.js
s1.adform.net/Banners/Elements/Files/146996/2932089/ Frame 5146 		811 B
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/146996/2932089/siteheader.js?bn=61584290;v=1
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5797691548eb8ee126ca300c213860aac9a5c967f1066e301cffc03aa13e060e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 07:43:23 GMT
server
nginx
x-amz-request-id
tx00000971f5957b9ca41fe-0063eab32c-329527e9-default
etag
W/"7715ed5f0b0462f8eb60724f0194cf9d"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
generic
match.adsrvr.org/track/cmf/ Frame 5146
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=adform&gdpr=&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=adform&gdpr=&gdpr_consent=
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=adform&gdpr=&gdpr_consent=
date
Tue, 14 Feb 2023 16:58:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.adform.net/ Frame 5146
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEBjraQaVAeCSIKEev01UNLc&google_cver=1&adform_v=1
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEBjraQaVAeCSIKEev01UNLc&google_cver=1&adform_v=1
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEBjraQaVAeCSIKEev01UNLc&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 5146
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

Date
Tue, 14 Feb 2023 16:58:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d9459b5e-f011-4fc8-bc3f-949b65106dbf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=3019568783745404024
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 5146
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=96b9477b-14df-47b2-a638-8a791e801306
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=96b9477b-14df-47b2-a638-8a791e801306
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=96b9477b-14df-47b2-a638-8a791e801306
Date
Tue, 14 Feb 2023 16:58:01 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2998
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
runtime.7025e20.js
s2.getsitecontrol.com/widgets/es6/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.getsitecontrol.com/widgets/es6/runtime.7025e20.js
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/zwxr83yw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
8b0fb17b69c707614669f65102063f3535305f605e39f62a83da8ccea3acd072

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
br
cdn-edgestorageid
1075
x-amz-request-id
JYAW0VF59B8JVXD1
cdn-cachedat
01/04/2023 07:40:14
cdn-pullzone
83560
x-amz-id-2
jK0T+7d13A3FfnQbPCb99LGESPXlLInzCCV9Dm0LDQE9L2nGi6WFqsxb3/zCgF63bGGwFF+ozac=
last-modified
Wed, 16 Nov 2022 15:14:09 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"ebf697294905b3ed443e93bcba391de5"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=22809600
cdn-requestid
75cfe9448db244542eb21bdf6c504c0d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-4729238-1&cid=835921100.1676393879&jid=452476821&gjid=632691302&_gid=35143455.1676393881&_u=aAhAAEAAEAAAACAAI~&z=420392780
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 14 Feb 2023 16:58:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ Frame E734 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
06639d033d7cf998bac4c166c2040102efc566e743de92c2d7b932dee909e3c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:58:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Jan 2023 05:10:31 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34709
Expires
Tue, 14 Feb 2023 17:58:00 GMT
bootstrap.js
af1.nh.ee/stoat/626/af1.nh.ee/ Frame 5146 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
b7589ad815e0add1866a1717a065830d4a9251ad9e33c6808bd930eacef27c96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:47:02 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
DWS
age
657
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
16143
expires
Wed, 15 Feb 2023 20:33:42 GMT
/
track.adform.net/adfserve/ Frame 95A2 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=48615288;rtbwp=MTRhkF1PPcQ1;rtbdata=mHPH3fHqXC-mYF8JfUVvplllYunbzLJLoPj6SjdLCafCkA1y_psnHYp-BrszzkeaTHmgLrw89TKTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2;csid=85505;pui=q40_VW_NVZYb065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQlCBBu5h__BVFM6BaTFHh-A7z_uuw_WOM1;adxvars=4zIebbcTUfWu7n-9lBY4jCmV8zAdCXPt6cBkmpfkvZowxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiWyR7GegfGjV_qxnwrcWfOSYRBtvp6MCIc-v6xf51X48OJRNPE5fIdjfGHYhGEBzsXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoxaMB7E3Is5U1;adxcmd=QTwuOIuaMWyJAahooV75YaLobcS8zXmK0;;js=1;adfxid=1x;5614;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fdekor.delfi.ee%2F
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ae4b3a302e40995eda4592557914e9927c05121d6f021b99d219af1773a35413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
4348
expires
-1
/
track.adform.net/adfserve/ Frame D60F 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=48615490;rtbwp=MTRhkF1PPcQ1;rtbdata=4vtUDEmaqxpn_PjMnA_wOpUdz-mSLfb3jiqWHaZXCnPIiZHg6Th_YYp-BrszzkeaGFmE8Dbh92yTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2;csid=82897;pui=q40_VW_NVZYb065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQlCBBu5h__BVFM6BaTFHh-A7z_uuw_WOM1;adxvars=4zIebbcTUfUPDAynFSSJ3CmV8zAdCXPt6cBkmpfkvZowxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiRMMTNGKOjnVMhKDdVd3OEvhI6FhwDQIi71nWcBXEzAD_7cjxjaVeWsRzMQZFNLc-nFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoxaMB7E3Is5U1;adxcmd=QTwuOIuaMWyJAahooV75YaLobcS8zXmK0;;js=1;adfxid=2x;9459;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fdekor.delfi.ee%2F
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1b656f26cf47fd0d5f613aaa52b6744c347a3b4eb9a1829426344ace9661d0a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
4338
expires
-1
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4729238-1&cid=835921100.1676393879&jid=452476821&_u=aAhAAEAAEAAAACAAI~&z=759387940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4729238-1&cid=835921100.1676393879&jid=452476821&_u=aAhAAEAAEAAAACAAI~&z=759387940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
keytarget-delfiee.min.js
keytarget.adnet.lt/stable/ Frame 2B1D 		508 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
3a71f2d4cdf846b4955bf06fca7417f4720915225e99cd27efb14f08c2e86a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 15:31:08 GMT
server
nginx
age
48
etag
"63e26ebc-7f09b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
169664
expires
Wed, 15 Feb 2023 16:58:01 GMT
Spinner200px.gif
banners.adnetmedia.lt/creatives/ Frame 2B1D 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banners.adnetmedia.lt/creatives/Spinner200px.gif
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.15 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
f1bb4f4e526c417896deb5521d188bd77fc982b0ed258cfbfa91dccc681548e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Thu, 18 Oct 2018 13:16:39 GMT
server
nginx
age
2965
etag
"5bc887b7-2d9d"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
11677
/
track.adform.net/csimpr/ Frame 95A2 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=48615288&csi=iFX79_97CMO0UIIUv3CjeDoYZbF1O6fOwmC4YoKSqtYCSGHUPR3ExJKMZDPku9Wcsi3r8MhdkSSbLVyN-EC6fMtA6Mm6sUaliKDAl2iwRBg9WMnQhXYQ7-mlLJ7O-FjKSMwgvbtqC7Qau94oJsHc8Q2
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/adfserve/ Frame 5146 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=61584290;rtbwp=y-aYpd_4Euk1;rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2;csid=87883;pui=q40_VW_NVZYb065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQlCBBu5h__BVFM6BaTFHh-A7z_uuw_WOM1;adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2;adxcmd=lDbNZc6D8ECJAahooV75YaLobcS8zXmK0;;js=1;adfxid=3x;8028;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fdekor.delfi.ee%2F
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d62708967c348dbf47fb028f9a71673f70d4f4af3405b03a3045eb2a63813410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
5250
expires
-1
keytarget-delfiee.min.js
keytarget.adnet.lt/stable/ Frame 550A 		508 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
3a71f2d4cdf846b4955bf06fca7417f4720915225e99cd27efb14f08c2e86a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 15:31:08 GMT
server
nginx
age
48
etag
"63e26ebc-7f09b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
169664
expires
Wed, 15 Feb 2023 16:58:01 GMT
Spinner200px.gif
banners.adnetmedia.lt/creatives/ Frame 550A 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banners.adnetmedia.lt/creatives/Spinner200px.gif
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.15 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
f1bb4f4e526c417896deb5521d188bd77fc982b0ed258cfbfa91dccc681548e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Thu, 18 Oct 2018 13:16:39 GMT
server
nginx
age
2965
etag
"5bc887b7-2d9d"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
11677
/
track.adform.net/csimpr/ Frame D60F 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=48615490&csi=LWzhZncZMywO2o4yiykPil1NNL--Db_jwmC4YoKSqtYCSGHUPR3ExJKMZDPku9Wcsi3r8MhdkSSbLVyN-EC6fMtA6Mm6sUaliKDAl2iwRBg9WMnQhXYQ72P92mRt8dBKSMwgvbtqC7Qau94oJsHc8Q2
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ThirdParty
af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.226/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:types/ Frame 95A2 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.226/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:55:04 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
DWS
age
176
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
15120
expires
Tue, 17 Jan 2023 19:28:05 GMT
ThirdParty
af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.226/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:types/ Frame D60F 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.226/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:55:04 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
DWS
age
176
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
15120
expires
Tue, 17 Jan 2023 19:28:05 GMT
collect
k.clarity.ms/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:01 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
p1.js
p1cluster.cxense.com/ Frame E734 		47 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
b819f03123a31ae83c1fb734aa83e8ca613b7ed025ce5fc26b06bd38e72b6433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
last-modified
Sun, 14 Aug 2022 16:58:01 GMT
server
Jetty(9.4.28.v20200408)
etag
3fgq9ev2tw49x1orjgz8i9jajl
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Wed, 14 Feb 2024 16:58:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BDEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230209&jk=1308697954452468&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
rexdot.js
sgaee.hit.gemius.pl/__/_1676393881145/
Redirect Chain
  • https://sgaee.hit.gemius.pl/_1676393881145/rexdot.js?l=106&sendf=8&id=bP.gjYN6d708X7b5xAv1I_UUnM9pLnAC7JzqiqGligv.q7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fdekor.d...
  • https://sgaee.hit.gemius.pl/__/_1676393881145/rexdot.js?l=106&sendf=8&id=bP.gjYN6d708X7b5xAv1I_UUnM9pLnAC7JzqiqGligv.q7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fdeko...
169 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sgaee.hit.gemius.pl/__/_1676393881145/rexdot.js?l=106&sendf=8&id=bP.gjYN6d708X7b5xAv1I_UUnM9pLnAC7JzqiqGligv.q7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fdekor.delfi.ee%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=AHiwH5BDj7TB3748RL5C2Nib8lEg9Go6iUHrKwhmfdr.q7CZIYZjIEPZay18DGeLpNohjacZRvUNcTytV2T8teN2t.gx/FiPvaMHAICajf/&fpdata=KmPAHRgnnjes3i4k7nI5T35gtj3_crq7_d2sYxh3QsX.B7&ltime=469&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63ebbd98283932d2&brts=1676393881&fpcap=
Protocol
H2
Server
146.59.21.33 , France, ASN16276 (OVH, FR),
Reverse DNS
ip33.ip-146-59-21.eu
Software
GHC /
Resource Hash
c4f66986527aaa9fefbc2a92d8890f1d863e1554990cdf6415accd5994d48880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Mon, 13 Feb 2023 16:58:01 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1676393881145/rexdot.js?l=106&sendf=8&id=bP.gjYN6d708X7b5xAv1I_UUnM9pLnAC7JzqiqGligv.q7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fdekor.delfi.ee%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=AHiwH5BDj7TB3748RL5C2Nib8lEg9Go6iUHrKwhmfdr.q7CZIYZjIEPZay18DGeLpNohjacZRvUNcTytV2T8teN2t.gx/FiPvaMHAICajf/&fpdata=KmPAHRgnnjes3i4k7nI5T35gtj3_crq7_d2sYxh3QsX.B7&ltime=469&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63ebbd98283932d2&brts=1676393881&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 13 Feb 2023 16:58:01 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1884980121754918&ev=Microdata&dl=https%3A%2F%2Fdekor.delfi.ee%2F&rl=&if=false&ts=1676393881150&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%94%D0%B5%D0%BA%D0%BE%D1%80%22%2C%22meta%3Adescription%22%3A%22%D0%94%D0%B5%D0%BA%D0%BE%D1%80%22%2C%22meta%3Akeywords%22%3A%22%D0%94%D0%B5%D0%BA%D0%BE%D1%80%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdekor.delfi.ee%22%2C%22og%3Asite_name%22%3A%22%D0%94%D0%B5%D0%BA%D0%BE%D1%80%22%2C%22og%3Atitle%22%3A%22%D0%94%D0%B5%D0%BA%D0%BE%D1%80%22%2C%22og%3Adescription%22%3A%22%D0%94%D0%B5%D0%BA%D0%BE%D1%80%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fh.delfi.ee%2Fg%2Fog%2Fdekor_1200x628.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22628%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fdekor.delfi.ee%22%2C%22author%22%3A%7B%22%40type%22%3A%22Person%22%2C%22name%22%3A%22%D0%94%D0%B5%D0%BA%D0%BE%D1%80%22%7D%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Delfi%22%7D%2C%22description%22%3A%22%D0%94%D0%B5%D0%BA%D0%BE%D1%80%22%7D%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1676393880633.2137689925&it=1676393880583&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 14 Feb 2023 16:58:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
track.adform.net/adfserve/ Frame 5146 		35 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/adfserve/?bn=61583150;1x1inv=1;srctype=3;ord=[timestamp]&rnd=53501
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
generate_204
tpc.googlesyndication.com/ Frame 3018 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kDGf7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Standard
af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.226/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 5146 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.226/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
9e66ef31e40868d5251f0832216c3a89a3a648e86115f10c208eed979ce28816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:54:56 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
DWS
age
184
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
39909
expires
Sat, 11 Feb 2023 22:39:21 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame E734 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.10&typ=pgv&rnd=le4hmsu3nvq70xr3&sid=1145189970857384309&loc=https%3A%2F%2Fdekor.delfi.ee%2F&new=0&arf=0&ltm=1676393880699&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=le4hmsu4knlvy32p&ckp=le4hmst48isqinfk&glb=&cp_userState=anon&cp_channel=dekor&cp_platform=Online%20vaade&cp_page_type=Frontpage&cp_user_logged_in=no&cp_has_user_package=no&cst=3fgq9ev2tw49x1orjgz8i9jajl
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Tue, 14 Feb 2023 16:58:01 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		101 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22le4hmst48isqinfk%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223fgq9ev2tw49x1orjgz8i9jajl%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223fgq9ev2tw49x1orjgz8i9jajl%22%7D%5D%2C%22siteId%22%3A%221145189970857384309%22%2C%22location%22%3A%22https%3A%2F%2Fdekor.delfi.ee%2F%22%7D&callback=cXJsonpCB1
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
123e25687ea20a51faec9df8484cc5bab963f8355a2de1fda0021dfdcc3ed66c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
101
expires
Mon, 26 Jul 1997 05:00:00 GMT
events
events.getsitectrl.com/api/v1/ 		609 B
857 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.getsitectrl.com/api/v1/events
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.184.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-184-179.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
7bf6c9555cdc5218e9f44a2cc1967aa5dfa332fc155e9ca03dc4af9e669ffe34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
server
Getsitecontrol
access-control-allow-methods
GET,POST
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
609
/
track.adform.net/csimpr/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=61584290&csi=eDht8QEB4nTDtg3cRgK8d55yGHo2B-7sVzL5mVcYzwoCSGHUPR3ExJKMZDPku9Wcsi3r8MhdkSSbLVyN-EC6fMtA6Mm6sUaliKDAl2iwRBg9WMnQhXYQ78BJRO9e1xIjconn7IyIDbYau94oJsHc8Q2
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
close2016.png
g1.nh.ee/b/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/b/close2016.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
43d770b69af69d2605e20517ba52e4bf913159fb0f3c20167513b0d9feb5cf6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:52:37 GMT
last-modified
Mon, 05 Sep 2016 13:54:18 GMT
server
DWS
age
323
content-type
image/png
cache-control
max-age=3024000
accept-ranges
bytes
content-length
1684
expires
Sat, 21 Jan 2023 16:45:42 GMT
12380176.js
af1.nh.ee/Banners/Elements/Files/147901/12380176/main/ Frame 9393 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/Banners/Elements/Files/147901/12380176/main/12380176.js?ADFassetID=12380176&bv=1027
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
40ef54d0436a54f266417eb228961bf6cea2fde3e8adf2b1bf6f3fd0d617c332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:00:54 GMT
content-encoding
gzip
x-amz-request-id
tx00000716cfc790eb4a290-0063eb5bd6-32957437-default
age
25026
x-cache-status
MISS
content-length
1626
last-modified
Mon, 13 Feb 2023 13:26:16 GMT
server
DWS
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
Adform.DHTML.js
af1.nh.ee/banners/scripts/rmb/ Frame 9393 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.226/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:48:17 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
DWS
x-amz-request-id
tx00000d368c5aa3972cc20-006385f1f7-32940f80-default
age
584
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
13537
imp
stats-collector.cxense.com/cr-stats/event/ 		42 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/imp?adId=457912&bnId=47281848&pId=451434&location=https%3A%2F%2Fdekor.delfi.ee%2F&t=%D0%94%D0%B5%D0%BA%D0%BE%D1%80&cb=1676393881354&siteId=1145189970857384309&cxId=cx%3Aqwo8wfxslz05w9drj7zdatob%3A25mm80z00mkg8&cxprnd=le4hmsu3nvq70xr3&configId=22&impRndId=f7lryw9zitqipylr&evid=cx:qwo8wfxslz05w9drj7zdatob:25mm80z00mkg8
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:01 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
imp
stats-collector.cxense.com/cr-stats/event/ 		42 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/imp?adId=457968&bnId=47281800&pId=435612&location=https%3A%2F%2Fdekor.delfi.ee%2F&t=%D0%94%D0%B5%D0%BA%D0%BE%D1%80&cb=1676393881356&siteId=1145189970857384309&cxId=cx%3Aqwo8wfxslz05w9drj7zdatob%3A25mm80z00mkg8&cxprnd=le4hmsu3nvq70xr3&configId=22&impRndId=fzman88m8qt0a3ai&evid=cx:qwo8wfxslz05w9drj7zdatob:25mm80z00mkg8
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:01 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
imp
stats-collector.cxense.com/cr-stats/event/ 		42 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/imp?adId=735879&bnId=57365606&pId=954892&location=https%3A%2F%2Fdekor.delfi.ee%2F&t=%D0%94%D0%B5%D0%BA%D0%BE%D1%80&cb=1676393881359&siteId=1145189970857384309&cxId=cx%3Aqwo8wfxslz05w9drj7zdatob%3A25mm80z00mkg8&cxprnd=le4hmsu3nvq70xr3&configId=22&impRndId=y305scqd86nz5v1q&evid=cx:qwo8wfxslz05w9drj7zdatob:25mm80z00mkg8
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:01 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2B1D 		193 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:00:32 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
last-modified
Wed, 08 Feb 2023 21:24:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
3449
etag
W/"0d9f2b192f61b596888847da998647d3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
PFIxOb_Ty1_B17r9SlwGemEjuoHTEykBJIdkwDQprdPsKXVmVgoiCQ==
adsm.macro.delfi.ee.js
macro.adnami.io/macro/hosts/ Frame 2B1D 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://macro.adnami.io/macro/hosts/adsm.macro.delfi.ee.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:271f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85fc7754f20007829760c6881ca59ff087a718b79eb2d313ebae8c7157b2f2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
2FUtOTMiuwPJSrd6O1ZgVA==
age
296
x-ms-lease-status
unlocked
last-modified
Tue, 01 Nov 2022 14:27:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4546c803-d01e-0071-68fe-ed121c000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7997589ee9d92bf7-FRA
expires
Tue, 14 Feb 2023 20:58:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2B1D 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
sffe /
Resource Hash
c6d45a9596913887865197a423e46ec9bcb127bb64e540f156230ab70254637e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27296
x-xss-protection
0
server
sffe
etag
"1482 / 0 of 1000 / last-modified: 1676376346"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Feb 2023 16:58:01 GMT
track_banners_init.js
cdn.cxense.com/ Frame 2B1D 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/track_banners_init.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2b2f95356652b862c3994e8425b07a396418c62aecce8c63ca20639064de0fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:58:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Feb 2023 07:20:00 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6300
Expires
Tue, 14 Feb 2023 17:58:01 GMT
otToken.js
storage.googleapis.com/fledge-tests/ Frame 2B1D 		413 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/fledge-tests/otToken.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:20:07 GMT
age
2274
x-guploader-uploadid
ADPycdsJ26ltkezIqRMQEQyT95v9xwfS6IoKm1sPvTh6gr-SdE8CQAvBIkuAQf8YIoy1f5ZJiRfIetoqA7drrw1b_V-uhM5rSoZn
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
413
last-modified
Tue, 08 Nov 2022 10:42:35 GMT
server
UploadServer
etag
"483749ebdd3ce30b016713e5624a0bf8"
vary
X-Goog-Allowed-Resources
x-goog-generation
1667904155021583
x-goog-hash
crc32c=4ZqF4w==, md5=SDdJ69084wsBZxPlYkoL+A==
content-type
application/x-javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
413
accept-ranges
bytes
expires
Tue, 14 Feb 2023 17:20:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 550A 		193 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:00:32 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
last-modified
Wed, 08 Feb 2023 21:24:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
3449
etag
W/"0d9f2b192f61b596888847da998647d3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
TkSYSXaqs9WOGIn0cSfw2kgcN8e6zN-KvjX4KaCKGKF_lHUxZzyPlw==
adsm.macro.delfi.ee.js
macro.adnami.io/macro/hosts/ Frame 550A 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://macro.adnami.io/macro/hosts/adsm.macro.delfi.ee.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:271f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85fc7754f20007829760c6881ca59ff087a718b79eb2d313ebae8c7157b2f2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
2FUtOTMiuwPJSrd6O1ZgVA==
age
296
x-ms-lease-status
unlocked
last-modified
Tue, 01 Nov 2022 14:27:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4546c803-d01e-0071-68fe-ed121c000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7997589ee9db2bf7-FRA
expires
Tue, 14 Feb 2023 20:58:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 550A 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
sffe /
Resource Hash
f62078c9887750aa2191f6fa53bbef9af30d070f1980cefb7cdc039cbae1d5b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27301
x-xss-protection
0
server
sffe
etag
"1482 / 874 of 1000 / last-modified: 1676376346"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Feb 2023 16:58:01 GMT
track_banners_init.js
cdn.cxense.com/ Frame 550A 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/track_banners_init.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2b2f95356652b862c3994e8425b07a396418c62aecce8c63ca20639064de0fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:58:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Feb 2023 07:20:00 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6300
Expires
Tue, 14 Feb 2023 17:58:01 GMT
otToken.js
storage.googleapis.com/fledge-tests/ Frame 550A 		413 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/fledge-tests/otToken.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:20:07 GMT
age
2274
x-guploader-uploadid
ADPycdsJ26ltkezIqRMQEQyT95v9xwfS6IoKm1sPvTh6gr-SdE8CQAvBIkuAQf8YIoy1f5ZJiRfIetoqA7drrw1b_V-uhM5rSoZn
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
413
last-modified
Tue, 08 Nov 2022 10:42:35 GMT
server
UploadServer
etag
"483749ebdd3ce30b016713e5624a0bf8"
vary
X-Goog-Allowed-Resources
x-goog-generation
1667904155021583
x-goog-hash
crc32c=4ZqF4w==, md5=SDdJ69084wsBZxPlYkoL+A==
content-type
application/x-javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
413
accept-ranges
bytes
expires
Tue, 14 Feb 2023 17:20:07 GMT
Adform.VideoPlayer.js
af1.nh.ee/banners/scripts/components/ Frame 9393 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/banners/scripts/components/Adform.VideoPlayer.js?bv=1027
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.226/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
be6c756d6018f907ac9b8ff853e1ddcd59922a725db6130313c02f52629691de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:00:39 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 12:02:42 GMT
server
DWS
x-amz-request-id
tx00000ae89eb3f87423f13-0063eb5bc3-3295c42b-default
age
25041
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8821
adsm.macro.rmb.js
macro.adnami.io/macro/gen/ Frame 2B1D 		89 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by
Host: macro.adnami.io
URL: https://macro.adnami.io/macro/hosts/adsm.macro.delfi.ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:271f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24656028405a35df20c7680b70d6b4997129dd9403993a849140b26042c695cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
IOAa6RFPe/rpwIKOCMfCeQ==
age
5916
x-ms-lease-status
unlocked
last-modified
Fri, 10 Feb 2023 09:17:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c32b874f-c01e-00a9-2d30-3db5cd000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7997589f0a1a2bf7-FRA
expires
Tue, 14 Feb 2023 20:58:01 GMT
SuurelPaevalVaikesedHinnad_TOP6_Delfi_Siteheader_1600x400px_RUS2.mp4
af1.nh.ee/Banners/Stream/147901/ Frame 9393 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://af1.nh.ee/Banners/Stream/147901/SuurelPaevalVaikesedHinnad_TOP6_Delfi_Siteheader_1600x400px_RUS2.mp4
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:12:54 GMT
last-modified
Mon, 13 Feb 2023 13:26:17 GMT
server
DWS
x-amz-request-id
tx0000025f82c28f8566918-0063eb9859-3295c42b-default
age
2707
x-cache-status
HIT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2326900
SuurelPaevalVaikesedHinnad_TOP6_Delfi_Siteheader_1600x400px_RUS2.mp4
af1.nh.ee/Banners/Stream/147901/ Frame 9393 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/Banners/Stream/147901/SuurelPaevalVaikesedHinnad_TOP6_Delfi_Siteheader_1600x400px_RUS2.mp4
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
bb6428edd601872def753fbac1e22bf8c27711328cadca827ebba43dd272654d

Request headers

Referer
https://dekor.delfi.ee/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 14 Feb 2023 16:12:54 GMT
last-modified
Mon, 13 Feb 2023 13:26:17 GMT
server
DWS
x-amz-request-id
tx0000025f82c28f8566918-0063eb9859-3295c42b-default
age
2707
x-cache-status
HIT
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2326899/2326900
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
Content-Length
2326900
adsm.macro.rmb.js
macro.adnami.io/macro/gen/ Frame 550A 		89 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by
Host: macro.adnami.io
URL: https://macro.adnami.io/macro/hosts/adsm.macro.delfi.ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:271f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24656028405a35df20c7680b70d6b4997129dd9403993a849140b26042c695cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
IOAa6RFPe/rpwIKOCMfCeQ==
age
5916
x-ms-lease-status
unlocked
last-modified
Fri, 10 Feb 2023 09:17:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c32b874f-c01e-00a9-2d30-3db5cd000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7997589f3a562bf7-FRA
expires
Tue, 14 Feb 2023 20:58:01 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2B1D 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id
zv0zkgF8NnUlHbYAYVWZBKSRYlhapW6k
content-encoding
gzip
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
date
Tue, 14 Feb 2023 06:32:40 GMT
x-amz-cf-pop
FRA56-C2
age
45001
x-cache
Hit from cloudfront
last-modified
Wed, 08 Feb 2023 10:05:52 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
eiRfNJmCIUBjNs1fwfRewrcXuo354szI5I1uAlwvML6x-nlr3m3_jA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 550A 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id
zv0zkgF8NnUlHbYAYVWZBKSRYlhapW6k
content-encoding
gzip
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
date
Tue, 14 Feb 2023 06:32:40 GMT
x-amz-cf-pop
FRA56-C2
age
45001
x-cache
Hit from cloudfront
last-modified
Wed, 08 Feb 2023 10:05:52 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
QQnKxZSXHo6Lvost0WZoM8bjY6tp8kLAN_Z2l8uQtBh0KCBMlrTn0A==
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=25&time=1&baid=57365606&asid=12380176&name=Video%20Play%20Start&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=455456251
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdekor.delfi.ee%2F&domain=dekor.delfi.ee&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://dekor.delfi.ee
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 14 Feb 2023 16:58:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
546268
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubads_impl_2023020901.js
securepubads.g.doubleclick.net/gpt/ Frame 550A 		386 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
sffe /
Resource Hash
980c5d3f2c9d21b9c5ddd170f98a7a3f77a8e96cf2406ed205d5ce339aeabf91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 12:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133132
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 09:35:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 09 Feb 2024 12:39:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 550A 		581 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dekor.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe95a11067829c81431a5a59eb809232569fe01724ffe482766a0cb203f4bb5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Tue, 14 Feb 2023 16:58:01 GMT
sid
mug.criteo.com/ Frame 550A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdekor.delfi.ee%2F&domain=dekor.delfi.ee&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=URb0rnxjaWNBS1ZkUHJVY1BpM2hkSW9yd2ZVS0ttUGlaT2VCMldxOXZRclJyc3J4aVFNcXFJTkZqR3hMR2RyNVppd0E5bzhKd010M1Y3d1BRYlcyNmdJVjdIenI5dkEvMk1FSVVyOXVxeXVpSTRIaW5RbURQdGFkaTU5OE...
367 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=URb0rnxjaWNBS1ZkUHJVY1BpM2hkSW9yd2ZVS0ttUGlaT2VCMldxOXZRclJyc3J4aVFNcXFJTkZqR3hMR2RyNVppd0E5bzhKd010M1Y3d1BRYlcyNmdJVjdIenI5dkEvMk1FSVVyOXVxeXVpSTRIaW5RbURQdGFkaTU5OEVlbjMzblNDbzRLTkdQMUxIQksrOStzVmEvZytyTGRHRWtiYkpIWjRXQkUycHYvamlWVFBtbW5PU1N0Y3l5ZHhlY1BQT2tNUFU5bzIzSndkdFFHUTJ0R25GQVkvNndxSjc0cFVjci9CRFhaRXVRZWxZZTlvPXw&cppv=2
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9d24806e33b2d3d330c0b08a53b440c3ca943f40a471b6f558dd950f467802fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1379280
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=URb0rnxjaWNBS1ZkUHJVY1BpM2hkSW9yd2ZVS0ttUGlaT2VCMldxOXZRclJyc3J4aVFNcXFJTkZqR3hMR2RyNVppd0E5bzhKd010M1Y3d1BRYlcyNmdJVjdIenI5dkEvMk1FSVVyOXVxeXVpSTRIaW5RbURQdGFkaTU5OEVlbjMzblNDbzRLTkdQMUxIQksrOStzVmEvZytyTGRHRWtiYkpIWjRXQkUycHYvamlWVFBtbW5PU1N0Y3l5ZHhlY1BQT2tNUFU5bzIzSndkdFFHUTJ0R25GQVkvNndxSjc0cFVjci9CRFhaRXVRZWxZZTlvPXw&cppv=2
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
650585
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 550A 		135 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
2f3f6589e4f416de5c6c38d9b3b2acae2ebfed796634fc627eb0dc58148fc2b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
config
c.amazon-adsystem.com/cdn/prod/ Frame 550A 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdekor.delfi.ee&pubid=083e9dd7-27dd-4e36-908f-28796c83c8ad
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f1df7cdd2012da6588d571f8c80f58da81d992a30b9ab12d181d188eb009354a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:00:54 GMT
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
14227
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1304
x-amz-cf-id
auehtU7_blnWWyJbdC3nEofFSkmudGhCk1xD9VjcsZvnuC7mKX54xg==
config
c.amazon-adsystem.com/cdn/prod/ Frame 550A 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdekor.delfi.ee&pubid=083e9dd7-27dd-4e36-908f-28796c83c8ad
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f1df7cdd2012da6588d571f8c80f58da81d992a30b9ab12d181d188eb009354a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:00:54 GMT
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
14227
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1304
x-amz-cf-id
R3NMAESrnxUWJB18lT39PlYajtLuwqX05e4wY8M42ULz78Fc6PlvAA==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 550A 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdekor.delfi.ee%2F&pid=e3YbTxLIL9lZg&cb=0&ws=300x600&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dee_ru_300x600_05_tower_foreign%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F99287527%2C72743801%2Fdelfi_ee%2Fros_ru%2Fdee_ru_300x600_05_tower_foreign%22%7D%5D&schain=1.0%2C1!adnetmedia.lt%2C168%2C1%2C%2C%2C&pubid=083e9dd7-27dd-4e36-908f-28796c83c8ad&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.198.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-198-171.ams54.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS54-C1
x-amz-rid
GMBNVXH86HAEHB4GYTBE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
k-L_P2BDSTxpNXKWMuGufGHf9QAu64ZrC1_0myxWCsCHtv0IQT_dKA==
segment
api.cxense.com/profile/user/ 		62 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCB2&persisted=9bc51b3b50d830eeacfdf8a62ed1e60d6cc78c79&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22le4hmst48isqinfk%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
9e9a0fee08f54a7955afc0f906fdbfca87e2d33860d26a713bf052bc185588f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
62
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
dmp.adform.net/serving/cookie/match/
Redirect Chain
  • https://csyn-r.cxense.com/?cxsite=1145189970857384309&partnerId=csr&cxckp=cx%3Aqwo8wfxslz05w9drj7zdatob%3A25mm80z00mkg8
  • https://dmp.adform.net/serving/cookie/match/?party=1077&cid=2di00u41i0iit2w6ym6x3sjz8t
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1077&cid=2di00u41i0iit2w6ym6x3sjz8t
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://dmp.adform.net/serving/cookie/match/?party=1077&cid=2di00u41i0iit2w6ym6x3sjz8t
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31600
server
Jetty(9.4.28.v20200408)
content-length
109
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdekor.delfi.ee%2F&domain=dekor.delfi.ee&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://dekor.delfi.ee
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 14 Feb 2023 16:58:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
556988
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubads_impl_2023020901.js
securepubads.g.doubleclick.net/gpt/ Frame 2B1D 		386 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
sffe /
Resource Hash
980c5d3f2c9d21b9c5ddd170f98a7a3f77a8e96cf2406ed205d5ce339aeabf91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 12:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133132
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 09:35:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 09 Feb 2024 12:39:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 2B1D 		581 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dekor.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe95a11067829c81431a5a59eb809232569fe01724ffe482766a0cb203f4bb5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Tue, 14 Feb 2023 16:58:01 GMT
sid
mug.criteo.com/ Frame 2B1D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdekor.delfi.ee%2F&domain=dekor.delfi.ee&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=O4l3gnxoTmJxaktqTE1LZ2Y5dzU2SzN0Y3puNWtKL0JpRFU3SHp2alo3Z21BSHlicmlJaEJIQmpYem1yUlNYOFAvcmQzTUIrS3IwWG1FSUtnU05sVmE3S3RPaW1kelhScWRZMnhObk9EbERvMmMvRmlZK08zblhEei9yYk...
370 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=O4l3gnxoTmJxaktqTE1LZ2Y5dzU2SzN0Y3puNWtKL0JpRFU3SHp2alo3Z21BSHlicmlJaEJIQmpYem1yUlNYOFAvcmQzTUIrS3IwWG1FSUtnU05sVmE3S3RPaW1kelhScWRZMnhObk9EbERvMmMvRmlZK08zblhEei9yYk5reXZFWEpUeDV0YlF3dUM0SGpZS0wrcFNUdHJPRnpxUWFuOEUzcnhxVElFb2xXL0JxVVFBNTNtaEdqYUtxbExrenBlYlhKVUxJNmI5SldFeURla09PbnJLODZNajEzM3dZV0JQMTFjUUtuMkFpbnpLd1VVQjEyeEM2TFR5TUVta3FJRTJKbTZHfA&cppv=2
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9b7d0cd64aa16c119196c2033b4411c2f9f95d12b8a2dd533cba94ca946d0c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1215116
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=O4l3gnxoTmJxaktqTE1LZ2Y5dzU2SzN0Y3puNWtKL0JpRFU3SHp2alo3Z21BSHlicmlJaEJIQmpYem1yUlNYOFAvcmQzTUIrS3IwWG1FSUtnU05sVmE3S3RPaW1kelhScWRZMnhObk9EbERvMmMvRmlZK08zblhEei9yYk5reXZFWEpUeDV0YlF3dUM0SGpZS0wrcFNUdHJPRnpxUWFuOEUzcnhxVElFb2xXL0JxVVFBNTNtaEdqYUtxbExrenBlYlhKVUxJNmI5SldFeURla09PbnJLODZNajEzM3dZV0JQMTFjUUtuMkFpbnpLd1VVQjEyeEM2TFR5TUVta3FJRTJKbTZHfA&cppv=2
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
597345
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 2B1D 		135 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
2f3f6589e4f416de5c6c38d9b3b2acae2ebfed796634fc627eb0dc58148fc2b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
config
c.amazon-adsystem.com/cdn/prod/ Frame 2B1D 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdekor.delfi.ee&pubid=083e9dd7-27dd-4e36-908f-28796c83c8ad
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f1df7cdd2012da6588d571f8c80f58da81d992a30b9ab12d181d188eb009354a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:00:54 GMT
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
14227
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1304
x-amz-cf-id
muVL5LYx_8rj6R7WcsR4jmaLvyoe3dZuB6pKbcuAsWlRN2v6G9nb3w==
config
c.amazon-adsystem.com/cdn/prod/ Frame 2B1D 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdekor.delfi.ee&pubid=083e9dd7-27dd-4e36-908f-28796c83c8ad
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f1df7cdd2012da6588d571f8c80f58da81d992a30b9ab12d181d188eb009354a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:00:54 GMT
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
14227
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1304
x-amz-cf-id
PdULTpgEz8oNdg9EbT2PXfki_vAUdkkobagQ92AtvWKjBekHs30dMw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 2B1D 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdekor.delfi.ee%2F&pid=r9GdpeoyHlFbn&cb=0&ws=995x300&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dee_ru_995x300_05_content_foreign%22%2C%22s%22%3A%5B%22970x250%22%2C%22995x300%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F99287527%2C72743801%2Fdelfi_ee%2Fros_ru%2Fdee_ru_995x300_05_content_foreign%22%7D%5D&schain=1.0%2C1!adnetmedia.lt%2C168%2C1%2C%2C%2C&pubid=083e9dd7-27dd-4e36-908f-28796c83c8ad&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.198.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-198-171.ams54.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS54-C1
x-amz-rid
JT8GTG55GJE28902XQD3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
zbGLpsiQJDmtgGX6mBVdQC9axzEYrlVnvz8QxSDReHIo0Ov99Q7uyg==
tag
btloader.com/ Frame 550A
Redirect Chain
  • https://btloader.com/tag?aax_id=AAXEYBR49&upapi=true
  • https://btloader.com/tag?o=5749741711261696&upapi=true
16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5749741711261696&upapi=true
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1642c186826461b5466e7c8ca32ff87b03a60ece7002d41950d5a31bddc835e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Feb 2023 16:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
827
etag
W/"736ec58f907cfd7bcf9552463ab55dd6"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm6gBJkAn0zhAsmtuwQ0MWZglUGLXEaHrCvcicY4mHFw9gOBR8Zi6sY%2BVdf%2F4XSzfA9F%2F7nTjm%2BZ27SCLjyb%2FdC1iuolJ4A9OCs5Ak2aYZNacXj%2B7jVH8e63%2BZpoRufEWXS5RfsuDayHjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
799758a0f9bc92ad-FRA

Redirect headers

date
Tue, 14 Feb 2023 16:58:01 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
812
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLi%2F6aGEzyO4S6WnDKr2iVgJ1cfUHllGWCD%2FsZU3N69T%2F%2BI3I0iRB8f8dNL%2BO%2F87HzwNhPtd%2BOa%2FNmKLdiE%2BSDt57FhmjehLnup%2FJ4voJ06i2RWMYsQJ4QuO5dqwJH4gscuMUY1xd3H%2Fbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5749741711261696&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
799758a0c99292ad-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 550A 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.195.36 Paris, France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-65-195-36.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 14 Feb 2023 17:13:01 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 550A 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
NA7K6JHXA5456874
age
2390
etag
W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
799758a0ba5391fb-FRA
x-amz-id-2
YpHe0I8aK/wHwwRcfbXyOfysu4Fa0gCYdtW0+Th4c4z8OWeMxZOM9vxRnlQIY4J9wYWY6T1dLLs=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 550A 		0
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.15.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-15-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:02 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.15.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-15-12.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dekor.delfi.ee
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 14 Feb 2023 16:58:01 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 550A 		0
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.15.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-15-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:02 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.15.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-15-12.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dekor.delfi.ee
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 14 Feb 2023 16:58:01 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
tag
btloader.com/ Frame 2B1D
Redirect Chain
  • https://btloader.com/tag?aax_id=AAXEYBR49&upapi=true
  • https://btloader.com/tag?o=5749741711261696&upapi=true
16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5749741711261696&upapi=true
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1642c186826461b5466e7c8ca32ff87b03a60ece7002d41950d5a31bddc835e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Feb 2023 16:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
827
etag
W/"736ec58f907cfd7bcf9552463ab55dd6"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NASBol5l2Eh94Vl%2BHsGk3o9YuLDxVX2gxGnxQKfDvRexrPOgulV%2FRGXdGQyJJt8X56qY1nAY3oJvkbSxJw%2BuKsamVaJg%2FsshSN4eZJ4YGk7Y4LLfiW%2Fj22aLV35e%2FPf2ZPMeSY7X%2F4EWsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
799758a0f9bf92ad-FRA

Redirect headers

date
Tue, 14 Feb 2023 16:58:01 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
812
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnEd9OQl8EYKiVQTxTwW3%2Few9pUcfCunazDI78DImGdLrMhDidrZojGynWn16c9zo%2FbThz749nL32IOQtoCYPdEVQU6N641n9xpQQ9hrGC70CDFKblGnpoNG4%2FdMXu1kSr%2Fwd47BT8dmLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5749741711261696&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
799758a0d99492ad-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 2B1D 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.195.36 Paris, France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-65-195-36.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 14 Feb 2023 17:13:01 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 2B1D 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
NA7K6JHXA5456874
age
2390
etag
W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
799758a0ba5591fb-FRA
x-amz-id-2
YpHe0I8aK/wHwwRcfbXyOfysu4Fa0gCYdtW0+Th4c4z8OWeMxZOM9vxRnlQIY4J9wYWY6T1dLLs=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 2B1D 		0
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.15.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-15-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:02 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.15.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-15-12.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dekor.delfi.ee
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 14 Feb 2023 16:58:01 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 2B1D 		0
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.15.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-15-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:02 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.15.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-15-12.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dekor.delfi.ee
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 14 Feb 2023 16:58:01 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
v1
lb.eu-1-id5-sync.com/lb/ Frame 550A 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
bb9a67c0bd8a184cc47b0a4acc667278e2f666c9b89d319dfd8d5f1931bf4375
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ Frame 2B1D 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
bb9a67c0bd8a184cc47b0a4acc667278e2f666c9b89d319dfd8d5f1931bf4375
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
563.json
id5-sync.com/g/v2/ Frame 550A 		216 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/563.json
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
645fed6817d3a464dc56507cb4c285f417e7891bc3d0be0fffb47cf8bf482e1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
563.json
id5-sync.com/g/v2/ Frame 2B1D 		216 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/563.json
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
8822b98fa653c0088ee3481faef2bec0b6b2dc9970294591901dcafb7dc539c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
px.gif
ad-delivery.net/ Frame 2B1D 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170215
x-guploader-uploadid
ADPycdvttfkozGTJ3JgkrLO-W6qy_dM_T7EfIjo5KxUodGOYEe5dB08-n2tEzLBSMWYn5I_OUmQ0l3eCCm2ryLMD3EUVEtF0ThcQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57eFEzjqmJUpHM5u57Ftbo7omo575n14gX%2BpqQOnjiX50V2WS1oNEen61SouF49P7y7X7ndDKtcYfQQX6dBxlmGm%2Bvos4b76BhZ%2FxrfImW%2Fa1nisjgZ6slu%2BiUVmDfVq4QqyFNdS91IVExZ8JA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
799758a18ed292a2-FRA
expires
Sun, 12 Feb 2023 17:55:19 GMT
favicon.ico
ad.doubleclick.net/ Frame 2B1D 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 06:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 06:21:26 GMT
px.gif
ad-delivery.net/ Frame 2B1D 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.015784844019229416
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170215
x-guploader-uploadid
ADPycdvttfkozGTJ3JgkrLO-W6qy_dM_T7EfIjo5KxUodGOYEe5dB08-n2tEzLBSMWYn5I_OUmQ0l3eCCm2ryLMD3EUVEtF0ThcQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BdRZ%2FIkqY1DIaXuCXfFFVbZRy45nPvgnn%2Fb9qovihALa086E74MxVMdiJ1oLUQPdPyiX2bkC%2BbQ8wuXNGJ03eEy2PGEXfRaVyPA8l6rJF7yh27YkqYI%2FI30qmKrhKMVImcYSp%2FCQiNkKxil1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
799758a18ed392a2-FRA
expires
Sun, 12 Feb 2023 17:55:19 GMT
px.gif
ad-delivery.net/ Frame 550A 		43 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAXEYBR49&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170215
x-guploader-uploadid
ADPycdvttfkozGTJ3JgkrLO-W6qy_dM_T7EfIjo5KxUodGOYEe5dB08-n2tEzLBSMWYn5I_OUmQ0l3eCCm2ryLMD3EUVEtF0ThcQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgc7RRbZPhgq%2FjNs6YPcr%2FaC4VPkfWf5gBYM5k4TR9enQmNkaR0PraVlQJdE9e5h2Xjat9M7ivfcsB62366Jzs2v2qltmaPItwGJWXXpr0qZcPWs7NrxX4rikjew5nJZw7xfApUuPBO3p%2FOqQA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
799758a18ed492a2-FRA
expires
Sun, 12 Feb 2023 17:55:19 GMT
favicon.ico
ad.doubleclick.net/ Frame 550A 		1 KB
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAXEYBR49&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 06:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 06:21:26 GMT
px.gif
ad-delivery.net/ Frame 550A 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.33313052271365096
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170215
x-guploader-uploadid
ADPycdvttfkozGTJ3JgkrLO-W6qy_dM_T7EfIjo5KxUodGOYEe5dB08-n2tEzLBSMWYn5I_OUmQ0l3eCCm2ryLMD3EUVEtF0ThcQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmAqEFrtaWSSh9UAH7oeT7ezMH3WgAHW5kxEqxbrwBCatToz6fV%2BAL%2BWeMhemwp%2FRxANxCkW44zVUJvackijrZPP6GpR0%2FL8%2BpMUNf%2FBi1dvHuFX17exQn8unPAP5nzkuPJ9uLIoRoHzY1eL9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
799758a18ed592a2-FRA
expires
Sun, 12 Feb 2023 17:55:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230209&jk=1308697954452468&bg=!NTalNmLNAAYuhb89DoU7ADkAdvg8WqXFqE_kuGOJ1Ed6t5x5-tWbUewuyKa8qfXpihTyBABNNruoN3P9S7naXCtjT8Xu_S0cFSICAAABUFIAAAAEaAEHmQKpdCgMX0JCEe8WjmmVs0NIIeseyL-iXAmddLSO7w_6vQ7keWvUZ-gNAlmLLhk5CvU46xq9FiFE8V8_hk51s8LwqVf_5GYMKg_5CipPjY_dkmhu6kh7z3bEc75NMiIMseGqDZT76bG0oFxqTdhMf8WoMZ1xAQKXFqfntzwesovF9oPS1h7LFHNtRt7cpawj612fXfB0Q0_T_Pgw8YMskXw_FkoqAupr_c0oePjIkkQNStm4ai6rVM5adYpNbShDeYUkb0zqOGBCgQvQLDL6EdV-FEOTGhDM9WtXF0slLAcKVhiZIl1I69qzzhYDDghf36Jm98NZPmgU6v-WehfPl6wD864n90mKsJG_FdQi9HqABFXJxLInXjpQ9WCJ9VE3Q8fT3I392Q-70liQrH6qNg_uRw2pIEi1jJihEqzL78HdS9d3dOSjpb0heb9Ez19KD1rRjjASOImp0k_Tgou0foHtPx5POL1yOXEZVfFLf0u_HMyFKBIvh6PLbpZOlarQIcMipmtxvtdyrNqi8PmuJUybRzOmgJgjijPHop93-9TYRbHk-bMYbkwrUH1c0nZRASrOeb-UnXuuxbxG7zaNeRi6HiIgxW6s4Jf5MVpXYNYl7K8b9mRfWhr4eXjFHQ-piXUuPBLSfqH5oqiexwJvkG4oaMcm0wNeS3xIR6vpEEe9n9-PV92RBvjmb0SXmWSkrHOo8lArLZ7Jhi6FfKYXtcMvzOSgSKVFQvKdRR0UWao7Rnzlk1w6S_V3miGLewOGeinaoOXFNNKbCwAhFX_D4y_OLgR75XVlTU1q8KifzgrVWsy6exfB9MoC5a1yRtlk2mrdpISOiI-s_6DvBMuzqd4uvHUPACfZteSsbRVHSrQYk5jVNpgEMypKuHDuIdZtsdTcu2UMwB_cAjeo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
videoThemeV2.css
af1.nh.ee/banners/scripts/components/styles/ Frame 9393 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/banners/scripts/components/styles/videoThemeV2.css?version=1027
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/banners/scripts/rmb/Adform.DHTML.js?bv=626
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
13685a4cbb636df27dce53ae2c21a3c12c8d3068e7d2cda954befc88476d170e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:00:54 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 12:06:53 GMT
server
DWS
x-amz-request-id
tx000008007df30897ea463-0063eb44fe-3295c471-default
age
25027
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1369
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=O4l3gnxoTmJxaktqTE1LZ2Y5dzU2SzN0Y3puNWtKL0JpRFU3SHp2alo3Z21BSHlicmlJaEJIQmpYem1yUlNYOFAvcmQzTUIrS3IwWG1FSUtnU05sVmE3S3RPaW1kelhScWRZMnhObk9EbERvMmMvRmlZK08zblhEei9yYk5reXZFWEpUeDV0YlF3dUM0SGpZS0wrcFNUdHJPRnpxUWFuOEUzcnhxVElFb2xXL0JxVVFBNTNtaEdqYUtxbExrenBlYlhKVUxJNmI5SldFeURla09PbnJLODZNajEzM3dZV0JQMTFjUUtuMkFpbnpLd1VVQjEyeEM2TFR5TUVta3FJRTJKbTZHfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 14 Feb 2023 16:58:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
460723
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=URb0rnxjaWNBS1ZkUHJVY1BpM2hkSW9yd2ZVS0ttUGlaT2VCMldxOXZRclJyc3J4aVFNcXFJTkZqR3hMR2RyNVppd0E5bzhKd010M1Y3d1BRYlcyNmdJVjdIenI5dkEvMk1FSVVyOXVxeXVpSTRIaW5RbURQdGFkaTU5OEVlbjMzblNDbzRLTkdQMUxIQksrOStzVmEvZytyTGRHRWtiYkpIWjRXQkUycHYvamlWVFBtbW5PU1N0Y3l5ZHhlY1BQT2tNUFU5bzIzSndkdFFHUTJ0R25GQVkvNndxSjc0cFVjci9CRFhaRXVRZWxZZTlvPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 14 Feb 2023 16:58:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
309900
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
country
api.btloader.com/ Frame 2B1D 		16 B
76 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAXEYBR49&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:02 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ Frame 2B1D 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=hArn9P3IM&w=5743945774530560&o=5749741711261696&cv=2.1.06-2-g014272c&r=false&vr=995x300&pageURL=https%3A%2F%2Fdekor.delfi.ee%2F&sid=R5wz6wYwu&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAXEYBR49&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:02 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
country
api.btloader.com/ Frame 550A 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAXEYBR49&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:02 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
collect
k.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:02 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
/
track.adform.net/serving/unload/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=U3NcJagRp3iyHCRRCw7LcyXdVXMj5C_evNehEqj_jm8x0k2nQa3tHASTKWX9t88_r5JBUJ23nwcg7KEh8HPU4Hn-qBLh0Q61cXH2pXfdUyKvkkFQnbefB5AD8GM6AwgjoOrB7MrK4RU1&unload=6129535923113100799@@61584290,1288490541348636409,100|1180|0|0|0|0|1226|1226|0||393|0|||||1|0|0|xz0p9KfevRF5lT90q-mtzVo3yN63vf9OeFfgU6DuzHG8p8lx9F5Of14KcVAItdvSAlr413CuUjaoWv4un0YmxhAuA_Gfso0wCPmLtLACXSRkAW6OdCBF7A2|4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2|1|11|0|1180
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=178&time=2&baid=57365606&name=Viewable%20impressions&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=774033925
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6129535923113100799@@61584290,1288490541348636409,100|1180|0|0|0|0|1226|1226|0||393|0|||||1|0|0|xz0p9KfevRF5lT90q-mtzVo3yN63vf9OeFfgU6DuzHG8p8lx9F5Of14KcVAItdvSAlr413CuUjaoWv4un0YmxhAuA_Gfso0wCPmLtLACXSRkAW6OdCBF7A2|4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2|1|01|0|1180
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
in-screen
stats-collector.cxense.com/cr-stats/event/ 		42 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/in-screen?adId=735879&bnId=57365606&pId=954892&location=https%3A%2F%2Fdekor.delfi.ee%2F&t=%D0%94%D0%B5%D0%BA%D0%BE%D1%80&cb=1676393882961&siteId=1145189970857384309&cxId=cx%3Aqwo8wfxslz05w9drj7zdatob%3A25mm80z00mkg8&cxprnd=le4hmsu3nvq70xr3&configId=22&timeOnScreen=1&v_imp=true&impRndId=y305scqd86nz5v1q&evid=cx:qwo8wfxslz05w9drj7zdatob:25mm80z00mkg8
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:02 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=181&time=3&baid=57365606&name=Viewable%20at%2025%25&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=358452642
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=26&time=3&baid=57365606&asid=12380176&name=Played%2025%25%20Of%20Video&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=160294933
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
cc
cc-endpoint.digitalmatter.ai/api/ Frame 550A 		2 B
289 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cc-endpoint.digitalmatter.ai/api/cc?c=q75n-an4g-2w1a-m02d
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
85.206.141.183 Vilnius, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
85-206-141-183.static.zebra.lt
Software
nginx / PHP/8.0.27
Resource Hash
61835352dfbbfbfae4345655fc7451e580272b28a4aa3377fe008701ac7ebf34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:58:04 GMT
Content-Encoding
br
Server
nginx
X-Powered-By
PHP/8.0.27
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
pbjs
htlb.casalemedia.com/openrtb/ Frame 550A 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=723022
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c019652057ffa263a9566bd84fcd4d3b034cc2cfd713acd5f835544ff2c68f

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJiUwf9aniEGwyzvRGRno%2BPfUYWMlMLsVY6nMgoNijQmcbiV%2FGaLsjKS5RndsOvDmRZyHL5XUeyAp1VHW79l1VaGfAZ%2FOLBSScK8Fiisq%2Fj0nLnfwdsED%2B%2BuDe8o4xJIG%2BjRoOjt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
799758b39eb13631-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
prebid
ib.adnxs-simple.com/ut/v3/ Frame 550A 		138 B
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
57486c62cdf807e878d75ca686484e1b3e2a9e57337d8b6533b8b16427ac6524
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:04 GMT
AN-X-Request-Uuid
5d761857-50fb-4f84-85cd-0b86d96eb7cd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://dekor.delfi.ee
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ Frame 550A 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.24.0&inver=0
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Feb 2023 16:58:04 GMT
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
uber-trace-id
000000000000000054013a9925c8ccc1:52653544627449bb:0:0
accept-ch-lifetime
604800
access-control-allow-origin
https://dekor.delfi.ee
access-control-allow-credentials
true
dsh
hb.adscale.de/ Frame 550A 		11 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.123.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-123-114.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Feb 2023 16:58:04 GMT
content-encoding
gzip
vary
origin
p3p
CP=NOI PSA OUR
access-control-allow-origin
https://dekor.delfi.ee
content-type
text/plain
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
auction
rtb.adxpremium.services/openrtb2/ Frame 550A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
1394abdaa84a9462fa37786c3d713d4aee0df4a053003bc9ab6b53b8faccdd7e

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:04 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://dekor.delfi.ee
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bid-request
a.teads.tv/hb/ Frame 550A 		16 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://dekor.delfi.ee
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 14 Feb 2023 16:58:04 GMT
bid
ap.lijit.com/rtb/ Frame 550A 		94 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.24.0
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
17a5a19916cdbab148de9dfca900fd8c7d0cf8588244618c0ca876544c25acbe

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Feb 2023 16:58:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://dekor.delfi.ee
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
arj
adnet-d.openx.net/w/1.0/ Frame 550A 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adnet-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fdekor.delfi.ee%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2820b1cf-1984-491f-95aa-971240fb6cc0&nocache=1676393884705&gdpr=1&criteoid=8KMKAV83WmQ4NXBCaHBNellkTiUyQmJoUWRnRXBrdkp1JTJCJTJCcnpiT3pwN09adXZxZnV0UGVCR3IzYnRtRExiVk9XJTJCc21kOU41bzFRYlpaVmxveVRmRW0lMkJYakVyS3clM0QlM0Q&id5id=0&pubcid=acea2d12-3019-4bc1-a626-7faaa5eece56&schain=1.0%2C1!adnetmedia.lt%2C168%2C1%2C%2C%2C!digitalmatter.ai%2C168%2C1%2C%2C%2C&aus=300x600%2C300x250&divids=dee_ru_300x600_05_tower_foreign&aucs=&auid=541044794
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
680804e8c7f24478e4ab89685f9863062735c5fad082ed24718206e1370289f5

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://dekor.delfi.ee
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/ Frame 550A 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.92.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-92-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:04 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 550A 		261 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16854&site_id=153086&zone_id=1673628&size_id=15&alt_size_ids=10&gdpr=1&rp_schain=1.0,1!adnetmedia.lt,168,1,,,!digitalmatter.ai,168,1,,,&eid_criteo.com=8KMKAV83WmQ4NXBCaHBNellkTiUyQmJoUWRnRXBrdkp1JTJCJTJCcnpiT3pwN09adXZxZnV0UGVCR3IzYnRtRExiVk9XJTJCc21kOU41bzFRYlpaVmxveVRmRW0lMkJYakVyS3clM0QlM0Q%5E1&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fdekor.delfi.ee%2F&tk_flint=pbjs_lite_v7.24.0&x_source.tid=2820b1cf-1984-491f-95aa-971240fb6cc0&l_pb_bid_id=20cebdcfe777b85&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5914538758963619
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9c7d7ff3ac1e736ae590c9d7d063e39c10f77b4adae5a79067923e3b25443f4f

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 550A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
153c351a8c1decc7854812b546874a5100de60783f738a611da8e940f0c267bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 550A 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 550A 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.24.0&cb=88690558867&lsavail=1&bundle=m41tMV9zaFYlMkJmSk4lMkY1bk9WSktDaEpSQWo2QWNmMjFaOXlaUnAlMkZsbXV4UU5MYmJrOWhLJTJGUlZOQ08lMkJXYWZ5Y0V2Sk9UeTRmd1hxVDlrcXNxbjVzYTVENFRkaUlMTEp5OUtLSzF0dWY3ck5RcWdrJTJCcFR5S0NqVEhCckFPYWclMkZuMHJTZ2cz
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Feb 2023 16:58:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://dekor.delfi.ee
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 550A 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cc
cc-endpoint.digitalmatter.ai/api/ Frame 2B1D 		2 B
289 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cc-endpoint.digitalmatter.ai/api/cc?c=q75n-an4g-2w1a-m02d
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
85.206.141.183 Vilnius, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
85-206-141-183.static.zebra.lt
Software
nginx / PHP/8.0.27
Resource Hash
61835352dfbbfbfae4345655fc7451e580272b28a4aa3377fe008701ac7ebf34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:58:04 GMT
Content-Encoding
br
Server
nginx
X-Powered-By
PHP/8.0.27
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
/
ssp.wp.pl/bidder/ Frame 2B1D 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.24.0&inver=0
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Feb 2023 16:58:04 GMT
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
uber-trace-id
0000000000000000c26052bd21481bb1:3a17d4029e2e97f6:0:0
accept-ch-lifetime
604800
access-control-allow-origin
https://dekor.delfi.ee
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame 2B1D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f778831f0c51045430aa5fbce0abe4cefcf373095253b0ac136c980f6540397c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adnet-d.openx.net/w/1.0/ Frame 2B1D 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adnet-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fdekor.delfi.ee%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a15f231a-4878-4035-86f6-c46b27a4d322&nocache=1676393884723&gdpr=1&criteoid=ltVC6V9BSHRWRkUyYUslMkZERTFRRlJDbkQ3WUR0TzRWZkxjMkVLY1VabEc5cmpTZWZYZHl1bTczcXZ1d2pWRzRGbnJQV1RFR0JEZW4xbCUyQmw5JTJCdmFvZGJuSkhtdyUzRCUzRA&id5id=0&pubcid=acea2d12-3019-4bc1-a626-7faaa5eece56&schain=1.0%2C1!adnetmedia.lt%2C168%2C1%2C%2C%2C!digitalmatter.ai%2C168%2C1%2C%2C%2C&aus=970x250%2C995x300%2C970x90&divids=dee_ru_995x300_05_content_foreign&aucs=&auid=541044808
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2d7f23560495bf3906401f877b3e1e435257e2fde10f14ecb2fffcb6a9eee27b

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://dekor.delfi.ee
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2B1D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 2B1D 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs-simple.com/ut/v3/ Frame 2B1D 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a597197a7acd25e8121eafbda1af7b742bafaf0018da7e3df7fa13dd4c0875f0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Feb 2023 16:58:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8581a555-7beb-43d9-912b-479a9a6f4e67
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://dekor.delfi.ee
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 2B1D 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=723022
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd48751f608df0faaa476b684b50ccdf5f707aec427e499ff39e84b1f5eefd1d

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsSDj7Ddbd9qvr2nRrqaHisAF7iGQtEKrnyw26PZaN8qNG%2BKk2O1od05OqaajWZZ%2BwfL8LSStupvAT1lLgJwT1xqbCy2dtv8gYJMCeY3Ptg6IkojQSmCarzotP8ptt1IsqkrwbKp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
799758b39eb23631-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2B1D 		261 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16854&site_id=153086&zone_id=1673632&size_id=55&alt_size_ids=57&p_pos=btf&gdpr=1&rp_schain=1.0,1!adnetmedia.lt,168,1,,,!digitalmatter.ai,168,1,,,&eid_criteo.com=ltVC6V9BSHRWRkUyYUslMkZERTFRRlJDbkQ3WUR0TzRWZkxjMkVLY1VabEc5cmpTZWZYZHl1bTczcXZ1d2pWRzRGbnJQV1RFR0JEZW4xbCUyQmw5JTJCdmFvZGJuSkhtdyUzRCUzRA%5E1&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fdekor.delfi.ee%2F&tk_flint=pbjs_lite_v7.24.0&x_source.tid=a15f231a-4878-4035-86f6-c46b27a4d322&l_pb_bid_id=16f2185c70f5cea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7019996337325234
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
454909afa2d03c3684af7e23c971482ec045eb4e9559195a4d4522f0bdf3f775

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 2B1D 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.24.0&cb=19109251022&lsavail=1&bundle=m41tMV9zaFYlMkJmSk4lMkY1bk9WSktDaEpSQWo2QWNmMjFaOXlaUnAlMkZsbXV4UU5MYmJrOWhLJTJGUlZOQ08lMkJXYWZ5Y0V2Sk9UeTRmd1hxVDlrcXNxbjVzYTVENFRkaUlMTEp5OUtLSzF0dWY3ck5RcWdrJTJCcFR5S0NqVEhCckFPYWclMkZuMHJTZ2cz
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Feb 2023 16:58:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://dekor.delfi.ee
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dsh
hb.adscale.de/ Frame 2B1D 		11 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.123.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-123-114.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Feb 2023 16:58:04 GMT
content-encoding
gzip
vary
origin
p3p
CP=NOI PSA OUR
access-control-allow-origin
https://dekor.delfi.ee
content-type
text/plain
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
bid
ap.lijit.com/rtb/ Frame 2B1D 		94 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.24.0
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
691e665562268f82554eb81043b44cf3ee555e88763cc1385c86a750cfa3f579

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Feb 2023 16:58:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://dekor.delfi.ee
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
auction
rtb.adxpremium.services/openrtb2/ Frame 2B1D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c18ad3169d1e12d597e20a9328bd1cd18559ec73406b2c2ec03235bc7d3821cc

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:04 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://dekor.delfi.ee
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1982
Expires
0
log
bid-collector.digitalmatter.ai/api/ Frame 550A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bid-collector.digitalmatter.ai/api/log
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.200.125.19 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
integrator.js
adservice.google.de/adsid/ Frame 550A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dekor.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 550A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dekor.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 550A 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1490843324095921&correlator=1490594368117812&eid=31072019%2C31072038&output=ldjh&gdfp_req=1&vrg=2023020901&ptt=17&impl=fif&iu_parts=99287527%3A72743801%2Cdelfi_ee%2Cros_ru%2Cdee_ru_300x600_05_tower_foreign&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C3x1%7C300x600%7C300x250&fluid=height&ifi=1&adks=1694001513&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26hb_advertiser_domain%3Dlightinthebox.com%26hb_size%3D300x600%26hb_pb%3D0.13%26hb_adid%3D31fce95516eb233%26hb_bidder%3Dix%26upr_ab_test%3Da&cust_params=siteUrl%3Ddekor.delfi.ee%252F%26domain%3Ddekor.delfi.ee%26url_keywords%3Ddekor%252Cdelfi%252Cee%252C%26fledge%3Dfalse&sc=1&cookie=ID%3D862aab2aea5be9ba-2211f59990dc0043%3AT%3D1676393878%3ART%3D1676393878%3AS%3DALNI_Mbk1OBP01iNMHTurKhlsvYFugDoGQ&cdm=dekor.delfi.ee&gpic=UID%3D00000bb6f01939a6%3AT%3D1676393878%3ART%3D1676393878%3AS%3DALNI_MZA2hiVpeaNFM4sjIcM-KwC-5ZyKw&abxe=1&dt=1676393885091&lmt=1676393885&dlt=1676393881088&idt=692&adxs=1100&adys=1634&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=9dehjdpuymti&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fdekor.delfi.ee%2F&top=https%3A%2F%2Fdekor.delfi.ee%2F&frm=23&vis=1&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=835921100.1676393879&ga_sid=1676393885&ga_hid=1459889064&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04d7836e823edecb6c46216fc26b091fc2ae1b421d2129602b00092fd8686170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8613
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 550A 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d69e799f177456dc072b835030213ca9fbc42ea03ed64193d1f43f75858967a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11225
x-xss-protection
0
container.html
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EF9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:05 GMT
expires
Wed, 14 Feb 2024 16:58:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
bid-collector.digitalmatter.ai/api/ Frame 2B1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bid-collector.digitalmatter.ai/api/log
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.200.125.19 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
integrator.js
adservice.google.de/adsid/ Frame 2B1D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dekor.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2B1D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dekor.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2B1D 		95 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1891406153646305&correlator=2883436818163773&eid=31072029%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=2023020901&ptt=17&impl=fif&iu_parts=99287527%3A72743801%2Cdelfi_ee%2Cros_ru%2Cdee_ru_995x300_05_content_foreign&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C3x1%7C970x250%7C995x300%7C970x90&fluid=height&ifi=1&adks=4058549960&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26hb_advertiser_domain%3Dfisherinvestments.com%26hb_size%3D970x250%26hb_pb%3D0.28%26hb_adid%3D27ae778a1ff1c66%26hb_bidder%3Dix%26upr_ab_test%3Da&cust_params=siteUrl%3Ddekor.delfi.ee%252F%26domain%3Ddekor.delfi.ee%26url_keywords%3Ddekor%252Cdelfi%252Cee%252C%26fledge%3Dfalse&sc=1&cookie=ID%3D862aab2aea5be9ba-2211f59990dc0043%3AT%3D1676393878%3ART%3D1676393878%3AS%3DALNI_Mbk1OBP01iNMHTurKhlsvYFugDoGQ&cdm=dekor.delfi.ee&gpic=UID%3D00000bb6f01939a6%3AT%3D1676393878%3ART%3D1676393878%3AS%3DALNI_MZA2hiVpeaNFM4sjIcM-KwC-5ZyKw&abxe=1&dt=1676393885117&lmt=1676393885&dlt=1676393881080&idt=745&adxs=315&adys=1314&biw=1600&bih=1200&isw=995&ish=300&scr_x=0&scr_y=0&btvi=1&ucis=lj1v6glqyhx1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fdekor.delfi.ee%2F&top=https%3A%2F%2Fdekor.delfi.ee%2F&frm=23&vis=1&psz=995x300&msz=995x-1&fws=256&ohw=0&ea=0&ga_vid=835921100.1676393879&ga_sid=1676393885&ga_hid=504738632&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
331c63a6cd0f5d1da1e18621dbd1ca356b6ba2ba8a63057384e5fcaac3edad21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33493
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dekor.delfi.ee
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2B1D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5298a10e67a5354ddbb587aa1558c0e6476ab614afdec917d036794ef5688cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11157
x-xss-protection
0
container.html
9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F797 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:05 GMT
expires
Wed, 14 Feb 2024 16:58:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 550A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 16:58:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2B1D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 16:58:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B61 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22942
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 10:35:43 GMT
expires
Wed, 14 Feb 2024 10:35:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D568 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
40706017efbd5f62404d4393667ce6bd5fd7db58e044abedaac5d87ef422d0ca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yau5FRq2ONZxNH4_x5wZTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-yau5FRq2ONZxNH4_x5wZTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:05 GMT
expires
Tue, 14 Feb 2023 16:58:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
in-screen
stats-collector.cxense.com/cr-stats/event/ 		42 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/in-screen?adId=735879&bnId=57365606&pId=954892&location=https%3A%2F%2Fdekor.delfi.ee%2F&t=%D0%94%D0%B5%D0%BA%D0%BE%D1%80&cb=1676393885365&siteId=1145189970857384309&cxId=cx%3Aqwo8wfxslz05w9drj7zdatob%3A25mm80z00mkg8&cxprnd=le4hmsu3nvq70xr3&configId=22&timeOnScreen=2&impRndId=y305scqd86nz5v1q&evid=cx:qwo8wfxslz05w9drj7zdatob:25mm80z00mkg8
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:05 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
pagead2.googlesyndication.com/bg/ Frame 6B61 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 11:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
20912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14329
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 11:09:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3847 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22942
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 10:35:43 GMT
expires
Wed, 14 Feb 2024 10:35:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 96BC 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
386c46133094026b452a2e7f359d6c958d62a159703a71f64cef113b45d3595b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fNd_mOYbN1Ee36nruZAlkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-fNd_mOYbN1Ee36nruZAlkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:05 GMT
expires
Tue, 14 Feb 2023 16:58:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame D568 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020901&jk=1490843324095921&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 96BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020901&jk=1891406153646305&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
pagead2.googlesyndication.com/bg/ Frame 3847 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 11:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
20912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14329
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 11:09:33 GMT
generate_204
tpc.googlesyndication.com/ Frame 6B61 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Mw2ktQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
publishertag.ids.js
static.criteo.net/js/ld/ Frame 550A 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 16:58:05 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ Frame 550A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215d:e200:a:e047:752:5701 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 04:08:17 GMT
Via
1.1 c63e477878535a923916847cfe5704ea.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CPH50-C1
Age
46188
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
UJ7o3_M6Tzl0eR3BA5nk19NX0PkaSYzOQms8_DmUlZe0IpJitI95yQ==
esp.js
oa.openxcdn.net/ Frame 550A 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 05:57:48 GMT
content-encoding
gzip
age
1854017
x-guploader-uploadid
ADPycdvKOJDbmPrxrPJL4vY7Q8ueRs4xhqx9GWUVSpxOX-FBnCXRUSk1hiHq7UJe-hdp06LOdSoCcbOOpIcMaUqTPAts_g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 24 Jan 2024 05:57:48 GMT
esp.js
cdn.id5-sync.com/api/1.0/ Frame 550A 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
MFKC3TVFFG0HS7AP
age
1456
etag
W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
799758b91cdf91fb-FRA
x-amz-id-2
Q9Q8N0TXlJRXJUx11hDmn5c1nflEiZbRWD50UXh1ESWqrQIZDbd6ceLCnE1FfX4KI/b5vZOPQkaqUW1SdCUzpw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame 550A 		732 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Feb 2023 16:58:05 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
1751
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
437
x-served-by
cache-fra-eddf8230037-FRA, cache-hhn-etou8220094-HHN
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
container.html
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB0C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:05 GMT
expires
Wed, 14 Feb 2024 16:58:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jquery.min.js
keytarget.adnet.lt/stable/jquery/3.4.1/ Frame 550A 		274 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/jquery/3.4.1/jquery.min.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
gzip
last-modified
Fri, 29 Nov 2019 12:46:15 GMT
server
nginx
age
798
etag
"5de11317-4472c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
101393
expires
Wed, 15 Feb 2023 16:58:05 GMT
container.html
9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F4D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:05 GMT
expires
Wed, 14 Feb 2024 16:58:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jquery.min.js
keytarget.adnet.lt/stable/jquery/3.4.1/ Frame 2B1D 		274 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/jquery/3.4.1/jquery.min.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Tue, 14 Feb 2023 16:58:05 GMT
content-encoding
gzip
last-modified
Fri, 29 Nov 2019 12:46:15 GMT
server
nginx
age
798
etag
"5de11317-4472c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
101393
expires
Wed, 15 Feb 2023 16:58:05 GMT
generate_204
tpc.googlesyndication.com/ Frame 3847 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nZxZWA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
increment
id5-sync.com/api/esp/ Frame 550A 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dekor.delfi.ee
date
Tue, 14 Feb 2023 16:58:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/ Frame 550A
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdekor.delfi.ee%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdekor.delfi.ee%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fdekor.delfi.ee%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
3394281507aea79d8bf61c2fe889709e24c33f0ef3485b4e30c9a48d514a541e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-jF0LZFLhk8sXjsZn6wpTwbZ36ZE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dekor.delfi.ee
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 14 Feb 2023 16:58:06 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://dekor.delfi.ee
location
/esp?url=https%3A%2F%2Fdekor.delfi.ee%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame B66F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=dekor.delfi.ee
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:05 GMT
server
Kestrel
server-processing-duration-in-ticks
833106
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
7f18ca2d5e76e6394611c7986e4bc896.js
www.gstatic.com/mysidia/ Frame 6F4D 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7f18ca2d5e76e6394611c7986e4bc896.js?tag=client_fast_engine_2019
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 09:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
371917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4353
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 00:05:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 11 May 2023 09:39:29 GMT
5d28de0ea382dd679456ddb293efbff8.js
www.gstatic.com/mysidia/ Frame 6F4D 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d28de0ea382dd679456ddb293efbff8.js?tag=core/multiplex_design_v1
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7362e1beaa76f870436bdcdfac7ead0b00c779baba45784469e3897301ed748f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5195
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 00:05:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 11 May 2023 16:42:18 GMT
css
fonts.googleapis.com/ Frame 6F4D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 16:22:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 16:58:06 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame 6F4D 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
12971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:21:55 GMT
648c6f6b4cc0a60579e4d4eabd524b17.js
www.gstatic.com/mysidia/ Frame 6F4D 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/648c6f6b4cc0a60579e4d4eabd524b17.js?tag=exit_2019
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4caf607cf2f924aeddc636f4f666b2275be1f86ce40f729a2360366d31c46027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 04:26:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9811
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 01:42:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 11 May 2023 04:26:34 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/ Frame 6F4D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/abg_lite_fy2021.js
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
284cc0215846e0177a71374a6b5edfc803d932978413faca489263984d2866fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
12971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9046
x-xss-protection
0
server
cafe
etag
3345793926543552485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:21:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame 6F4D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:24:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
12812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:24:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame 6F4D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2020e8a3c910eca0ba278da98160214b0798a0bf37269ea5426e5a97d3f123bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
12813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8507
x-xss-protection
0
server
cafe
etag
4276712384950353844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:24:33 GMT
l
www.google.com/ads/measurement/ Frame 6F4D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAyQ_lnbT27XP9TuQfqvUptVb32ByDDBkM8yTDTtNiqwJwlEksNZhY-WhdDozGx_v_xnyxsBZDRsnm-fxNQ0mpIaZ5dQ
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6F4D 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48832
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676324880006035"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 16:58:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D515 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQ5uqlogQYxYvl3gEwAQ&v=APEucNWOaXBikSnA5AwZopGqmW5u1TKKtmlyjCt_G7ilBtiXqdxJxCPItIyi5I3gDaq9PU9R2lT029kO3k4uIoAdI_0GEi4tOQjimxqHhJfIC3DdPAskjlZu2vBYsgq9E9VzccZ0pqNaMxb1-AFB-ICDIxhJoB51y9BmaYGrqFtu3Y2ILLD5EZkrYq-Ga6WqtOeA_ak0vwv_CLiW2GXnkrDhqdp67M55Og
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AB0C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 14 Feb 2023 16:58:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB0C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_hqJ1oiULygEw9TRgjhX731r2edAcDgXpVNB7kMcT9-jyseVNIPqFiuhPS6t3LfJzmvaHzWF3PiIjyHDpimVYuYWjQ_q_1cs04ZVXS4loMLvGQr8
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB0C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2883273797860983161&x=1&ct=76
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame AB0C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/window_focus_fy2021.js
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:24:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
12812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:24:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame AB0C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2020e8a3c910eca0ba278da98160214b0798a0bf37269ea5426e5a97d3f123bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
12813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8507
x-xss-protection
0
server
cafe
etag
4276712384950353844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:24:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB0C 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48832
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676324880006035"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 16:58:06 GMT
sid
mug.criteo.com/ Frame B66F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=delfi.ee&sn=ChromeSyncframe&so=3&topUrl=dekor.delfi.ee&bundle=m41tMV9zaFYlMkJmSk4lMkY1bk9WSktDaEpSQWo2QWNmMjFaOXlaUnAlMkZsbXV4UU5MYmJrO...
  • https://mug.criteo.com/sid?cpp=HEHwUHxYWHg0dW9zUGE4UnNVS0tRNll6UCtCcGpNdSt3L1lCK0tsTm9ObGtDWG0vTXZDNTkxRjBXUG9IWFdRaWZqcEY0aERReUFMQ1F1SzI4cFJwZWVmcVVvR2thcVBhcWx0NG52dU5STkVwaGFQbFlwQnZwV2liaXRkQ2...
431 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HEHwUHxYWHg0dW9zUGE4UnNVS0tRNll6UCtCcGpNdSt3L1lCK0tsTm9ObGtDWG0vTXZDNTkxRjBXUG9IWFdRaWZqcEY0aERReUFMQ1F1SzI4cFJwZWVmcVVvR2thcVBhcWx0NG52dU5STkVwaGFQbFlwQnZwV2liaXRkQ2RUbis5ZXZBb0p1NnJGcStGOSttVVF2TzIxa0VvR1cvMC9DVGVJdlRNOHBrdEdlZ2lPM2Y2anhQN3FIQUZ0RSsvOUJCVVI1VTdCL3ZJbGR1NkVwRC9IeUxxTktTYnl1ME8zekY4allLVTN1YU5RZ0hQUHBOWTRQbkxycWpxZUhWcUJEaUR2eURseWpWTUZqb0pybW1hMVJQMlVPNUlsQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2bc9c045bb7e85c817d05212f850787274f5b3de3fe63df280d0a486d838f434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2553705
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=HEHwUHxYWHg0dW9zUGE4UnNVS0tRNll6UCtCcGpNdSt3L1lCK0tsTm9ObGtDWG0vTXZDNTkxRjBXUG9IWFdRaWZqcEY0aERReUFMQ1F1SzI4cFJwZWVmcVVvR2thcVBhcWx0NG52dU5STkVwaGFQbFlwQnZwV2liaXRkQ2RUbis5ZXZBb0p1NnJGcStGOSttVVF2TzIxa0VvR1cvMC9DVGVJdlRNOHBrdEdlZ2lPM2Y2anhQN3FIQUZ0RSsvOUJCVVI1VTdCL3ZJbGR1NkVwRC9IeUxxTktTYnl1ME8zekY4allLVTN1YU5RZ0hQUHBOWTRQbkxycWpxZUhWcUJEaUR2eURseWpWTUZqb0pybW1hMVJQMlVPNUlsQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
362551
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame D515
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQ5uqlogQYxYvl3gEwAQ&v=APEucNWOaXBikSnA5AwZopGqmW5u1TKKtmlyjCt_G7ilBtiXqdxJxCPItIyi5I3gDaq9PU9R2lT029kO3k4uIoAdI_0GEi4tOQjimxqHhJfIC3DdPAskjlZu2vBYsgq9E9VzccZ0pqNaMxb1-AFB-ICDIxhJoB51y9BmaYGrqFtu3Y2ILLD5EZkrYq-Ga6WqtOeA_ak0vwv_CLiW2GXnkrDhqdp67M55Og
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame D515
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.u9nj3ver2KnIsSxzEP4gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQ5uqlogQYxYvl3gEwAQ&v=APEucNWOaXBikSnA5AwZopGqmW5u1TKKtmlyjCt_G7ilBtiXqdxJxCPItIyi5I3gDaq9PU9R2lT029kO3k4uIoAdI_0GEi4tOQjimxqHhJfIC3DdPAskjlZu2vBYsgq9E9VzccZ0pqNaMxb1-AFB-ICDIxhJoB51y9BmaYGrqFtu3Y2ILLD5EZkrYq-Ga6WqtOeA_ak0vwv_CLiW2GXnkrDhqdp67M55Og
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFe8reDDzgZlfh6lIWlbWns&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D515
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_FQdvJ1ljCLKvjlKNnTwA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_FQdvJ1ljCLKvjlKNnTwA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQ5uqlogQYxYvl3gEwAQ&v=APEucNWOaXBikSnA5AwZopGqmW5u1TKKtmlyjCt_G7ilBtiXqdxJxCPItIyi5I3gDaq9PU9R2lT029kO3k4uIoAdI_0GEi4tOQjimxqHhJfIC3DdPAskjlZu2vBYsgq9E9VzccZ0pqNaMxb1-AFB-ICDIxhJoB51y9BmaYGrqFtu3Y2ILLD5EZkrYq-Ga6WqtOeA_ak0vwv_CLiW2GXnkrDhqdp67M55Og
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:06 GMT
AN-X-Request-Uuid
9cbb5cfc-e779-4ec6-99d0-3154da42f486
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_FQdvJ1ljCLKvjlKNnTwA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D515
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAxOTU2ODc4Mzc0NTQwNDAyNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAxOTU2ODc4Mzc0NTQwNDAyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQ5uqlogQYxYvl3gEwAQ&v=APEucNWOaXBikSnA5AwZopGqmW5u1TKKtmlyjCt_G7ilBtiXqdxJxCPItIyi5I3gDaq9PU9R2lT029kO3k4uIoAdI_0GEi4tOQjimxqHhJfIC3DdPAskjlZu2vBYsgq9E9VzccZ0pqNaMxb1-AFB-ICDIxhJoB51y9BmaYGrqFtu3Y2ILLD5EZkrYq-Ga6WqtOeA_ak0vwv_CLiW2GXnkrDhqdp67M55Og
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Feb 2023 16:58:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bad4bd21-5cbb-4d8f-8c31-be0e15b421da
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAxOTU2ODc4Mzc0NTQwNDAyNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB0C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3447786992313&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB0C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3447786992313&version=m202301230201&ct=76&x=1&cor=2883273797860983300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AB0C 		98 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2VM8C6RdfpjU-M9dWvRoSfynbkq_cEYakpWH0AS5_LFgCePULioD5jLzFD_20A-WmoL1wudFJ9IcLwWcJv74mxYxVXQ&cry=1&dbm_d=AKAmf-CaowHO_HhXnrIeaQPsjBi8qlkijGSuh_shuEbZwiHT54ZFajq-oOWzthqS25VPKF8Ouwv1cyPOeUlwE5f06yY31pATJWvlWWosCvBIb4NCXUG1u2y-D1QWotlrAvXA7RVLSJQtxFMaHRrN8e2Zi3Z-zFoYLqePLHtnvWBQA9fUAnXmQSKhrxgp4Z2GwODoFaRERB1yFkLQMW9-SPdVm96mbiREXPad7MfmPQYcaHMzZq7x_7XZaeu_OOwbTTT6gjZFTX3mT99kEuKwkstHM-DrNIJzq7DRk0z7lFkPhRmJURb4V0ne3Si3PUt9tiPZQQuaiiflylrVozxHmUnTGyzUzlXzLuzBq3XfKBrFWBS_o_TqZ8DIkhIcYCc1xvH7FnDC_mEyGOBD8iPlsYuU2QayyugdkBUQ6NkcmOStBj6fYmVY1TmpekaCc252RmbVGKMFqfn5wqVGEKxDFBA2UYT6zStfXy0ok1UF-0AFdIn6lKVlxZUDvG3ZIXJv1hQuun89Uhmq597eh1uMSFPjE5F3yfoSJ2MT1sAWgThJkmv5wlHzdOJmQlIiMUteP2qhSeNYK6hFDQLin36zUzMDKA1yEwVuCDDNgJhV9yvxjBsper1fUN8ZaFHnWcfB2wc0tSviAtMrDTvpwibZ2X5ygyclW3AYglNZEXsb-1Hbv2sXEQw5Br9rWNoa3n5u-xJC09g9QixIMYl-9xiVp7m5fU1QgBNCnj9MWdd0mK-efz-zexoJQB0ZXacS625FGzWeZw1HJVE6WGrSHpangWBY03wYmSTd4kyhlUnDglFOoTGquwvblDWr4DlX3Hgt0mQ92iOsnP1aAQpucJ9cGRKRUCTWfnKOdJEBv2GijKOsFr1qpYotr6DSXxvKBihpymc69HpvDu_LPx-PQdnPzFdE_3jcDyCUUsbPvz4o2nrbafUKs6_i0x8xNDZhYGg61T9U92_RQ5OetfWHxL1Evvd6QXSczR3LDmQj5a1pYzlT7CuyPQnvGVpdl2z_2H_ns6gLj86zxvIJ2qJr1oAEtjXaJHIeHirqmfKIrQAvg1D2iRG_Mg-BxIEanmNT_3BOacyLWEr_eYVIxl5XTkKEcov3Dk0mbYjFKTuHqQWMRQe0fh2d_y2EfnEnvztMVW4qbPJiAKNcAHPfLtuX85uBRK1Adgh3hVWXcn4hE0GrWKSQD_fpHtNjf4PA1KRluSiXsflScLnSxM9asR1LDz41Nw956mQi64yDKdTs6VPDDFrhXPtVF_PrfWVJNgr9FbAXiWHBdTM5qOPtSctjpwVHKF6WMtfiUl1fgA78Ah5HmVtmIGvnonG-4lyMSmjdf9R9oFoMYvDz1JBuOZkwbsVb_mRN7j9WxWvjqHL-V9jdD-P2Anzv-NoOIDHDO4NbOFi2SsIEr7mCr99IGFiKUJVK4KLi65LnzamqfDdU7Clrwc4Ixm0XnqUjFb8cXjycSTMq_e5IN_3kJKs4IusbMGJyhj0esBpwoiU3gXRc6SSAjwyq5arxh7odumI2uMl1bCoqZ_Zbj0VVNOEmIWqF2AZkz1CNXndTl6Z9uGm9C1h5Nu5YILLFLC_NJJdGABmZOYNscYmX4vQ-QgZoBBys5BBsiSgQnK-At16VJVX3lfuRW9CQXV_SZouTOCrxm93UBy7TAEyfBz01kakiYiU1aZoDQfZ7nQnlqcFBn6qYX9Ut8sAYGcGw20HA43tqllh5c_JrIyGX4ChhYWvBG0wXk2SlqSpQmmvCszvmLuhZQIzC5jJ15mkuL9MTgFqJI0kxeUQ6QcaEt0CHPrRuRoJp7kFgpFpblQ5ZZENHCITduwP0-B6cJLWTBO0wxYmdSXWPXLSaYD1RLgeShKsFDKi453DBaPnFKyRcrwJn14MtOKWkeUZpqtlHFeimQ8HV5242N7YX9V6WBxCp9J4PR7Q1bUDFkMr7HEKGPnsQrxBtC-r8GcGuZpAfObIm6yCkb9E8iUYZHpsaktj3tsP2DacAwyKEPE_bf0SDO7nSkO1SCDmZGmlCNNojj_7wdzb3Ww9dwSY7TdtS5RBCgCRBxvpYSR8V9s-tI7s6oc3YYLfqk6ftDA5BHWWVEcSSMW053mhSkEup8laqWiHze-LYWo1cRUKImPJw8t_O81oOncXGiaWepJWOE3sxcqQl-v5ZwdhymZX6DcWxfzjv-7UM-HYFQxThsm_cwVnihFaeh7QoUheEhvBF04HskXkm7_Fxx3fLK8B8hqT7qI5J2fzN18JyfBjqdoF0E10M30iPpCYuec-xUjTPEGHvYS1sIM1nELrMsKfWVVLGqGdtaYKhMAEF8oHvga__aJUZud1Xz1mJ5oC_IShrsszPvQ9rM8y0WynYyAihMwUp6HRH94tNYU4Lho4OirJGZEhKPeBAs5sz8ZEOpi-CuBLe0siJUxaxKTVEyapZ4LrfrpEP0x4i3ZEAvQRaH7GF9eF2k_e8METWF_pEikk3M6P6msUZ_6ffg6PuWUUCozyWE7hYC-erXeUhyCEg30ZTPxb1G6-WahwnRq2K9ytEZsCc9xNbYEMOWcpixqL1nc8J3916Ws1lyTGx43P4ZwEmR34_vd1FoPDkWdCKtU9ro7h6Sb_7FZkX-Mmb5jrbR59MSiP3_3DuD66Idb-ZxQfG9RjWy5EcYexrOTsyXVqcKReWgG-yta7CHnqf-u7cLahcRxqAUjUPSwJ4DfbqGmAK8ViMgFt2ffHD5wBfyfDBO7paAHn-MFY3y8bxx23WjAkqEKPHPwUpKajMG6MV3cf-5-Djfa067HnFGtPyK1o52IzT6cYDRA2fnGr6hD7zfrgUhCW4NrL40DUz70LwYm2U0I_SfLrhOoWbmnOrqd8JWsBeoj3F3iGSOAfBC9akZejVOY8CAX-xK6ljSoTAGxc1bAodIZBkbqP7JBl065DUxHO9Mzu6IP_yA6iTapOl0aaHRy0IhUlnBUIvPQuOveV8oIvIoxkC4GCd7puW4828KIoJ2C1JUIoy6UGqFbUxdyEmXA_WsT9PCWSDifiYnT4KIFNuZp2pKp7JOfOe0DmNoOQ5yWKI-hbN4favNAa4oy8wso6KT-YLys-i18vfKcdwq1Gmg4JKNeM35pmbPrloMUf_SNNZzCTosdXZ77rDMD1y-p6gdRMluO2n33w7ikPdys9EuEMIBP0hiKXSAYL4y3gAaabNp3RpcIBHfTZPHfmcYwNQTjzVzCL_rUZpNms8TadNEtBolvUBaFDOnsSFhk19LBQXHMIFep2wJqksd9nVcasfYYkJ6nLKF8vH8XwZ4IsCrnHVHQIQniPGrfN6dW6baCtYMUpnQc6IXC24YYyvc1vqUcAeXvpnbxy-CCjAHX2vmPVKORrTmdFiQO2_Y9qCTgG5CDMN69hV5fqavjC3fpWDzGf242uAsrE4rFeWI6FwQ1dYZdwnX1zPJ2lZYn-R8qrSmRV4KvzZGqmK4cz7QjRIeu_gklEuxNl24Oozd0P3Zx0l_Pm3ggvVBqmjdRllmHiMfTPbVGXXdKVWP3QNu_jnSuCJZe3i95UB8CBes4hapct9mw7iAfN-vp7H56eoL-MzMrH724_F33wo4RVFlSyQj0MVupNlp-9KKurqbLZdb3cd3QwU_5c2FYTEX9mCgsBZgW8hggGkAqPmRn6FN6XmYsOlw-VdKNhQ2r-Oc2u5fFwG1nZqgksMvVEy3xs9OtNNZFeAXIzXuGYdE7KpTuSnRwfTFRLt0fv6TMJs_JsDOgzelBims_wJjukJbPaLgNqW-QK-ITeEZbK1rm22lXSZdiRukLi8Kwh_izh7vn0O8X4eQu4YPieI7Ff3ooMfvKmPJXLk2-qJEyyLB6h9pUyd7mHBeY9OmTZp1yN9mnUrjNqlwuRtYEcwCLiifX5gN1n6g0o&cid=CAQSPADUE5ym57rqLFh8RzEVpvq5nDylryPHYC50aAT3joicfuSYIFJYvfs2rbSE6MWyDySmPNGnmr5prfY9ixgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fdekor.delfi.ee&ds=l&xdt=1&iif=1&cor=2883273797860983300&adk=3307404408&idt=135&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e994fbb42463c8b16d6d2ca3b8c2d71ffde867c6d147e6950d6b7c2b97a072c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38160
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 550A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020901&jk=1490843324095921&bg=!NDelN2PNAAYuhb89DoU7ADkAdvg8WtGj3KKrvqgzECdqZPJ0FTqZm9IoDfBups4fcg3bFpdPq4CtshNPNOIrn6xYUkp8uv2uivYCAAAAtVIAAAADaAEHmQLL4Ci9B0POTAwUM18xwVP9T28i3GKLvin3A4i9WrCrZuzR4siZdLGxIrbNmDp-fSFc_LCXL66vX4hqK3pBZcEGYxuvPM5WXhrRgMH6s4AqvI4fHuE8EEYsqir3qa8t2cImQynpj8WEO71QloFs_1-Zx_ccHLM9_DcLJ0tNpbfTZJieWLVlUo_MFb4gInN_Cvo1IY9P7__aept4-uW27xV5ZW03vYbmTNvX5cUnsDfzKijYeVLF-_qLj1jrbxVd6WsV-t_o5IXly_UL4_E6r1Cm_w3oDp5F_M8viPxIM3Qpn2covo3u6fR064TplWQnpbL3DvCLM1oYoDzD_Ko47NIkS3B5_JD6cPh_pssIHEL8IhX03fL6d1E3XaJcZ-gGVxUVMD424_Uy3KiX9qnhTKS9LYh8qV0-w-Qixe_GgS6I9dn5EyuWXIoU9y9H4W8-IRTdqZ3fksL2-lZrxzr1qW3miUIL9K3_NSUz-INZUSBbsxsw-7nm5B8EtoNZlT-C83TRk-OfKMXK-rb6bReSTftpBTilCml7x-FI9R7UNWs-qp3UZchwGUkYxtKIN7N1IhBSlWEUtYDwDmOt1X0AHy4EWKrI_blUjI4SLzwHFgW5ckBjP46Z6C3mwW7cSEnqxpkNLLoSvkVR7dvOTQkcwQxzMKyyIlcb95_DCOc1Z63jOmPCUMV88QcXig-g7kWI3BuUPGxQLkf9HqCMSbId6k5jwo8KlZobyMjZQmbDQe4V2_pt15MSxQ3ellXDpfjVo6LArtBsizNR6D3tsg47WWdAb0qWDcEw6Mp6bP4uFl4EW9hIj6ERpHi87l-_sAJaRVTt3Tt9rklxd3Ore29RTjLBngRgpIO9bvamf6f6IcwZ2qWkTXpW4nRZ-HiQSmiva0rAZG7U3hLF4yGUW9bt7b5q7LtkmjRjMLNGqgbeIycVNTVKG0lzFbz0DoZNgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
publishertag.prebid.132.js
static.criteo.net/js/ld/ Frame 550A 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 16:58:06 GMT
/
track.adform.net/serving/unload/ Frame D60F 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6129535923113100799@@48615288,2055496184212126212,0|0|0|0|0|0|0|0|0||0|0|||||1|0|0|LtKRPqF4PhV5lT90q-mtzVo3yN63vf9OeFfgU6DuzHG8p8lx9F5Of14KcVAItdvSAlr413CuUjaoWv4un0YmxnKwzZPfEvfqq0OqpNuGhK1kAW6OdCBF7A2|4zIebbcTUfWu7n-9lBY4jCmV8zAdCXPt6cBkmpfkvZowxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiWyR7GegfGjV_qxnwrcWfOSYRBtvp6MCIc-v6xf51X48OJRNPE5fIdjfGHYhGEBzsXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoxaMB7E3Is5U1|1|11|0|0@@48615490,7615849639038578892,0|0|0|0|0|0|0|0|0||0|0|||||1|0|0|9gvfwdA5ME95lT90q-mtzVo3yN63vf9OeFfgU6DuzHG8p8lx9F5Of14KcVAItdvSAlr413CuUjaoWv4un0YmxoCjQL9ztU_fT8sigcIVU_1kAW6OdCBF7A2|4zIebbcTUfUPDAynFSSJ3CmV8zAdCXPt6cBkmpfkvZowxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiRMMTNGKOjnVMhKDdVd3OEvhI6FhwDQIi71nWcBXEzAD_7cjxjaVeWsRzMQZFNLc-nFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoxaMB7E3Is5U1||11|0|0
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
15907423778787375547
s0.2mdn.net/simgad/ Frame 6F4D 		922 KB
923 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15907423778787375547?w=400&h=209
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
979f22e251965d22160a798cc3b8827d9b099acb1113123fe033a1b4186dab50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 13:57:10 GMT
x-content-type-options
nosniff
age
183656
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
944308
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 12:51:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Feb 2024 13:57:10 GMT
truncated
/ Frame 6F4D 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4B00 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 04:54:21 GMT
etag
48472445140208031
expires
Wed, 15 Feb 2023 04:54:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6F4D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6362d595fe704d1a94572dc761e58bb0fefce1414c7eaf1b7d85be41d429a617

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.132.js
static.criteo.net/js/ld/ Frame 2B1D 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 16:58:06 GMT
syncframe
gum.criteo.com/ Frame 5E0B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dekor.delfi.ee
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:06 GMT
server
Kestrel
server-processing-duration-in-ticks
2775099
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 550A 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-162fb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 16:58:06 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1347715/69353376/ Frame AB0C 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1347715/69353376/skeleton.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.61.24 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b82de132537da69427cc65e31a46cdd793abb796da9cff47f4035cd973441eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame AB0C 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
Origin
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 13:24:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230209/r20110914/elements/html/ Frame AB0C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230209/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2VM8C6RdfpjU-M9dWvRoSfynbkq_cEYakpWH0AS5_LFgCePULioD5jLzFD_20A-WmoL1wudFJ9IcLwWcJv74mxYxVXQ&cry=1&dbm_d=AKAmf-CaowHO_HhXnrIeaQPsjBi8qlkijGSuh_shuEbZwiHT54ZFajq-oOWzthqS25VPKF8Ouwv1cyPOeUlwE5f06yY31pATJWvlWWosCvBIb4NCXUG1u2y-D1QWotlrAvXA7RVLSJQtxFMaHRrN8e2Zi3Z-zFoYLqePLHtnvWBQA9fUAnXmQSKhrxgp4Z2GwODoFaRERB1yFkLQMW9-SPdVm96mbiREXPad7MfmPQYcaHMzZq7x_7XZaeu_OOwbTTT6gjZFTX3mT99kEuKwkstHM-DrNIJzq7DRk0z7lFkPhRmJURb4V0ne3Si3PUt9tiPZQQuaiiflylrVozxHmUnTGyzUzlXzLuzBq3XfKBrFWBS_o_TqZ8DIkhIcYCc1xvH7FnDC_mEyGOBD8iPlsYuU2QayyugdkBUQ6NkcmOStBj6fYmVY1TmpekaCc252RmbVGKMFqfn5wqVGEKxDFBA2UYT6zStfXy0ok1UF-0AFdIn6lKVlxZUDvG3ZIXJv1hQuun89Uhmq597eh1uMSFPjE5F3yfoSJ2MT1sAWgThJkmv5wlHzdOJmQlIiMUteP2qhSeNYK6hFDQLin36zUzMDKA1yEwVuCDDNgJhV9yvxjBsper1fUN8ZaFHnWcfB2wc0tSviAtMrDTvpwibZ2X5ygyclW3AYglNZEXsb-1Hbv2sXEQw5Br9rWNoa3n5u-xJC09g9QixIMYl-9xiVp7m5fU1QgBNCnj9MWdd0mK-efz-zexoJQB0ZXacS625FGzWeZw1HJVE6WGrSHpangWBY03wYmSTd4kyhlUnDglFOoTGquwvblDWr4DlX3Hgt0mQ92iOsnP1aAQpucJ9cGRKRUCTWfnKOdJEBv2GijKOsFr1qpYotr6DSXxvKBihpymc69HpvDu_LPx-PQdnPzFdE_3jcDyCUUsbPvz4o2nrbafUKs6_i0x8xNDZhYGg61T9U92_RQ5OetfWHxL1Evvd6QXSczR3LDmQj5a1pYzlT7CuyPQnvGVpdl2z_2H_ns6gLj86zxvIJ2qJr1oAEtjXaJHIeHirqmfKIrQAvg1D2iRG_Mg-BxIEanmNT_3BOacyLWEr_eYVIxl5XTkKEcov3Dk0mbYjFKTuHqQWMRQe0fh2d_y2EfnEnvztMVW4qbPJiAKNcAHPfLtuX85uBRK1Adgh3hVWXcn4hE0GrWKSQD_fpHtNjf4PA1KRluSiXsflScLnSxM9asR1LDz41Nw956mQi64yDKdTs6VPDDFrhXPtVF_PrfWVJNgr9FbAXiWHBdTM5qOPtSctjpwVHKF6WMtfiUl1fgA78Ah5HmVtmIGvnonG-4lyMSmjdf9R9oFoMYvDz1JBuOZkwbsVb_mRN7j9WxWvjqHL-V9jdD-P2Anzv-NoOIDHDO4NbOFi2SsIEr7mCr99IGFiKUJVK4KLi65LnzamqfDdU7Clrwc4Ixm0XnqUjFb8cXjycSTMq_e5IN_3kJKs4IusbMGJyhj0esBpwoiU3gXRc6SSAjwyq5arxh7odumI2uMl1bCoqZ_Zbj0VVNOEmIWqF2AZkz1CNXndTl6Z9uGm9C1h5Nu5YILLFLC_NJJdGABmZOYNscYmX4vQ-QgZoBBys5BBsiSgQnK-At16VJVX3lfuRW9CQXV_SZouTOCrxm93UBy7TAEyfBz01kakiYiU1aZoDQfZ7nQnlqcFBn6qYX9Ut8sAYGcGw20HA43tqllh5c_JrIyGX4ChhYWvBG0wXk2SlqSpQmmvCszvmLuhZQIzC5jJ15mkuL9MTgFqJI0kxeUQ6QcaEt0CHPrRuRoJp7kFgpFpblQ5ZZENHCITduwP0-B6cJLWTBO0wxYmdSXWPXLSaYD1RLgeShKsFDKi453DBaPnFKyRcrwJn14MtOKWkeUZpqtlHFeimQ8HV5242N7YX9V6WBxCp9J4PR7Q1bUDFkMr7HEKGPnsQrxBtC-r8GcGuZpAfObIm6yCkb9E8iUYZHpsaktj3tsP2DacAwyKEPE_bf0SDO7nSkO1SCDmZGmlCNNojj_7wdzb3Ww9dwSY7TdtS5RBCgCRBxvpYSR8V9s-tI7s6oc3YYLfqk6ftDA5BHWWVEcSSMW053mhSkEup8laqWiHze-LYWo1cRUKImPJw8t_O81oOncXGiaWepJWOE3sxcqQl-v5ZwdhymZX6DcWxfzjv-7UM-HYFQxThsm_cwVnihFaeh7QoUheEhvBF04HskXkm7_Fxx3fLK8B8hqT7qI5J2fzN18JyfBjqdoF0E10M30iPpCYuec-xUjTPEGHvYS1sIM1nELrMsKfWVVLGqGdtaYKhMAEF8oHvga__aJUZud1Xz1mJ5oC_IShrsszPvQ9rM8y0WynYyAihMwUp6HRH94tNYU4Lho4OirJGZEhKPeBAs5sz8ZEOpi-CuBLe0siJUxaxKTVEyapZ4LrfrpEP0x4i3ZEAvQRaH7GF9eF2k_e8METWF_pEikk3M6P6msUZ_6ffg6PuWUUCozyWE7hYC-erXeUhyCEg30ZTPxb1G6-WahwnRq2K9ytEZsCc9xNbYEMOWcpixqL1nc8J3916Ws1lyTGx43P4ZwEmR34_vd1FoPDkWdCKtU9ro7h6Sb_7FZkX-Mmb5jrbR59MSiP3_3DuD66Idb-ZxQfG9RjWy5EcYexrOTsyXVqcKReWgG-yta7CHnqf-u7cLahcRxqAUjUPSwJ4DfbqGmAK8ViMgFt2ffHD5wBfyfDBO7paAHn-MFY3y8bxx23WjAkqEKPHPwUpKajMG6MV3cf-5-Djfa067HnFGtPyK1o52IzT6cYDRA2fnGr6hD7zfrgUhCW4NrL40DUz70LwYm2U0I_SfLrhOoWbmnOrqd8JWsBeoj3F3iGSOAfBC9akZejVOY8CAX-xK6ljSoTAGxc1bAodIZBkbqP7JBl065DUxHO9Mzu6IP_yA6iTapOl0aaHRy0IhUlnBUIvPQuOveV8oIvIoxkC4GCd7puW4828KIoJ2C1JUIoy6UGqFbUxdyEmXA_WsT9PCWSDifiYnT4KIFNuZp2pKp7JOfOe0DmNoOQ5yWKI-hbN4favNAa4oy8wso6KT-YLys-i18vfKcdwq1Gmg4JKNeM35pmbPrloMUf_SNNZzCTosdXZ77rDMD1y-p6gdRMluO2n33w7ikPdys9EuEMIBP0hiKXSAYL4y3gAaabNp3RpcIBHfTZPHfmcYwNQTjzVzCL_rUZpNms8TadNEtBolvUBaFDOnsSFhk19LBQXHMIFep2wJqksd9nVcasfYYkJ6nLKF8vH8XwZ4IsCrnHVHQIQniPGrfN6dW6baCtYMUpnQc6IXC24YYyvc1vqUcAeXvpnbxy-CCjAHX2vmPVKORrTmdFiQO2_Y9qCTgG5CDMN69hV5fqavjC3fpWDzGf242uAsrE4rFeWI6FwQ1dYZdwnX1zPJ2lZYn-R8qrSmRV4KvzZGqmK4cz7QjRIeu_gklEuxNl24Oozd0P3Zx0l_Pm3ggvVBqmjdRllmHiMfTPbVGXXdKVWP3QNu_jnSuCJZe3i95UB8CBes4hapct9mw7iAfN-vp7H56eoL-MzMrH724_F33wo4RVFlSyQj0MVupNlp-9KKurqbLZdb3cd3QwU_5c2FYTEX9mCgsBZgW8hggGkAqPmRn6FN6XmYsOlw-VdKNhQ2r-Oc2u5fFwG1nZqgksMvVEy3xs9OtNNZFeAXIzXuGYdE7KpTuSnRwfTFRLt0fv6TMJs_JsDOgzelBims_wJjukJbPaLgNqW-QK-ITeEZbK1rm22lXSZdiRukLi8Kwh_izh7vn0O8X4eQu4YPieI7Ff3ooMfvKmPJXLk2-qJEyyLB6h9pUyd7mHBeY9OmTZp1yN9mnUrjNqlwuRtYEcwCLiifX5gN1n6g0o&cid=CAQSPADUE5ym57rqLFh8RzEVpvq5nDylryPHYC50aAT3joicfuSYIFJYvfs2rbSE6MWyDySmPNGnmr5prfY9ixgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fdekor.delfi.ee&ds=l&xdt=1&iif=1&cor=2883273797860983300&adk=3307404408&idt=135&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:24:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
12812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:24:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230209/r20110914/ Frame AB0C 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230209/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2VM8C6RdfpjU-M9dWvRoSfynbkq_cEYakpWH0AS5_LFgCePULioD5jLzFD_20A-WmoL1wudFJ9IcLwWcJv74mxYxVXQ&cry=1&dbm_d=AKAmf-CaowHO_HhXnrIeaQPsjBi8qlkijGSuh_shuEbZwiHT54ZFajq-oOWzthqS25VPKF8Ouwv1cyPOeUlwE5f06yY31pATJWvlWWosCvBIb4NCXUG1u2y-D1QWotlrAvXA7RVLSJQtxFMaHRrN8e2Zi3Z-zFoYLqePLHtnvWBQA9fUAnXmQSKhrxgp4Z2GwODoFaRERB1yFkLQMW9-SPdVm96mbiREXPad7MfmPQYcaHMzZq7x_7XZaeu_OOwbTTT6gjZFTX3mT99kEuKwkstHM-DrNIJzq7DRk0z7lFkPhRmJURb4V0ne3Si3PUt9tiPZQQuaiiflylrVozxHmUnTGyzUzlXzLuzBq3XfKBrFWBS_o_TqZ8DIkhIcYCc1xvH7FnDC_mEyGOBD8iPlsYuU2QayyugdkBUQ6NkcmOStBj6fYmVY1TmpekaCc252RmbVGKMFqfn5wqVGEKxDFBA2UYT6zStfXy0ok1UF-0AFdIn6lKVlxZUDvG3ZIXJv1hQuun89Uhmq597eh1uMSFPjE5F3yfoSJ2MT1sAWgThJkmv5wlHzdOJmQlIiMUteP2qhSeNYK6hFDQLin36zUzMDKA1yEwVuCDDNgJhV9yvxjBsper1fUN8ZaFHnWcfB2wc0tSviAtMrDTvpwibZ2X5ygyclW3AYglNZEXsb-1Hbv2sXEQw5Br9rWNoa3n5u-xJC09g9QixIMYl-9xiVp7m5fU1QgBNCnj9MWdd0mK-efz-zexoJQB0ZXacS625FGzWeZw1HJVE6WGrSHpangWBY03wYmSTd4kyhlUnDglFOoTGquwvblDWr4DlX3Hgt0mQ92iOsnP1aAQpucJ9cGRKRUCTWfnKOdJEBv2GijKOsFr1qpYotr6DSXxvKBihpymc69HpvDu_LPx-PQdnPzFdE_3jcDyCUUsbPvz4o2nrbafUKs6_i0x8xNDZhYGg61T9U92_RQ5OetfWHxL1Evvd6QXSczR3LDmQj5a1pYzlT7CuyPQnvGVpdl2z_2H_ns6gLj86zxvIJ2qJr1oAEtjXaJHIeHirqmfKIrQAvg1D2iRG_Mg-BxIEanmNT_3BOacyLWEr_eYVIxl5XTkKEcov3Dk0mbYjFKTuHqQWMRQe0fh2d_y2EfnEnvztMVW4qbPJiAKNcAHPfLtuX85uBRK1Adgh3hVWXcn4hE0GrWKSQD_fpHtNjf4PA1KRluSiXsflScLnSxM9asR1LDz41Nw956mQi64yDKdTs6VPDDFrhXPtVF_PrfWVJNgr9FbAXiWHBdTM5qOPtSctjpwVHKF6WMtfiUl1fgA78Ah5HmVtmIGvnonG-4lyMSmjdf9R9oFoMYvDz1JBuOZkwbsVb_mRN7j9WxWvjqHL-V9jdD-P2Anzv-NoOIDHDO4NbOFi2SsIEr7mCr99IGFiKUJVK4KLi65LnzamqfDdU7Clrwc4Ixm0XnqUjFb8cXjycSTMq_e5IN_3kJKs4IusbMGJyhj0esBpwoiU3gXRc6SSAjwyq5arxh7odumI2uMl1bCoqZ_Zbj0VVNOEmIWqF2AZkz1CNXndTl6Z9uGm9C1h5Nu5YILLFLC_NJJdGABmZOYNscYmX4vQ-QgZoBBys5BBsiSgQnK-At16VJVX3lfuRW9CQXV_SZouTOCrxm93UBy7TAEyfBz01kakiYiU1aZoDQfZ7nQnlqcFBn6qYX9Ut8sAYGcGw20HA43tqllh5c_JrIyGX4ChhYWvBG0wXk2SlqSpQmmvCszvmLuhZQIzC5jJ15mkuL9MTgFqJI0kxeUQ6QcaEt0CHPrRuRoJp7kFgpFpblQ5ZZENHCITduwP0-B6cJLWTBO0wxYmdSXWPXLSaYD1RLgeShKsFDKi453DBaPnFKyRcrwJn14MtOKWkeUZpqtlHFeimQ8HV5242N7YX9V6WBxCp9J4PR7Q1bUDFkMr7HEKGPnsQrxBtC-r8GcGuZpAfObIm6yCkb9E8iUYZHpsaktj3tsP2DacAwyKEPE_bf0SDO7nSkO1SCDmZGmlCNNojj_7wdzb3Ww9dwSY7TdtS5RBCgCRBxvpYSR8V9s-tI7s6oc3YYLfqk6ftDA5BHWWVEcSSMW053mhSkEup8laqWiHze-LYWo1cRUKImPJw8t_O81oOncXGiaWepJWOE3sxcqQl-v5ZwdhymZX6DcWxfzjv-7UM-HYFQxThsm_cwVnihFaeh7QoUheEhvBF04HskXkm7_Fxx3fLK8B8hqT7qI5J2fzN18JyfBjqdoF0E10M30iPpCYuec-xUjTPEGHvYS1sIM1nELrMsKfWVVLGqGdtaYKhMAEF8oHvga__aJUZud1Xz1mJ5oC_IShrsszPvQ9rM8y0WynYyAihMwUp6HRH94tNYU4Lho4OirJGZEhKPeBAs5sz8ZEOpi-CuBLe0siJUxaxKTVEyapZ4LrfrpEP0x4i3ZEAvQRaH7GF9eF2k_e8METWF_pEikk3M6P6msUZ_6ffg6PuWUUCozyWE7hYC-erXeUhyCEg30ZTPxb1G6-WahwnRq2K9ytEZsCc9xNbYEMOWcpixqL1nc8J3916Ws1lyTGx43P4ZwEmR34_vd1FoPDkWdCKtU9ro7h6Sb_7FZkX-Mmb5jrbR59MSiP3_3DuD66Idb-ZxQfG9RjWy5EcYexrOTsyXVqcKReWgG-yta7CHnqf-u7cLahcRxqAUjUPSwJ4DfbqGmAK8ViMgFt2ffHD5wBfyfDBO7paAHn-MFY3y8bxx23WjAkqEKPHPwUpKajMG6MV3cf-5-Djfa067HnFGtPyK1o52IzT6cYDRA2fnGr6hD7zfrgUhCW4NrL40DUz70LwYm2U0I_SfLrhOoWbmnOrqd8JWsBeoj3F3iGSOAfBC9akZejVOY8CAX-xK6ljSoTAGxc1bAodIZBkbqP7JBl065DUxHO9Mzu6IP_yA6iTapOl0aaHRy0IhUlnBUIvPQuOveV8oIvIoxkC4GCd7puW4828KIoJ2C1JUIoy6UGqFbUxdyEmXA_WsT9PCWSDifiYnT4KIFNuZp2pKp7JOfOe0DmNoOQ5yWKI-hbN4favNAa4oy8wso6KT-YLys-i18vfKcdwq1Gmg4JKNeM35pmbPrloMUf_SNNZzCTosdXZ77rDMD1y-p6gdRMluO2n33w7ikPdys9EuEMIBP0hiKXSAYL4y3gAaabNp3RpcIBHfTZPHfmcYwNQTjzVzCL_rUZpNms8TadNEtBolvUBaFDOnsSFhk19LBQXHMIFep2wJqksd9nVcasfYYkJ6nLKF8vH8XwZ4IsCrnHVHQIQniPGrfN6dW6baCtYMUpnQc6IXC24YYyvc1vqUcAeXvpnbxy-CCjAHX2vmPVKORrTmdFiQO2_Y9qCTgG5CDMN69hV5fqavjC3fpWDzGf242uAsrE4rFeWI6FwQ1dYZdwnX1zPJ2lZYn-R8qrSmRV4KvzZGqmK4cz7QjRIeu_gklEuxNl24Oozd0P3Zx0l_Pm3ggvVBqmjdRllmHiMfTPbVGXXdKVWP3QNu_jnSuCJZe3i95UB8CBes4hapct9mw7iAfN-vp7H56eoL-MzMrH724_F33wo4RVFlSyQj0MVupNlp-9KKurqbLZdb3cd3QwU_5c2FYTEX9mCgsBZgW8hggGkAqPmRn6FN6XmYsOlw-VdKNhQ2r-Oc2u5fFwG1nZqgksMvVEy3xs9OtNNZFeAXIzXuGYdE7KpTuSnRwfTFRLt0fv6TMJs_JsDOgzelBims_wJjukJbPaLgNqW-QK-ITeEZbK1rm22lXSZdiRukLi8Kwh_izh7vn0O8X4eQu4YPieI7Ff3ooMfvKmPJXLk2-qJEyyLB6h9pUyd7mHBeY9OmTZp1yN9mnUrjNqlwuRtYEcwCLiifX5gN1n6g0o&cid=CAQSPADUE5ym57rqLFh8RzEVpvq5nDylryPHYC50aAT3joicfuSYIFJYvfs2rbSE6MWyDySmPNGnmr5prfY9ixgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fdekor.delfi.ee&ds=l&xdt=1&iif=1&cor=2883273797860983300&adk=3307404408&idt=135&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d3e4f9af38db0f2b0e22fc9c4766db2905562ec2d6e57f05e7d6f1b0c2e2935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:24:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
12812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10962
x-xss-protection
0
server
cafe
etag
11494485048839227457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:24:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2B1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020901&jk=1891406153646305&bg=!KimlKX3NAAYuhb89DoU7ADkAdvg8WligLMhE5wK10UaSA4l7XubSHzuRMrekNbCzHZNSjIY0nLgoKNJMvinQgoTEaft1MkB3TGwCAAAAXFIAAAAEaAEHCgALMlUPX8xeFblAng2ZAslx-MTNBdTkWO4nFemT1L3WLI7lZCqhYTYLTM8XpySc32bg1uMjyXu_Mghp_AZMOoGqW3jAsVJah5Sp_nxEywI2Vimru3bKSv1a0McmzNbHQsaJRFZ3PjYe6twxzgbkPDUo-YaG6SlNVXNISzSJOTBz1Vo5TjN9QcxymJK7gsFHYKoHBi32e27a5mMXjoEuCShJBRJm9HFDh-JJj93ypJsD-XeUoOUhNiQOHqNKzKqyXUCKqKg59gHWTuPphjboExGiYh9Lb2gJ_cXLBDLSlRy1lYHnuERilRHgd9klqXYv_mpx8QlDHGxCTSfr6kFw0fV1s-v-k4P2vbyx3allDlOVTgvk3-1fMpwjzTdo9tiB_RAVguCKhhwu9Q4fKks6aKURZzwv_FLNTl-t23bTCu3gJFFJVKsoWj2G6QS0mbvaptzGF90t8e6k9jLTygjCH9k-xqr28v1vF1PRLKjN126fGPCMraPVsPUN2ORiOxFo9n-L30Ycr-9Fk-MaiWQBGmNwBwUK8aiwsy2sD22iYXErYdUo1dZtUKoljTyC-Bi-jMmHiPNaxBtGYE2zJPgLalSd_zFf4K40msF13DhQoA-h97fV7ugqjGShVuyLwPKAqo2BiwmiPykVB6b62UcC1qdyoKNrTS_aH5FUTI-h4piTrWroxDirxKoqNE6N6v7Cg7ViomD3mJ5jyWjF_kHOqAxuMiTs0WVfKupfHtzyIvU5msCUgEXProUf_4d07Ss04f-zqTbq7ijsQHuoki6cP_rBEv85Cph2DvC4f6_SP9MvzEJ7x0_dt6QodPF_TWrolv1rxI2eZIUbogh8u5U725n28K00yQX04nsAOB0sXb8vy4uk8T6Ar_T2R43OF5sqMv7NtdSu2Z71guOi6ixut1GcdlAeFzwX9a1dVEtQl9KHkShzTXW5j7mr4SNd4in7bWDipfW24X-OQQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame DA87 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dekor.delfi.ee
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:05 GMT
server
Kestrel
server-processing-duration-in-ticks
2973921
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2B1D 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-162fb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Feb 2023 16:58:06 GMT
/
track.adform.net/serving/unload/ Frame 5146 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6129535923113100799@@61584290,1288490541348636409,100|4632|0|0|0|0|4678|4678|0||1544|0|||||1|0|0|xz0p9KfevRF5lT90q-mtzVo3yN63vf9OeFfgU6DuzHG8p8lx9F5Of14KcVAItdvSAlr413CuUjaoWv4un0YmxhAuA_Gfso0wCPmLtLACXSRkAW6OdCBF7A2|4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2|1|01|0|4632
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pd
google-bidout-d.openx.net/w/1.0/ Frame 48EB 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 14 Feb 2023 16:58:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sid
mug.criteo.com/ Frame 5E0B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=delfi.ee&sn=ChromeSyncframe&so=3&topUrl=dekor.delfi.ee&bundle=0idyV19zaFYlMkJmSk4lMkY1bk9WSktDaEpSQWo2S2MwJTJGVGdNZGlobHFjeklkM1pYVlV1Vm5D...
  • https://mug.criteo.com/sid?cpp=FReqF3xkUEs3bENLbFpVR09HWTBjTkd5akVhckJwYzc3d05ET3ZjL1dEc0FyaDB4bEp4TE9peGNERGE4dzNZM3RERk54cWFCSFdma2dld2ovSDFYNUpaZ0NQUFBVOXkvQXdOR1EwdlNtazdkaXJKSGEvanF0MitFWHk2eV...
430 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FReqF3xkUEs3bENLbFpVR09HWTBjTkd5akVhckJwYzc3d05ET3ZjL1dEc0FyaDB4bEp4TE9peGNERGE4dzNZM3RERk54cWFCSFdma2dld2ovSDFYNUpaZ0NQUFBVOXkvQXdOR1EwdlNtazdkaXJKSGEvanF0MitFWHk2eVlqWE5tMTBzMnd1NDdSS3lzMktKeFp6VWhzSGh1RTZ5Y0pDV2U1dWM0QTFROC9YazlBVDBWOE1QRFplRk5HZzlWa09FWnVWajdvMkdWMlpkSGJWWndodmJWVUkwNlVJOWhUVmM3ckRUZ1RlWnFOLzFuNnppdDN2U3NPQ0pmOFJpRFNvQ1E1dHI0MXlCNU1sek5rVWRlWHgyalFrOFBUQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
12d15a0ee7341fc5f7442a76acd2f8634032b7b333bf0165821c2e7405e046b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1806548
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=FReqF3xkUEs3bENLbFpVR09HWTBjTkd5akVhckJwYzc3d05ET3ZjL1dEc0FyaDB4bEp4TE9peGNERGE4dzNZM3RERk54cWFCSFdma2dld2ovSDFYNUpaZ0NQUFBVOXkvQXdOR1EwdlNtazdkaXJKSGEvanF0MitFWHk2eVlqWE5tMTBzMnd1NDdSS3lzMktKeFp6VWhzSGh1RTZ5Y0pDV2U1dWM0QTFROC9YazlBVDBWOE1QRFplRk5HZzlWa09FWnVWajdvMkdWMlpkSGJWWndodmJWVUkwNlVJOWhUVmM3ckRUZ1RlWnFOLzFuNnppdDN2U3NPQ0pmOFJpRFNvQ1E1dHI0MXlCNU1sek5rVWRlWHgyalFrOFBUQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
468720
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 4B00
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIksteE-JRbA8Vwyxfuanjk&google_cver=1&google_push=Aa02lx-bQlieKRn_uE9kzPY9oEcKh69IKNjk7JSF7sZb81iFQxqchsMunlgFJNWPlBQgd0hmzsebE...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx-bQlieKRn_uE9kzPY9oEcKh69IKNjk7JSF7sZb81iFQxqchsMunlgFJNWPlBQgd0hmzsebEicp99Z6b_eI4hWdEJbxJw6k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx-bQlieKRn_uE9kzPY9oEcKh69IKNjk7JSF7sZb81iFQxqchsMunlgFJNWPlBQgd0hmzsebEicp99Z6b_eI4hWdEJbxJw6k
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 14 Feb 2023 16:58:05 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A41091E697F443BA84B67C5F675F8A27 Ref B: FRAEDGE1520 Ref C: 2023-02-14T16:58:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx-bQlieKRn_uE9kzPY9oEcKh69IKNjk7JSF7sZb81iFQxqchsMunlgFJNWPlBQgd0hmzsebEicp99Z6b_eI4hWdEJbxJw6k
x-li-proto
http/2
content-length
0
x-li-uuid
AAX0q94cVTFFQTRW9d2vIA==
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4B00 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDzRk0vt0tkDPt40Fl7pfwc&google_cver=1&google_push=Aa02lx8Ds5GhF8BjzWC8Bn38wA5a917DhAkrrH-oiveQsSCVxIMRE2_tvgCrQ7yE7N1HmDJqlfZoDh9Wbrx9HQdjMa_STFij1PwE
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 4B00
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEMl23iEK73Nu3TsqALBmjqM&google_cver=1&google_push=Aa02lx_jlbPrT_oWX1ytbeHpcZdswG8aWSsEt0k7t-5FxWOGG0Nd1FD_fC24PxjRo5drkmBOShiL5_8GBESVAqvycNL0MzMzUKM
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTIwQTZGMENBMjdBMTVGMA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTIwQTZGMENBMjdBMTVGMA==
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTIwQTZGMENBMjdBMTVGMA==
date
Tue, 14 Feb 2023 16:58:06 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 4B00
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEM-A17L5cM96Nnbn-hl1mDA&google_cver=1&google_push=Aa02lx_fDXu19eRLTRPwawDflUj-iuVnFXukVYOnjK95BI1sgfspU5yRsbLYwTALIKkYtJD14z5YA7PCq4lrR2M8lhonHIM...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEM-A17L5cM96Nnbn-hl1mDA&google_cver=1&google_push=Aa02lx_fDXu19eRLTRPwawDflUj-iuVnFXukVYOnjK95BI1sgfspU5yRsbLYwTALIKkYtJD14z5YA7PCq4lrR2M8lhonH...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_fDXu19eRLTRPwawDflUj-iuVnFXukVYOnjK95BI1sgfspU5yRsbLYwTALIKkYtJD14z5YA7PCq4lrR2M8lhonHIMyDxlg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_fDXu19eRLTRPwawDflUj-iuVnFXukVYOnjK95BI1sgfspU5yRsbLYwTALIKkYtJD14z5YA7PCq4lrR2M8lhonHIMyDxlg
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_fDXu19eRLTRPwawDflUj-iuVnFXukVYOnjK95BI1sgfspU5yRsbLYwTALIKkYtJD14z5YA7PCq4lrR2M8lhonHIMyDxlg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 4B00
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDfGoae2lqbjuvZ5nTVQrwI&google_cver=1&google_push=Aa02lx9DBEkiJ3c1NAgFNK-Yt2crMBKdsHF2_74fOY9kOLyxnv7IZb7C7hpczf18rpzdaIcpHIC...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&google_push=Aa02lx9DBEkiJ3c1NAgFNK-Yt2crMBKdsHF2_74fOY9kOLyxnv7IZb7C7hpczf18rpzdaIcpHICTo-xZijWyrWAYIbFWVgsSnCrh
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&google_push=Aa02lx9DBEkiJ3c1NAgFNK-Yt2crMBKdsHF2_74fOY9kOLyxnv7IZb7C7hpczf18rpzdaIcpHICTo-xZijWyrWAYIbFWVgsSnCrh
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&google_push=Aa02lx9DBEkiJ3c1NAgFNK-Yt2crMBKdsHF2_74fOY9kOLyxnv7IZb7C7hpczf18rpzdaIcpHICTo-xZijWyrWAYIbFWVgsSnCrh
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4B00
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESENojbdJ9JK3_qdAEkAcReiQ&google_cver=1&google_push=Aa02lx_KAFzKoJ5nDM78BymYtruo05rtIaYOlgr0wMmLdcPXPCYFbzchMQE0NcHeQiqgKCfupAAI3HOjo8_gz5FRFw1Brj...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENojbdJ9JK3_qdAEkAcReiQ&google_cver=1&google_push=Aa02lx_KAFzKoJ5nDM78BymYtruo05rtIaYOlgr0wMmLdcPXPCYFbzchMQE0NcHeQiqgKCfupAAI3HOjo8_gz5FR...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=UYTpUvY4TpqhMRh1FafmGw&google_push=Aa02lx_KAFzKoJ5nDM78BymYtruo05rtIaYOlgr0wMmLdcPXPCYFbzchMQE0NcHeQiqgKCfupAAI3HOjo8_gz5F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=UYTpUvY4TpqhMRh1FafmGw&google_push=Aa02lx_KAFzKoJ5nDM78BymYtruo05rtIaYOlgr0wMmLdcPXPCYFbzchMQE0NcHeQiqgKCfupAAI3HOjo8_gz5FRFw1BrjIvAhio
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=UYTpUvY4TpqhMRh1FafmGw&google_push=Aa02lx_KAFzKoJ5nDM78BymYtruo05rtIaYOlgr0wMmLdcPXPCYFbzchMQE0NcHeQiqgKCfupAAI3HOjo8_gz5FRFw1BrjIvAhio
access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:06 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 4B00
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED4UZKeIDiwZA040oNdfc04&google_cver=1&google_push=Aa02lx-wIW8zVhLd1oJ6bCLto1GLhD9FA3RoVIyQGjz7U7bjT8OeyDBhhVibQr78MECTMPzYjgQi12ywme5SRSE8r2_faiqjT0U
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-wIW8zVhLd1oJ6bCLto1GLhD9FA3RoVIyQGjz7U7bjT8OeyDBhhVibQr78MECTMPzYjgQi12ywme5SRSE8r2_faiqjT0U...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyOTQyMTIxMTIwMDEwOTgwNjYyNg%3D%3D&google_push=Aa02lx-wIW8zVhLd1oJ6bCLto1GLhD9FA3RoVIyQGjz7U7bjT8OeyDBh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyOTQyMTIxMTIwMDEwOTgwNjYyNg%3D%3D&google_push=Aa02lx-wIW8zVhLd1oJ6bCLto1GLhD9FA3RoVIyQGjz7U7bjT8OeyDBhhVibQr78MECTMPzYjgQi12ywme5SRSE8r2_faiqjT0U
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyOTQyMTIxMTIwMDEwOTgwNjYyNg%3D%3D&google_push=Aa02lx-wIW8zVhLd1oJ6bCLto1GLhD9FA3RoVIyQGjz7U7bjT8OeyDBhhVibQr78MECTMPzYjgQi12ywme5SRSE8r2_faiqjT0U
date
Tue, 14 Feb 2023 16:58:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 4B00 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMmQRP4qXz71X9HPzYerqDAyvx4D5A78xFY0_acbuyEXSwzFZR0xZ0yGeIFNobWiqjU0za
Requested by
Host: 9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
URL: https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6F4D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 15:23:02 GMT
x-content-type-options
nosniff
age
92104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Feb 2024 15:23:02 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AB0C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 13:24:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1BAB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 04:54:21 GMT
etag
48472445140208031
expires
Wed, 15 Feb 2023 04:54:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AB0C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbc3cc788029fca04cb84850d5b7b93d65ff051de267621e453a9eccac3db18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame DA87
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=delfi.ee&sn=ChromeSyncframe&so=3&topUrl=dekor.delfi.ee&bundle=0idyV19zaFYlMkJmSk4lMkY1bk9WSktDaEpSQWo2S2MwJTJGVGdNZGlobHFjeklkM1pYVlV1Vm5D...
  • https://mug.criteo.com/sid?cpp=k3cO8XxPMDFsRWcrcjlGZHVnNW1SWUhaMkFCVVBaN2dCSmIyVjl5TWZhcHRJc3R4a0t1bVFCeFB4dDJHZ2hpK2RvMWdxZmgwaXhEbXJHcTZFN1k1MFdWd2VMbE53SVZ6VGl5eGRxejVXQWdmSUJXMG1xbEJWYmc2VTF4RH...
425 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=k3cO8XxPMDFsRWcrcjlGZHVnNW1SWUhaMkFCVVBaN2dCSmIyVjl5TWZhcHRJc3R4a0t1bVFCeFB4dDJHZ2hpK2RvMWdxZmgwaXhEbXJHcTZFN1k1MFdWd2VMbE53SVZ6VGl5eGRxejVXQWdmSUJXMG1xbEJWYmc2VTF4RHpnSHNPcE9kejY3QWIwTzNjRy8rOWtqZlRnMTJ2L0k3cXhMd1BqY2hiaEJJbzdlaGMzNTZKS1RjSWxlTUpJcTFaQVpHODdMcUZ3MENLUEkyTCtHQVdmM2dVUUUzZnMwK3hVcmdLL1JuUk1kWGt3cjhCZzZOb2haTEk0Z2VkVEtuYWd3STE1NVdodzcvQkZWUUFncjNGanlkK1hsZm5qQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
db63f5cb5ce4679a3ed40cb6d220d8e4515d2d9dd9198bee70e41853e29c8b30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4132137
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=k3cO8XxPMDFsRWcrcjlGZHVnNW1SWUhaMkFCVVBaN2dCSmIyVjl5TWZhcHRJc3R4a0t1bVFCeFB4dDJHZ2hpK2RvMWdxZmgwaXhEbXJHcTZFN1k1MFdWd2VMbE53SVZ6VGl5eGRxejVXQWdmSUJXMG1xbEJWYmc2VTF4RHpnSHNPcE9kejY3QWIwTzNjRy8rOWtqZlRnMTJ2L0k3cXhMd1BqY2hiaEJJbzdlaGMzNTZKS1RjSWxlTUpJcTFaQVpHODdMcUZ3MENLUEkyTCtHQVdmM2dVUUUzZnMwK3hVcmdLL1JuUk1kWGt3cjhCZzZOb2haTEk0Z2VkVEtuYWd3STE1NVdodzcvQkZWUUFncjNGanlkK1hsZm5qQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
307857
content-length
0
expires
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CFA9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12812
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 13:24:34 GMT
expires
Wed, 14 Feb 2024 13:24:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 1BAB
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEMl23iEK73Nu3TsqALBmjqM&google_cver=1&google_push=Aa02lx8sLciBhPa_GLXjXZSOvX2OzByZVGaTYOpgetq0TTYnozAQZElZ6RDlZDVtTRA_wl9JMrj_od9eIhIyZp78KL8_sVLgrFoK
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODYwRUNBMDhEOEM3QjY5Qg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODYwRUNBMDhEOEM3QjY5Qg==
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODYwRUNBMDhEOEM3QjY5Qg==
date
Tue, 14 Feb 2023 16:58:06 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 1BAB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEESPoARRvOE2qakTxO_f_q0&google_cver=1&google_push=Aa02lx_4WG-FXxIpwlXHCt3WI7h4Bf_vkDtrgMjkDHS6Sn4Yiq_u9LdCkKDBU-Mm5MqYmDGV-ljAUoigYw3_mec...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=J0FVUZCESRhtjksP7BZXs7nVm6I&google_push=Aa02lx_4WG-FXxIpwlXHCt3WI7h4Bf_vkDtrgMjkDHS6Sn4Yiq_u9LdCkKDBU-Mm5MqYmDGV-ljAUoigYw3_me...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=J0FVUZCESRhtjksP7BZXs7nVm6I&google_push=Aa02lx_4WG-FXxIpwlXHCt3WI7h4Bf_vkDtrgMjkDHS6Sn4Yiq_u9LdCkKDBU-Mm5MqYmDGV-ljAUoigYw3_mecMxzNsJI7NrOe3TQ
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=J0FVUZCESRhtjksP7BZXs7nVm6I&google_push=Aa02lx_4WG-FXxIpwlXHCt3WI7h4Bf_vkDtrgMjkDHS6Sn4Yiq_u9LdCkKDBU-Mm5MqYmDGV-ljAUoigYw3_mecMxzNsJI7NrOe3TQ
Date
Tue, 14 Feb 2023 16:58:06 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 1BAB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDfGoae2lqbjuvZ5nTVQrwI&google_cver=1&google_push=Aa02lx9YbiVRcd0X47Ud2q8fmbaLbvYq5yZb-0OM5_QQiiSqDmnR_MdZxycwqQolzZNCTIXdJqN...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&google_push=Aa02lx9YbiVRcd0X47Ud2q8fmbaLbvYq5yZb-0OM5_QQiiSqDmnR_MdZxycwqQolzZNCTIXdJqNe2ovCnb8jmzDx5bnN7CgCQcR3zA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&google_push=Aa02lx9YbiVRcd0X47Ud2q8fmbaLbvYq5yZb-0OM5_QQiiSqDmnR_MdZxycwqQolzZNCTIXdJqNe2ovCnb8jmzDx5bnN7CgCQcR3zA
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&google_push=Aa02lx9YbiVRcd0X47Ud2q8fmbaLbvYq5yZb-0OM5_QQiiSqDmnR_MdZxycwqQolzZNCTIXdJqNe2ovCnb8jmzDx5bnN7CgCQcR3zA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
sync
dsp.adkernel.com/ Frame 1BAB 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEK2WDYvr49tBd4QWUD8mEFc&google_cver=1&google_push=Aa02lx-1ZEJJFqj19FwbJng5r5RGlCmEZjX8u9jJ6QA1CWBPsRB0CwH4HT8KBAoGR58eTxsPE25W2wTYv6IAdlmleiAMO5NTqW3YiA
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:06 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 1BAB
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGNJX-1HaH1JAl9_dkD0t5I&google_cver=1&google_push=Aa02lx_9oByGyW4U2YSm3s9-etM5tOgSP0rUSeQ0_x65VekwRjDsxjouXQWYlQ7Gseg7vSSkeapm9t_EneDduBAR...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_9oByGyW4U2YSm3s9-etM5tOgSP0rUSeQ0_x65VekwRjDsxjouXQWYlQ7Gseg7vSSkeapm9t_EneDduBARwsucdbSx3dlx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_9oByGyW4U2YSm3s9-etM5tOgSP0rUSeQ0_x65VekwRjDsxjouXQWYlQ7Gseg7vSSkeapm9t_EneDduBARwsucdbSx3dlx
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 14 Feb 2023 16:58:06 GMT
via
1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
VIE50-C2
x-cache
GeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_9oByGyW4U2YSm3s9-etM5tOgSP0rUSeQ0_x65VekwRjDsxjouXQWYlQ7Gseg7vSSkeapm9t_EneDduBARwsucdbSx3dlx
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
KK-ufKNM68canRfswxDoCmlF3AUATx1HfetNyDWZFdnsA7LqKN2F0g==
pixel
cm.g.doubleclick.net/ Frame 1BAB
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGBbyrJDNyO7E3aNNhut1GI&google_cver=1&google_push=Aa02lx8b5t1Qc-cumtQRwvgLW_aSV_o-J89GNMzyM3LUFY2kfWdOxcbxMz8CVJZ6idyUutczqlW30NN1IM0iI448qacgfIbCeeU_
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE5Mzk1NDg2ODM5NzAyMjAwMFYxMA%3d%3d&mn_hm=MzE5Mzk1NDg2ODM5NzAyMjAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx8b5t1Qc-cumtQRwvgLW_aSV_o...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE5Mzk1NDg2ODM5NzAyMjAwMFYxMA%3d%3d&mn_hm=MzE5Mzk1NDg2ODM5NzAyMjAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx8b5t1Qc-cumtQRwvgLW_aSV_o-J89GNMzyM3LUFY2kfWdOxcbxMz8CVJZ6idyUutczqlW30NN1IM0iI448qacgfIbCeeU_&gdpr=&gdpr_consent=
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:06 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE5Mzk1NDg2ODM5NzAyMjAwMFYxMA%3d%3d&mn_hm=MzE5Mzk1NDg2ODM5NzAyMjAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx8b5t1Qc-cumtQRwvgLW_aSV_o-J89GNMzyM3LUFY2kfWdOxcbxMz8CVJZ6idyUutczqlW30NN1IM0iI448qacgfIbCeeU_&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 14 Feb 2023 16:58:06 GMT
pixel
cm.g.doubleclick.net/ Frame 1BAB
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEgyiV1-4CjZ2gBcl5kyK3k&google_cver=1&google_push=Aa02lx-5v0kgpOZJERuO0RzVfS0c4ACxuI_0Gez-JxA_DLfIWgHZeBkTNWILkXBZBAlHQFZnPWSiE-DgKjh-9lLZLp1IXiB...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx-5v0kgpOZJERuO0RzVfS0c4ACxuI_0Gez-JxA_DLfIWgHZeBkTNWILkXBZBAlHQFZnPWSiE-DgKjh-9lLZLp1IXiB21aglRQ&google_hm=NTEzMzMyO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx-5v0kgpOZJERuO0RzVfS0c4ACxuI_0Gez-JxA_DLfIWgHZeBkTNWILkXBZBAlHQFZnPWSiE-DgKjh-9lLZLp1IXiB21aglRQ&google_hm=NTEzMzMyOTUyNDI4NTI0NzcxMw==
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx-5v0kgpOZJERuO0RzVfS0c4ACxuI_0Gez-JxA_DLfIWgHZeBkTNWILkXBZBAlHQFZnPWSiE-DgKjh-9lLZLp1IXiB21aglRQ&google_hm=NTEzMzMyOTUyNDI4NTI0NzcxMw==
Date
Tue, 14 Feb 2023 16:58:06 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 1BAB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JW-_KMiyMcwbi3tzSc3L0lqCcbcyxq9bhdC81-pAEiVA95dagmQYuQQpy_Xr2BLM0CUmcqAA
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
main.19.8.394.js
static.adsafeprotected.com/ Frame AB0C 		200 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.394.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1347715/69353376/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:4200:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a37a4e2f1464a5f82bafc1aea9bc92be25447be734467ecdbd5e1874e22551b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:21:45 GMT
x-amz-version-id
_dZBOGo6WbGPtb685W__WVIjRkb5PQgb
content-encoding
gzip
via
1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
347782
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 09 Feb 2023 22:04:06 GMT
server
AmazonS3
etag
W/"23f65915f6ceb35c339633ede270d26c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
cFuztTZuxq7OCsI320xrNeGja2sd1lww8PB7PESG16dH9SRDMYa4YQ==
index.html
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c33f752a05890675b289493621fa60a2953b22a38f6d5b07d091e8e7ed7fd50a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
148445
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2991
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Feb 2023 23:44:01 GMT
expires
Mon, 12 Feb 2024 23:44:01 GMT
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AB0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssF_epQvmKu2iK4UEQ4Jk7CgruQrLSP5Fujxa4B-P24PB1yTnQkRjH2cW7KFI0MpBvjpB1v5kian4rGUvuUgN9l6YlSvl2YszuY5TZjYkhxEWffrpqPBTJf2Qzp03yQxYAkQ-PD23gTM93ZQfeEJyHFiWklRgQ1uP9jpp5culFRKs6MdU_-uvDylh210VVcYwEpvJ6Mn-RgPKy6fZCAtkJCnzHULH6ciO9ErO08rd1F_KGbppcps9ILh7vfO6kfhKDjFr6RGW1Ks2HZhs_BAIFu-Hhao2Z9WqwnS3vqgkOYIl6N_DhHYPN7E9OO_Y4MrMGz43X_6gJKj77lloTxHT3DPyBl5lTX_ahdKtkMlSHK7hdwdpH81g6wDywY_ClwNs0On_DU1zwO8rxrRuoxqBKkDTwOhK5eyv9XBA8NlPuClGM47_0DDLsj6XuPWG5rOGF7srFmC_4pGmfXC-BVBoMBZeDUL7ftnAU3VR4dEv06-uuw65uqq9m-qHoVirjaQHH17sXaXtwxwhsHXW91cyEQ3Jomvn4wuBGaMRpHpX3ryh8QlAu5iYVy1hmYOaQkwOM_2BHMeKvOzy3e5lAWjfSzmUqNGPEX8wjpocT4_oKHMTDZon2xnaGZ-V5EEGet7Y9lifxPbIP9pXjrp0NGAPWxDxXDfGvdsnFfW1KAXi-UtBMjzvps4eS8zBXqBv5hkIGIeTg54pMkWki0L-ObrIClaGyhcxeE3d0gAyOh0OXGQx6G5WTprDHyTm95emsnDDPGT_LrYTrUKwhtUCdt9XPDNJSlOoqDT4KPUiwwXadoQASYzSIlyiV9DBDqIJ-8qYms-YxPBho4BGFVnxp7EzRRL6zG8GUrt31KbXyL-pw2qnt25OQpRteuit5LLeIXiLOyB-slJ6mdAoteYr7EWBmWqZA9nBZ9Rh7xPKlQjvocsMmWuHZ__QnzkfwM7X4_nSM0qyv0kvZ7Dw1lSZZZHx4lkx1bT-se-WjNljg353Ks8d7nXGag1V0Uok0coxpAyMuIWe1xQ7FC_XElADU6sGgfwn1QWBZ1HJ5AllI06yNLKSM8mPBpguwKhXgXksfYQTEzW30nPK483JLqbusGKJtrt0BPHzRIJ3IH4LY2OXNnni84rWrUDzM2mv7IWK-TRXDa4UpzJ_7mQZL7YCfD1XreToJf9D8SqEkuRK2SqsS3J3RXJmi9iaqZ67ZKF7iWkDHOjLWXVeFRLOUj6NlZHr_puQIhyXR5yZIA-UFQGRiPzbPXKj4EOHK5L5uzYnq6dOHJ9fuPqqICXyaVtS-6KHTi3Cp2js4Q5clRmgY&sai=AMfl-YRRnQfiR0J_OjmPVGh4PcuT7ET3SJFoAnGFrfE3RurZDOiOUWw8MfVADSl3mosY8umu5m5GDU0p8sjyTgyQGIQlOwezyP6fwX1yxoxiTEX9IAmJs0vLhXt69NGqsU4QkoJKK4_h88VUGkrsSjO9n9B0ix781Ib2Vugln-O5UNMtVYNpeH8DH4q_ghWFy26-7SdgGzQ_QYLlZwcLpU0h9-9xQhQN4__pmT-t7yMH2wvWHtOZFj2A-w98p8Z4ez8VtAIerYY&sig=Cg0ArKJSzOfQoPpVrBxCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=243&cbvp=1&cstd=239&cisv=r20230209.19793&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 14 Feb 2023 16:58:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Feb 2023 16:58:06 GMT
Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
pagead2.googlesyndication.com/bg/ Frame CFA9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 11:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
20913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14329
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 11:09:33 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6F4D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfXLdnb3rY4eBDfCVjuwPi5eryATUo-umbtrUwuefEd-L56rmBBABIL_pgiZgleKQgqAHoAHezbagA8gBBqkCO_xuHrkNsj6oAwGqBOQBT9BHhzy5bZNB5f9BzTcPjXDfBML1u7Yn3U9cPWd1gpZBS74GTL-fEbHBlfBb2CKsYGDfa-D3RFHk5QtLo_iPLC3tu3ladmW1jRRrnsWhWYon3yTmuLpQ4inuOkOy5j6mePm9b3GYX8fcnwOfufX-4nXz9vAizslwN6yDM5sMXxaFPLPA4pf8VN-eK3NrhwoAb0a7LJ1ooT-jyU8qWSOl1kreO5AuCi_7EIAOoSvvKRmsJa-st5g7s7ZIEqLdlrDxNb_mxyCer5nesWzJsFM-j39WQGf4J9krQrYYxftka1xD_mSrwAS1-eesmgTgBAOIBf6l9MtIkgUGCAMQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeKsslfqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQjKAcGLyL2t0B0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTY3MzcyNTYyNjkyNTY4ODaACgPICwGwE8XJkRLIE_mG1uED0BMA2BMNiBQB2BQB0BUBgBcBshceChwIABIUcHViLTMxODI4NTgwODk5OTMxOTYY95YX&sigh=api2r-AlMDc&uach_m=[UACH]&cid=CAQSPADUE5ymYWfy09A6LKw5-K9_tbSiWDZ5Trqc5gDFjd4rsZNdRycOuw2blxis09pc4j2PZ6wYE33DKzmgQhgB&template_id=509&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
ad
googleads.g.doubleclick.net/dbm/ Frame 6F4D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBMsexayPTSNv6SERhr3g_5TK4EABZa7jhsidUVJfwZ_25Lo6uq0fBeKQNcu_F3wySLmH3Tvl26aIN7AFy8AMSN9XkvvWSGgVn7_rpLKgY9-JIc2FqAw-TdduXGRxFMHUuyW1Je3Lx4Ny2go0mHAgClolzQw&dbm_d=AKAmf-DRQSg3uHXAqPz9S_c-Im95dq1rBc_d5tdWm9imzHLdLjuqOAucQBnSSEfsct44h594g-vk54ds3_cToDn-CnNfr3G8VF_JSl8Y8tuoGroyoMwHBGO0Eurh5hoKgAlLW7q_SjFsSdCKvLoNwQrCQLJWdl1VTsyTmdod2qsWgh2HsLrcd8c3Dy2DwBPSRbPM_WoIQaXpEY28rSebhUHTc4nMTWFpYsygbZpf2WaQWEzqMVtutueP5WrlKmnjGJenODF5lVe46PjoQQS-CACBt5cjZ4IwqpQvLMe3Tua0opBqTyDLTHisfliwyuEURJ5Xx1mzpaFVoWtjrkcKDpoxt4oKFPKodBnTahmdjZTOJ4_Et0_DCDPwRm4h6Q0CCvnMj1vRro7cGRELhT1F_BzX56sjz8shrjpIKN6FWX1fs1dhI2FHTXv4t2DALC7lNVtAJpqqxBsvRk0Evwj8T73EIIhw3uwqH-TvukciI37wte4JRTCQfC-zVTvTr42TRgrTgGmkAsPEaY4iyF7LuHR8ZfPyNWIM_DRszLwVJs4jUKAqCwaqnFJ4HcIRJE1Th8uN3r-WTLF-z0kZYL1b7RfFxomZ4F1Ic_Rz8Tia4o9SaRih5dWT1QD1I_z3qHBwNdV0j8gmj1URhqAszEPMoFmIVV3rESlcyAVrHGzIUFnuI5StrxACQD0Pfev5Udv-A4Jb7Fm7ZU5nHZEkq8miSno70t9o8CbALVHgWWQaAsmTPLQQv_VsF5tmulcTOApaektDDKktvWy_l7A42g6JyJNOPGNWbSycKGCv6bFG9AHWEZWfDJLLJ_DySyToKp2CpzKPU7wRBcuLLdSS12FPiwF2niYxy9jQc46nfQI7KrMWv14BUtjYPNIOiKpVL4SDiON6TMxLl1X87lHHJcOFXYJZAcUYyxkRO8X0lRX0eMJjP-iWCEOuTo1SebqwPFriO_ERxr0girEya4PUy61UNSybIlQn2l1YyHymzTWWt5V_f1mkIPo19Gzt08HkWe5jwcHcSSQb6U-24_uOCuVzv0yuba9rXHV4upbo_ViHzy2sn7p4yTEiWDG-JllUZ-ikyHISp6FVRjPYCy5NQCEwS1pPvi2qcsPaSpIsziBt76U_Nt2dUFSXv6iFiU70pts7B6yetXYfJnLnSfkYDyH-RzdcXKnHl0nYFP8eJpQvI0FcNFDmkIgOruqIxFzPJ-q4dQGmUPt65Q4-mmwtjmVsPfbxZafq2fkFS4VljuNHwjThkGFkgu4mQDR_o7qX1ibKaOmmPABP3HiwXtUYpd-ZQrC-epZUQK0dSFTudLObKLlB2KZPwQViTPS7XXNv0pIr1l118PGR4vBwh4nFYfn7VSXlALjPmQo-zllXlZABQNPqY6B4ssCRHPedmNDhSaShwF98Ezl0YITqdG4HXsXLzAgIpgMYmVOXw2Vuhv8Y3mfEHgqvicWyl-Pu8ZVOKD6oT3VqAWXfAOvN1Fba-KjCPPybeD0NdwSjRvZ8Nodtn0eKJmJFG0U9Q8hrB5mTxd0EpLlbuGJBrZVf-Fbr7PTOdhZ6Jzz-t7JA3C9Gxcit9uTtqlPeBnw6AJYF3LF9zeqxemJ3tPsDbe_XzltQ2HQ8xT5kDkzEnQdS3O1MYLikgUK2PttvvWjl81kOCtCR7-rLY_5QSE8MRH0JR9b-bSnSoiRbBuxr1xWtzE5XF-0e1Rc_CvCC6afv9varatl4YQ9bZ9KD3y97lRX9ixFcJieVFsk0N8lLmUfnzMTEMuFyMgIubPe8elgKWwK2Ygmme-pBjyvL4Fa-9iYlPpkKQpLJAI3FpxYCN-IiYZoZA-Nex_YTf1GVpcJEp9AqiAJTRRDa9i1ieZM2-dylHBbiIvNGwgb4SgbxstAsPdv3CMWbD_t4tFcZlDjrcDKO6B03gPJC50YtL3mbJF8VpxQb19Y7u0D60FR3mb5JBB38ZU48vufz35ZxYGfTus3VwKA3ASfy9cv41P4lRs0kjiFMohMRhhaw8AB8fLmRhHGm5SRyyTQADnFOYPPLMMvUTHa_ZFb-3Jpx6Zc6weG8xztiLboBX643YExRJnmb4XjGZuF7rPcesVmDraQYpougRfuJQfCmge7AD8ncZCzlUqAq1KkRe1SOigB0Rc5P7J2r7y7nuhGZYxwqN2JviBfk34QswoqKT2-ka4xxq2_O9RnmSbGHFgyG-IJDSQ53NsA_yhm1QjIkDFHN0h4-5OS07qIqKjwLkC7sFprzupnnDsmvO3iNTHSEXRh4tkIxQn3EgzE2huQj97PFXwbNoyUvm7BLHJC2C0_x0nO26CZfakF3nd-zLRd9Z0mjVPXNvHYUtWckmMgrmrC1S-N8x0O5qYJvUJ-PKgNNwRDAK---EVmYXmOLyCTLHIyFosEK8dQn-vBE-8h_wrGkvY-wUXrDDXLvFV_BkSoiYeCj8EpFidkP2_5yW0-IvIar1K5r7xRwPWCJHgjIh6_ECgWRrz7PBEIdurseoZCk_QFRS9ZOii0-h2eSgOObfNSmhsydoQBeFrs3Irz6kWgSV0fu2Q9uRhi5vmrQn6HvYWhxov2hayslCWv1WrI1P-tKHNenBKj3Ye02ypPGxpAeOYLmo5DjPMgb5WJ_aZ6jnSx6RJbNCidpyf9axaO4pFGpiRhlsYk57U5I_vEjkYb-HuNb_eHXkrtMsCPUJXVFu1kCwllOUCYM1uZb1heRSq9ihZcYD1DzVc-hd8dtbcOq84MJBk08vMdwrq6DDIZmHzVaWg-OczN_4KTOHWyLBUxO4DQJZ6vHQ6WxuR6dYz2cIJzo1bAJT26X-y_XHT0VeU2cU4ZOKiWNZimGx-14DkPJRLbY-2TMX-MH2ZZNWjrDWmmkM2JMuoxlAQdr-JNB_Uhj6FCzB7OEbQYHMuj--oUQa_ZJPJr_KVN-Rdxqfhy23Qugni89QaXeW5eP7gLgwl8dxUK_Ude3B3rvIeHkuJspbt0EGmJOSVgZOUuF1-MOfhUlcXun1ZQ3jEVKhDUh378Xlh3xRDDzlmiVb-RbcsFXw4NPXn-o7eD-WhBuLlKMH-rYB77OlJZTjNEFYZJ1nO021soO1F95RnASMIvmfmT5zg2ynDzy2tEIWuT0aUtj_eAQilarwQIrVFxbIuiRVNQKprYTalC7B1iJllS0fvgRXoWxiRYhnCjQSwnhrBy22W9hNstWD9Yfw6iUpqQSJFEjbk-r_cKkQ8MXKg-Bvztk15CHRw&cid=CAQSPADUE5ymYWfy09A6LKw5-K9_tbSiWDZ5Trqc5gDFjd4rsZNdRycOuw2blxis09pc4j2PZ6wYE33DKzmgQhgB&dc_exteid=1858453761993992991&dc_pubid=4&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adlib.css
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7ac0a8d8faf26b8a5ab31b9a5dcb8778adb98efcea5b4d2e38197e0a06e765c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 11:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1887
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Feb 2024 11:51:28 GMT
adStyle.css
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		2 KB
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
71cb8c3f3cf0da4cd8a1d4d27d08e5ea5bd899814517d706f9db21e1135d4b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 23:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
668
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Feb 2024 23:44:01 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame 4453 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Feb 2023 17:02:08 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4453 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Feb 2023 16:58:06 GMT
blank.png
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		98 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/blank.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
bb1f49f3f2c8946bc3a3f8f4c471bc883aa1cc12ff7d07f48b31552ba1f667ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 05:26:42 GMT
x-content-type-options
nosniff
age
387084
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Feb 2024 05:26:42 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c25219f53f3660ba604a25433b6485e8e250020bd6fa5e2eeb666b0d8089da76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 23:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2645
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Feb 2024 23:44:01 GMT
animation.js
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		3 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0b81c309b17e73f8d72fd1fec9bd418f1e4604946c025c10134c5a8c0a9b6ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 21:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
848
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Feb 2024 21:46:00 GMT
skeleton.js
static.adsafeprotected.com/ Frame AB0C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1347715/69353376/skeleton.js?adsafe_url=https%3A%2F%2Fdekor.delfi.ee&adsafe_type=g&adsafe_url=https%3A%2F%2Fdekor.delfi.ee%2F&adsafe_type=e&adsafe_url=https%3A...
  • https://static.adsafeprotected.com/skeleton.js
17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Server
2600:9000:2304:4200:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
12748063
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
BhfzTq3A1A9jzPfsl3yzbXhRU_ZKk9vt7Y4Smr_W6MRXLqZ33VFblQ==

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
server
nginx
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8DD3 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:4200:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
12619310
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
fPhkyvZnJaXNt9rRkQw2v7RbU0-PQYRkGKNzFiCXkkSdExXFjcvR_g==
dt
dt.adsafeprotected.com/ Frame AB0C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1347715&asId=ae2875f5-72f8-b50e-f753-49214f9841d5&tv=%7Bc:4dprhI,pingTime:-3,time:219,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:219,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:175,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvRfUdB+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1713*.1347715-69353376%7C17131%7C17132%7C171331%7C17134%7C1714%7C1811%7C1812%7C18131%7C19%7C1a%7C1b%7C1c%7C1d,idMap:1713*,rmeas:1,rend:0,renddet:na,siq:177%7D&br=c
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:2d4d:67a7:4e93:963f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:07 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AB0C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1347715&asId=ae2875f5-72f8-b50e-f753-49214f9841d5&tv=%7Bc:4dprhK,pingTime:-6,time:221,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:221,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:175,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvRfUdB+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1713*.1347715-69353376%7C17131%7C17132%7C171331%7C17134%7C1714%7C1811%7C1812%7C18131%7C19%7C1a%7C1b%7C1c%7C1d,idMap:1713*,rmeas:1,rend:0,renddet:na,siq:177%7D&tpiLookup=ao:dekor.delfi.ee*%2Cdekor.delfi.ee*%2Cdekor.delfi.ee*&br=c
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:2d4d:67a7:4e93:963f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:07 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=182&time=6&baid=57365606&name=Viewable%20at%2050%25&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=432241572
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=27&time=6&baid=57365606&asid=12380176&name=Played%2050%25%20Of%20Video&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=217229060
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
dt
dt.adsafeprotected.com/ Frame AB0C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1347715&asId=ae2875f5-72f8-b50e-f753-49214f9841d5&tv=%7Bc:4dpri2,pingTime:-2,time:239,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:703,bdZ:931,beA:936,beZ:938,mfA:1088,cmA:1090,inA:1090,inZ:1094,prA:1094,prZ:1105,si:1112,poA:1113,poZ:1131,cmZ:1131,mfZ:1131,loA:1156,loZ:1160,ltA:1174,ltZ:1174,mdA:938,mdZ:1034%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:239,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:175,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B82~0%5D,as:%5B82~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvRfUdB+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1713*.1347715-69353376%7C17131%7C17132%7C171331%7C17134%7C1714%7C1811%7C1812%7C18131%7C19%7C1a%7C1b%7C1c%7C1d,idMap:1713*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:177,sinceFw:61,readyFired:true%7D&br=c
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:2d4d:67a7:4e93:963f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:07 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFA9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BihbLnr3rY-GWDsOKgQemoqToAgAAAAA4AeAEAg&bg=!TU6lThrNAAYuhb89DoU7ADkAdvg8WrLXf9mMJR_ZopwahMI59izB0qRiOUk7k34-vgdHABjC3sdd2f2IR8u9ItRr7ZZ6r9CZTtACAAAA0lIAAAADaAEHmQMnE24LsDN4wxk3p4b5p5-mEpW6_iHvOF5sxxlwd8_s8pgmXrjEujZTXwH7DvKqA1LwpbuZg0zexqjbBxJlUUlBcnULlN5ogWyFEDzknPOkjGI5ogjalblT8S2nDWbH2mifrLtmzfzmj3yth90SSONzSMtVTgwfsTYhB_uJgqCu8wL3u20htl6p18FKWj_3Gy9fg0Nlk39AuVqRStkDkmKIVCPpUZHrdYWK9BG-kSRRcCUYmavJ8FTwuA4ROVJ0NeR6TKc1RM02B-CGvBg45T-X88W7eDJmto9FGCrZqquhNn2UHyAF5mSu2ryFs-DS32nTtJOMTvEQO6Hic3Ib5o2gncuesvr8epz4yrXQ2XOt-U5HSocib3s11vFDx6V3sV8AElnGLj2Ee1AY2ZRIkMjMZMXKgIJD-l86GuA2bDRcnqUgqDpRvQVCh-IRpOyoFgTNBMUqCYb6g4wDEd2qhUY1QUz_OLlzb4fInbfmTrAkQcGO77_NgkB6kaewnr7UOwq5m-N9ZHML3jQ70hoCIxqjDOcHayqkvBzTvrzEOldV9aPmgkisn3r8RBSPysKUR3X2UuvG7PLILizQJ0vLYGtwrgZIhhXBOckW8pC8QTRyTqok1s8-MiPMZ4UXSUNYtB8_jj9ShHEB7OMqBAHooMwa2c2GnelouG2t61SVwErEqcFwKWIcqXXhr7FQ4zo7tJLeQ0LL6yQ0bhfeuWEzW2eTjcX1AkPKPlJ2bnfMnwU6K4kVz7sshJqjdmjBVCRkkCA82SsKOphk5qNiQNRipiUWqeAHr9prnTvBObvYGpv7w0Z6inY4CstdLG8_spnzTNpuVprZSNtvajfYOGlRXnWSjlE8Pf1YTjP4QP5TZ2hQ3_-4JLS5LAG1As6SOImDsnBXURIQc6ouUwf0bZqglKUxfV1QWF0VEJbX-LgwXepfTV377ipzPyTDn8gABLJyJi-tphgtHX90NtKjSQCEZ-sRzw31l5Hc1I_hoGFgPmSPoXrEqdL-55ONM4oq_vFpxNMq0T-3SpJ07Py3UHMXd7oDaUiwwRjM8ot1ysXED3Q5VwBYl-XOB-OL
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame AB0C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1347715&asId=ae2875f5-72f8-b50e-f753-49214f9841d5&tv=%7Bc:4dprjQ,time:351,type:e,im:%7Bimprf:%7Bttecl:528,ecd:78,tsecr:41%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:351,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:175,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B194~0%5D,as:%5B194~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvRfUdB+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1713*.1347715-69353376%7C17131%7C17132%7C171331%7C17134%7C1714%7C1811%7C1812%7C18131%7C19%7C1a%7C1b%7C1c%7C1d,idMap:1713*,rmeas:1,rend:0,renddet:na,siq:177,sis:296%7D&br=c
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:2d4d:67a7:4e93:963f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:07 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame AB0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssF_epQvmKu2iK4UEQ4Jk7CgruQrLSP5Fujxa4B-P24PB1yTnQkRjH2cW7KFI0MpBvjpB1v5kian4rGUvuUgN9l6YlSvl2YszuY5TZjYkhxEWffrpqPBTJf2Qzp03yQxYAkQ-PD23gTM93ZQfeEJyHFiWklRgQ1uP9jpp5culFRKs6MdU_-uvDylh210VVcYwEpvJ6Mn-RgPKy6fZCAtkJCnzHULH6ciO9ErO08rd1F_KGbppcps9ILh7vfO6kfhKDjFr6RGW1Ks2HZhs_BAIFu-Hhao2Z9WqwnS3vqgkOYIl6N_DhHYPN7E9OO_Y4MrMGz43X_6gJKj77lloTxHT3DPyBl5lTX_ahdKtkMlSHK7hdwdpH81g6wDywY_ClwNs0On_DU1zwO8rxrRuoxqBKkDTwOhK5eyv9XBA8NlPuClGM47_0DDLsj6XuPWG5rOGF7srFmC_4pGmfXC-BVBoMBZeDUL7ftnAU3VR4dEv06-uuw65uqq9m-qHoVirjaQHH17sXaXtwxwhsHXW91cyEQ3Jomvn4wuBGaMRpHpX3ryh8QlAu5iYVy1hmYOaQkwOM_2BHMeKvOzy3e5lAWjfSzmUqNGPEX8wjpocT4_oKHMTDZon2xnaGZ-V5EEGet7Y9lifxPbIP9pXjrp0NGAPWxDxXDfGvdsnFfW1KAXi-UtBMjzvps4eS8zBXqBv5hkIGIeTg54pMkWki0L-ObrIClaGyhcxeE3d0gAyOh0OXGQx6G5WTprDHyTm95emsnDDPGT_LrYTrUKwhtUCdt9XPDNJSlOoqDT4KPUiwwXadoQASYzSIlyiV9DBDqIJ-8qYms-YxPBho4BGFVnxp7EzRRL6zG8GUrt31KbXyL-pw2qnt25OQpRteuit5LLeIXiLOyB-slJ6mdAoteYr7EWBmWqZA9nBZ9Rh7xPKlQjvocsMmWuHZ__QnzkfwM7X4_nSM0qyv0kvZ7Dw1lSZZZHx4lkx1bT-se-WjNljg353Ks8d7nXGag1V0Uok0coxpAyMuIWe1xQ7FC_XElADU6sGgfwn1QWBZ1HJ5AllI06yNLKSM8mPBpguwKhXgXksfYQTEzW30nPK483JLqbusGKJtrt0BPHzRIJ3IH4LY2OXNnni84rWrUDzM2mv7IWK-TRXDa4UpzJ_7mQZL7YCfD1XreToJf9D8SqEkuRK2SqsS3J3RXJmi9iaqZ67ZKF7iWkDHOjLWXVeFRLOUj6NlZHr_puQIhyXR5yZIA-UFQGRiPzbPXKj4EOHK5L5uzYnq6dOHJ9fuPqqICXyaVtS-6KHTi3Cp2js4Q5clRmgY&sai=AMfl-YRRnQfiR0J_OjmPVGh4PcuT7ET3SJFoAnGFrfE3RurZDOiOUWw8MfVADSl3mosY8umu5m5GDU0p8sjyTgyQGIQlOwezyP6fwX1yxoxiTEX9IAmJs0vLhXt69NGqsU4QkoJKK4_h88VUGkrsSjO9n9B0ix781Ib2Vugln-O5UNMtVYNpeH8DH4q_ghWFy26-7SdgGzQ_QYLlZwcLpU0h9-9xQhQN4__pmT-t7yMH2wvWHtOZFj2A-w98p8Z4ez8VtAIerYY&sig=Cg0ArKJSzOfQoPpVrBxCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=583&vt=11&dtpt=340&dett=3&cstd=239&cisv=r20230209.19793&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: dekor.delfi.ee
URL: https://dekor.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Feb 2023 16:58:06 GMT
dt
dt.adsafeprotected.com/ Frame AB0C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1347715&asId=ae2875f5-72f8-b50e-f753-49214f9841d5&tv=%7Bc:4dprkn,time:384,type:e,im:%7Bpci:%7Btdr:189%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:384,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:175,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B227~0%5D,as:%5B227~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvRfUdB+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1713*.1347715-69353376%7C17131%7C17132%7C171331%7C17134%7C1714%7C1811%7C1812%7C18131%7C19%7C1a%7C1b%7C1c%7C1d,idMap:1713*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:177,sis:296%7D&br=c
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:2d4d:67a7:4e93:963f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:07 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
di_symbol_white.svg
keytarget.adnet.lt/stable/assets/ Frame 550A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://keytarget.adnet.lt/stable/assets/di_symbol_white.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
10500246a382cea643d5be30b598992a1abea3fd497f33cbe0527fdac47bf4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Tue, 14 Feb 2023 16:58:07 GMT
last-modified
Mon, 25 Oct 2021 14:08:36 GMT
server
nginx
age
1100
etag
"6176ba64-4d9"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
1241
expires
Wed, 15 Feb 2023 16:58:07 GMT
di_symbol_white.svg
keytarget.adnet.lt/stable/assets/ Frame 2B1D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://keytarget.adnet.lt/stable/assets/di_symbol_white.svg
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software
nginx /
Resource Hash
10500246a382cea643d5be30b598992a1abea3fd497f33cbe0527fdac47bf4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Tue, 14 Feb 2023 16:58:07 GMT
last-modified
Mon, 25 Oct 2021 14:08:36 GMT
server
nginx
age
1100
etag
"6176ba64-4d9"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
1241
expires
Wed, 15 Feb 2023 16:58:07 GMT
dt
dt.adsafeprotected.com/ Frame AB0C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1347715&asId=ae2875f5-72f8-b50e-f753-49214f9841d5&tv=%7Bc:4dprop,pingTime:-10,time:634,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1676393887197%7C%7Ce8a235341288a53794290ab6c7b03393%7C%7C785dfe55a9f2805c0938a5514a072eb7%7C%7C6ce2ce4b6bac0ae4f52d81bf1fdb03cd%7C%7C96c36555ad7c46c74629c84be78fc6a1%7C%7Ca7a28dc036575c03f73ac2591c6c169a%7C%7Cf0ae43a1f0153984940101944cb1aace%7C%7Cb0bf405948332d6b513992359d0e8ea8%7C%7C1663701684%7D
Requested by
Host: e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
URL: https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:2d4d:67a7:4e93:963f -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:07 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
300x600_SS23_A_Moments_model_kitchen_03.png
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/300x600_SS23_A_Moments_model_kitchen_03.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d67bf5a965bc250522d68415ba649832a01cd45116c72d8a5535c2db56754127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 21:00:47 GMT
x-content-type-options
nosniff
age
71840
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104135
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Feb 2024 21:00:47 GMT
300x600_SS23_A_Moments_model_furniturestore_01.png
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/300x600_SS23_A_Moments_model_furniturestore_01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f222d6b8480c70924bcf36f24afe56f2e30c1a4cddf16854410384bb4be973ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 23:32:07 GMT
x-content-type-options
nosniff
age
149160
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121743
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Feb 2024 23:32:07 GMT
300x600_SS23_A_Moments_model_alfresco_02.png
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/300x600_SS23_A_Moments_model_alfresco_02.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0ca4b51839bbce037fa7aa19f1155e8fb8c80adef6f5bf00302f7a73a11e1b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 23:32:07 GMT
x-content-type-options
nosniff
age
149160
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109650
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Feb 2024 23:32:07 GMT
300x600_SS23_A_VAL_Moments_05_RGB.png
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/300x600_SS23_A_VAL_Moments_05_RGB.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
10978d4206f43439c284c198d512ee1b7c110a7e163ad46bb1cc811802ddc486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 23:32:07 GMT
x-content-type-options
nosniff
age
149160
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76332
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Feb 2024 23:32:07 GMT
300x600_SS23_A_VAL_Moments_09_RGB.png
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/300x600_SS23_A_VAL_Moments_09_RGB.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ba555072c108dbcbbd53ca420ea2fbff4799fec2ec092067e0a1cb4e6fdeca10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 04:48:19 GMT
x-content-type-options
nosniff
age
130188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106638
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Feb 2024 04:48:19 GMT
300x600_2023_A_VAL_Moments_01_RGB_2022_10_20.png
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/300x600_2023_A_VAL_Moments_01_RGB_2022_10_20.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1ba75ebfba9f1d3181f1fc042d00939d82027d2d6267bee1b6f382624d8ec23b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 11:47:12 GMT
x-content-type-options
nosniff
age
364255
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118313
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Feb 2024 11:47:12 GMT
300x600_logo.png
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/300x600_logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e9fc948d4225e3a06d410517eca60e1841a30dd0ecfa2ca9b0670f2af0e680c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 01:17:49 GMT
x-content-type-options
nosniff
age
56418
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1391
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Feb 2024 01:17:49 GMT
sync-all.html
adxbid.info/ Frame D975 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c012 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
799758c8bbf15c14-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 16:58:08 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgOHj1FDaFwwhB%2F6nT9zTOEqnk9yRt4Mf6%2BK7ZkT2x8T6vmq9qmXzsh3vNgcmtuDJUqyHkjiXxjdg8epcUBqfghfnhgZVtqI0oW3RScDNkf9bNQDP04dTru9Q6%2FU6hR7wQqcuDth7Uhwpw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
beacon
ap.lijit.com/ Frame 9C8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13408460
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 14 Feb 2023 16:58:08 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
usersync
ssp.wp.pl/bidder/ Frame A2C4 		477 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=1953517997540887800&sn=mc_adapter
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 16:58:08 GMT
last-modified
Thu, 26 Jan 2023 14:18:39 GMT
server
nginx
vary
Origin,Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 69D9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1191
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
799758c8d8a9377c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 16:58:08 GMT
expires
Tue, 14 Feb 2023 20:58:08 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 40EE 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 14 Feb 2023 16:58:08 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 0AC6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Feb 2023 16:58:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame B7B0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=1&gdpr_consent=
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8c00:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3124
cache-control
max-age=7200
content-encoding
br
content-type
text/html
date
Tue, 14 Feb 2023 16:06:05 GMT
etag
W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified
Tue, 14 Feb 2023 08:05:58 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-id
KKMtF9RHsTFBZxJ3X8ejeITsEsp_i7ws_KPeLaqF-GKRQ4XXHdLjwg==
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
CbHUvJELLzJh.lcMuzMaa6AqYjveuNgv
x-cache
Hit from cloudfront
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame A2C4 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=1953517997540887800&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ea874000f2f5ea529b3f5b8550093c494fb15a3caef182995c41c8f5048327eb

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
content-encoding
br
last-modified
Tue, 14 Feb 2023 13:59:37 GMT
server
nginx
etag
W/"aa6888a3ab4c0c80f54dc92a6dd1bda2"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=900, stale-while-revalidate=86400
timing-allow-origin
*
access-control-allow-headers
*
usync.html
eus.rubiconproject.com/ Frame 8FE6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Feb 2023 16:58:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 6ED3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13408460
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 14 Feb 2023 16:58:08 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
sync-all.html
adxbid.info/ Frame 3D84 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c012 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
799758c8cbf95c14-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 16:58:08 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYSvy%2FAx46wL7p0CIt8xXcp4kDrlQ%2BiIliIXgyY4WW8GxtcqJLlnpf98nCrvES91YZvuM%2BkJSqBVKHDdBKk3Rty6gy3rr78M8Uf4qUHCxxYsc208s1FZ%2B4rB7oGJds7qtwVQ%2FZCSgFBejQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
usersync
ssp.wp.pl/bidder/ Frame 55EB 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=80302907569481170000&sn=mc_adapter
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 16:58:08 GMT
last-modified
Thu, 26 Jan 2023 14:18:39 GMT
server
nginx
vary
Origin,Accept-Encoding
pbsync.html
js.adscale.de/ Frame 9D1C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=1&gdpr_consent=
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8c00:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3124
cache-control
max-age=7200
content-encoding
br
content-type
text/html
date
Tue, 14 Feb 2023 16:06:05 GMT
etag
W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified
Tue, 14 Feb 2023 08:05:58 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-id
FtsE6rN7ba47MrjNd4ovwEAG_NOK8mj93gVJgryCqgqhglGYD1Hyhg==
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
CbHUvJELLzJh.lcMuzMaa6AqYjveuNgv
x-cache
Hit from cloudfront
pd
u.openx.net/w/1.0/ Frame 7619 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 14 Feb 2023 16:58:08 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 37CF 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget-delfiee.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://dekor.delfi.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1191
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
799758c8d8ac377c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 16:58:08 GMT
expires
Tue, 14 Feb 2023 20:58:08 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 55EB 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=80302907569481170000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ea874000f2f5ea529b3f5b8550093c494fb15a3caef182995c41c8f5048327eb

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
content-encoding
br
last-modified
Tue, 14 Feb 2023 13:59:37 GMT
server
nginx
etag
W/"aa6888a3ab4c0c80f54dc92a6dd1bda2"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=900, stale-while-revalidate=86400
timing-allow-origin
*
access-control-allow-headers
*
getuid
eb2.3lift.com/ Frame D975 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
getuid
eb2.3lift.com/ Frame 3D84 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame 83CE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
36c76d38e9f6cd46ff0f84f70e5abd560b82abbc0003b2e73b5d91dde47b5848

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1652
Content-Type
text/html
Date
Tue, 14 Feb 2023 16:58:08 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame E46B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
1773370a8a6d6dc48377300d30e4a125d499a1b32a24c0c3c44e9df9a40ba4aa

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1584
Content-Type
text/html
Date
Tue, 14 Feb 2023 16:58:08 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
userconnect.js
js.adscale.de/ Frame B7B0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8c00:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id
ydN514.uEIO3O8BbYMkWXROZct_QTZeC
content-encoding
gzip
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
date
Tue, 14 Feb 2023 16:27:40 GMT
last-modified
Tue, 14 Feb 2023 08:05:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1829
x-amz-server-side-encryption
AES256
etag
W/"988fbfb6c270a6080f89deb043243858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200
x-amz-cf-id
tJmuFGS0IM6YvS1mEUz5JTXEqnGumF94MndIGKfm19ehNvDr3NGNZA==
usync.js
eus.rubiconproject.com/ Frame 8FE6 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e3714e8491d6a8fd59cf78fcbe630ae28b406f5cb426782e00016c96401fc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:58:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 11:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65929
Connection
keep-alive
Content-Length
10007
Expires
Wed, 15 Feb 2023 11:16:57 GMT
usync.js
eus.rubiconproject.com/ Frame 0AC6 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91e3714e8491d6a8fd59cf78fcbe630ae28b406f5cb426782e00016c96401fc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:58:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 11:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65929
Connection
keep-alive
Content-Length
10007
Expires
Wed, 15 Feb 2023 11:16:57 GMT
userconnect.js
js.adscale.de/ Frame 9D1C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8c00:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id
ydN514.uEIO3O8BbYMkWXROZct_QTZeC
content-encoding
gzip
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
date
Tue, 14 Feb 2023 16:27:40 GMT
last-modified
Tue, 14 Feb 2023 08:05:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1829
x-amz-server-side-encryption
AES256
etag
W/"988fbfb6c270a6080f89deb043243858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200
x-amz-cf-id
hitcr9t5iZXqKaS9VWu4Y5Mtwg8Sej4Z66Y9ztpjQf3yVLUYZrlThQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB0C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3447786992313&version=m202301230201&ct=76&x=1&cor=2883273797860983300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame D975
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1170fc5bb54a5409804d0f37098c30bcea4a03101686653a2da4cf22ddbf647f
86 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1170fc5bb54a5409804d0f37098c30bcea4a03101686653a2da4cf22ddbf647f
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1170fc5bb54a5409804d0f37098c30bcea4a03101686653a2da4cf22ddbf647f
Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
setuid
user-sync.adxpremium.services/ Frame 3D84
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1170fc5bb54a5409804d0f37098c30bcea4a03101686653a2da4cf22ddbf647f
86 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1170fc5bb54a5409804d0f37098c30bcea4a03101686653a2da4cf22ddbf647f
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1170fc5bb54a5409804d0f37098c30bcea4a03101686653a2da4cf22ddbf647f
Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 83CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN9Rk53okckJw0_h75qq4H0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN9Rk53okckJw0_h75qq4H0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN9Rk53okckJw0_h75qq4H0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 83CE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
51PXM9T8B8KZWR8QZMAW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VS80J2V2BFQ5W0GJ0ZG4
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 83CE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 83CE 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:6b2a:5cae:833b:4670 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame 83CE
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3a52e9b5-30f9-3f2d-33e73ab8
43 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3a52e9b5-30f9-3f2d-33e73ab8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.33.19 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5c4y6trZTdsgs4lNtfxXF3QXz4Pxv%2B5ImL%2BGUnC0NJT2KO7aF7fXGxPCULRVR2UT22rSQmgyvouI8Cr2%2BKWEG3tEEjRsfyop%2Fxwrjk3tbB53MTo82pW8hrkyd81sTFpOY40mb590"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
799758cc19939000-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 14 Feb 2023 16:58:08 GMT
via
1.1 google
server
nginx/1.23.3
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3a52e9b5-30f9-3f2d-33e73ab8
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 83CE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2db263eb-bda0-4100-95f5-6014c985a428
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2db263eb-bda0-4100-95f5-6014c985a428
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
MT3 457 2362390 master cdg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2db263eb-bda0-4100-95f5-6014c985a428
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Feb 2023 16:58:07 GMT
rum
dsum-sec.casalemedia.com/ Frame 83CE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3507218930593461888
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3507218930593461888
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3507218930593461888
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
demconf.jpg
dpm.demdex.net/ Frame 83CE
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
34.255.210.6 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v046-0dafbee55.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8EQ+Oa26Q4Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v046-0ca0386dc.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
stexQxnBROM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame 83CE 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y.u9nj3ver2KnIsSxzEP4gAA%261197
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
6640
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
799758cade598fee-FRA
content-length
43
expires
Wed, 15 Feb 2023 16:58:08 GMT
userconnect
ih.adscale.de/ Frame B7B0 		131 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1676393888378&umd=false&gdpr=1&gdpr_version=2&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6337f4e6f0e5c5ad74fe203a06dc0040609d673b8e2a5f2160c5d6562cffeaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
131
content-type
application/javascript
crum
dsum-sec.casalemedia.com/ Frame E46B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3019568783745404024
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3019568783745404024
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 14 Feb 2023 16:58:08 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
70b141d0-de99-4c72-a3f5-a1bd1c2eda0f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3019568783745404024
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E46B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:6b2a:5cae:833b:4670 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB
date
Tue, 14 Feb 2023 16:58:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame E46B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y_u9oAAFXGLTmwBh
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_u9oAAFXGLTmwBh&_test=Y_u9oAAFXGLTmwBh
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_u9oAAFXGLTmwBh&_test=Y_u9oAAFXGLTmwBh
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220096-HHN
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1676393889.601019,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_u9oAAFXGLTmwBh&_test=Y_u9oAAFXGLTmwBh
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame E46B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAH5s07H13sAACFxawaxvA&expiration=1677603488
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAH5s07H13sAACFxawaxvA&expiration=1677603488
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAH5s07H13sAACFxawaxvA&expiration=1677603488
Date
Tue, 14 Feb 2023 16:58:08 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame E46B
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329524285247713
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329524285247713
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329524285247713
Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame E46B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e84463eb-bda0-4300-84f8-0dc173e05491
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e84463eb-bda0-4300-84f8-0dc173e05491
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 14 Feb 2023 16:58:08 GMT
Server
MT3 457 2362390 master cdg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e84463eb-bda0-4300-84f8-0dc173e05491
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Feb 2023 16:58:07 GMT
ix
ad4m.at/ad/sim/ Frame E46B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E46B 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y-u9nj3ver2KnIsSxzEP4gAABK0AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:6b2a:5cae:833b:4670 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame E46B 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y.u9nj3ver2KnIsSxzEP4gAA%261197
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdekor.delfi.ee%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
6640
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
799758cade5e8fee-FRA
content-length
43
expires
Wed, 15 Feb 2023 16:58:08 GMT
userconnect
ih.adscale.de/ Frame 9D1C 		131 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1676393888392&umd=false&gdpr=1&gdpr_version=2&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6337f4e6f0e5c5ad74fe203a06dc0040609d673b8e2a5f2160c5d6562cffeaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
131
content-type
application/javascript
map
ih.adscale.de/ Frame FB01 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b1158e2173ea5d51c8ebd267f5f55d49df1558c94db63ff69f8b45b46ac931d

Request headers

Referer
https://js.adscale.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2633
content-type
text/html;charset=ISO-8859-1
date
Tue, 14 Feb 2023 16:58:08 GMT
map
ih.adscale.de/ Frame E4BD 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
020eaa0d6f9e265f6a573590c26669574523c0842d263d9eb48694fbc66ed19c

Request headers

Referer
https://js.adscale.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2633
content-type
text/html;charset=ISO-8859-1
date
Tue, 14 Feb 2023 16:58:08 GMT
match.js
js.adscale.de/ Frame FB01 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8c00:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id
dLYsY7WOf8hk8zLgM2J0O2j9Vq1a69l7
content-encoding
gzip
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
date
Tue, 14 Feb 2023 15:18:42 GMT
last-modified
Tue, 14 Feb 2023 08:05:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
5967
x-amz-server-side-encryption
AES256
etag
W/"ff7cce9128150bd82f1a709c03692e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200
x-amz-cf-id
fMPTvFtJWk7YWqEk06A20axvq0OJXRDKVQ8lwnY8nPRHFk9xRt9_GQ==
match.js
js.adscale.de/ Frame E4BD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8c00:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id
dLYsY7WOf8hk8zLgM2J0O2j9Vq1a69l7
content-encoding
gzip
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
date
Tue, 14 Feb 2023 15:18:42 GMT
last-modified
Tue, 14 Feb 2023 08:05:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
5967
x-amz-server-side-encryption
AES256
etag
W/"ff7cce9128150bd82f1a709c03692e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200
x-amz-cf-id
n-ka0I75yb7rmzzTf5vjAL4XCXAOdWwqjaq9mcH5RuBgHg-Kj6AHIw==
img
ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/ Frame FB01
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=87e135d3b73947ff84267b415158d608&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?tpid=101&tpuid=BBID-01-03511078885440211-16841016
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?tpid=101&tpuid=BBID-01-03511078885440211-16841016
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
49
content-type
image/gif

Redirect headers

location
https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?tpid=101&tpuid=BBID-01-03511078885440211-16841016
date
Tue, 14 Feb 2023 16:58:08 GMT
cache-control
private, max-age=3600
access-control-allow-credentials
true
server
nginx
img
ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/ Frame E4BD
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=87e135d3b73947ff84267b415158d608&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?tpid=101&tpuid=BBID-01-03511078886128249-16841016
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?tpid=101&tpuid=BBID-01-03511078886128249-16841016
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
49
content-type
image/gif

Redirect headers

location
https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?tpid=101&tpuid=BBID-01-03511078886128249-16841016
date
Tue, 14 Feb 2023 16:58:08 GMT
cache-control
private, max-age=3600
access-control-allow-credentials
true
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 8FE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJQMysHoC6Ah3pW16CnbcX8&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJQMysHoC6Ah3pW16CnbcX8&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJQMysHoC6Ah3pW16CnbcX8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8FE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&gdpr=1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&gdpr=1
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0SE1WWlctMVEtTTJaRg==&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8FE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CFYDvnUSCCU3bdV252ClOcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pyzrIbFE2oLFCdZlBGDQ8K2oCIkmD95dG7hSuQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pyzrIbFE2oLFCdZlBGDQ8K2oCIkmD95dG7hSuQ--~A
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 14 Feb 2023 16:58:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pyzrIbFE2oLFCdZlBGDQ8K2oCIkmD95dG7hSuQ--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8FE6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&dcc=t
Protocol
HTTP/1.1
Server
52.94.223.167 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RVHD33E6RA65N0NTSY2A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q5C2MA92KC0XB84SHSJ4
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8FE6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&dcc=t
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6G4SZA4VQMHHKXR7M5C0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 16:58:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
21AN1D5DB0WTXTQGDG13
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8FE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWQ2YmNjNGQ2ODgyZmU5M2NlMzU4M2QzN2EyODE0Njk4NGYyNzFlZQ&gdpr=1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWQ2YmNjNGQ2ODgyZmU5M2NlMzU4M2QzN2EyODE0Njk4NGYyNzFlZQ&gdpr=1
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWQ2YmNjNGQ2ODgyZmU5M2NlMzU4M2QzN2EyODE0Njk4NGYyNzFlZQ&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 8FE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LE4HMVZW-1Q-M2ZF&gdpr=1
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LE4HMVZW-1Q-M2ZF&gdpr=1
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:07 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CFC69ABAF5FF479FB70DD91103CB22C1 Ref B: FRAEDGE1520 Ref C: 2023-02-14T16:58:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX0q948yDZRh23YoYcViw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LE4HMVZW-1Q-M2ZF&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 8FE6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame FB01
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=258281407d3d711a4595ccb90...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
49 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcc%2BvTgStf4%2Fq1FtijIVFjOIL%2B2UfGK2GODK0JDE7DjYc2%2BfHT6Zc96FO4IxcYq4i%2BzrxSvlJEO7zt4hkY3ThbphcjlfAD32iJs1ockPWIOE0NxoDO7hXpjodBV0ehLMa8R0l4HD"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
cache-control
no-cache
cf-ray
799758cc0c863671-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E4BD
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=258281407d3d711a4595ccb90...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
49 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lei3BX0JkdV6z%2FyrRhkSvQRJ827f2lRvhJht7%2Bgkt1MsjbmPTZQNmWCHNdH%2FidjtEf145pYpWiX5JRPrYNHJ%2Fjzess4STOT6NqHiH8uDj7%2FTCfnxHE6oNEyENe25Nv9riYOM%2F00"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
cache-control
no-cache
cf-ray
799758cc0c883671-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame FB01 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adscale&ttd_tpi=1&uid=c517dbf3ea15c05501936e58d35874d806a46e48b798125a579f79374123057e&tpid=60&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0ff51ca9789%2F1676393888425%2F0%2Fimg
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame E4BD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adscale&ttd_tpi=1&uid=c517dbf3ea15c05501936e58d35874d806a46e48b798125a579f79374123057e&tpid=60&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772e1ae63e0b7%2F1676393888430%2F0%2Fimg
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
img
ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/ Frame FB01
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=eb937fa22c04d0fa571bb6bc8ae76bca4ade00775480261bd6031deb11a356dd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a59b323d0...
  • https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?tpid=42&tpuid=6129535923113100799
49 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?tpid=42&tpuid=6129535923113100799
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?tpid=42&tpuid=6129535923113100799
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/ Frame E4BD
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=eb937fa22c04d0fa571bb6bc8ae76bca4ade00775480261bd6031deb11a356dd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f73463093f772...
  • https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?tpid=42&tpuid=6129535923113100799
49 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?tpid=42&tpuid=6129535923113100799
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:08 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?tpid=42&tpuid=6129535923113100799
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame FB01
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5ad3ff57-e6a3-467a-8b50-e87c26a6eba5
49 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5ad3ff57-e6a3-467a-8b50-e87c26a6eba5
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5ad3ff57-e6a3-467a-8b50-e87c26a6eba5
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2537069
content-length
0
expires
Tue, 14 Feb 2023 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E4BD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5ad3ff57-e6a3-467a-8b50-e87c26a6eba5
49 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5ad3ff57-e6a3-467a-8b50-e87c26a6eba5
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:08 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=5ad3ff57-e6a3-467a-8b50-e87c26a6eba5
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1885228
content-length
0
expires
Tue, 14 Feb 2023 00:00:00 GMT
sync
vid.vidoomy.com/ Frame 9847 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Tue, 14 Feb 2023 16:58:09 GMT
etag
W/"63e28045-c234"
last-modified
Tue, 07 Feb 2023 16:45:57 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
Abm0DAZrUg3/6TsJAA
x-77-nzt-ray
fefc880de2039d44a1bdeb63dbbe5d06
x-77-pop
viennaAT
x-accel-expires
@1676825528
x-age
605161
x-cache
HIT
sync
vid.vidoomy.com/ Frame CF09 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Tue, 14 Feb 2023 16:58:09 GMT
etag
W/"63e28045-c234"
last-modified
Tue, 07 Feb 2023 16:45:57 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
Abm0DAbSNS//6TsJAA
x-77-nzt-ray
fefc880de2039d44a1bdeb63d9767906
x-77-pop
viennaAT
x-accel-expires
@1676825528
x-age
605161
x-cache
HIT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E4BD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=cc2c3aaa2f9acf27c05f309d...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=2db263eb-bda0-4100-95f5-6014c985a428
49 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=2db263eb-bda0-4100-95f5-6014c985a428
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
49
content-type
image/gif

Redirect headers

Date
Tue, 14 Feb 2023 16:58:09 GMT
Server
MT3 457 2362390 master cdg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=2db263eb-bda0-4100-95f5-6014c985a428
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Feb 2023 16:58:08 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame FB01
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=cc2c3aaa2f9acf27c05f309d...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=2db263eb-bda0-4100-95f5-6014c985a428
49 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=2db263eb-bda0-4100-95f5-6014c985a428
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
49
content-type
image/gif

Redirect headers

Date
Tue, 14 Feb 2023 16:58:09 GMT
Server
MT3 475 4bd2ccd master cdg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=2db263eb-bda0-4100-95f5-6014c985a428
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Feb 2023 16:58:08 GMT
img
ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/ Frame E4BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae...
  • https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&tpuid=CAESELtxSFHnNZ_O0_LL1FMGWb4&google...
49 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&tpuid=CAESELtxSFHnNZ_O0_LL1FMGWb4&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/img?uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&tpuid=CAESELtxSFHnNZ_O0_LL1FMGWb4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
413
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/ Frame FB01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a...
  • https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&tpuid=CAESELtxSFHnNZ_O0_LL1FMGWb4&google...
49 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&tpuid=CAESELtxSFHnNZ_O0_LL1FMGWb4&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/img?uid=e66739baa0b8773f5d24e8165972c17efbbcf9048523ec05065420ab5e98d43b&tpid=38&tpuid=CAESELtxSFHnNZ_O0_LL1FMGWb4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
413
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame 3D84
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSJK2d7b4Ju9cdEGJa0bNB40st3CuF2lU9pUBwDOlPuWYd6t8F8GFGStt64QQbdsW1BspYphQx7nJzlmS%2FRZcvFZaaCJ4qICOmgl7Nr2QfxC6rQNhp%2F0oxnJSiMmEqWEbJdPXqix"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
cache-control
no-cache
cf-ray
799758cfb98f3671-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
setuid
user-sync.adxpremium.services/ Frame D975
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYZ6VLU1OWNWtxVVRqX%2BR2FOiHItOVbcIcGkDbh3dfOZ6%2FfSo8fQhadqVfShLrvkfq1NYA7eYGaCRgttVOGc8RgZc2G4YqnRKUs0KbVIe%2FM2KsgsQggVLn5%2Fiq%2BjdayM6Eocsyel"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.u9nj3ver2KnIsSxzEP4gAA%261197
cache-control
no-cache
cf-ray
799758cfb9913671-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=183&time=8&baid=57365606&name=Viewable%20at%2075%25&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=858123840
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=28&time=8&baid=57365606&asid=12380176&name=Played%2075%25%20Of%20Video&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=249184587
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
js
ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/ Frame E4BD
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=f9abcc07c5da3d9d5cd08d907b6c606be05abdffcc0aa1665d9bc59db592a994&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe2f7346...
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=f9abcc07c5da3d9d5cd08d907b6c606be05abdffcc0aa1665d9bc59db592a994&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F5ae188fe...
  • https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/js?tpid=48&tpuid=aa607d48864f56e3be0caa02a00fa258
44 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/js?tpid=48&tpuid=aa607d48864f56e3be0caa02a00fa258
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
422d0fbdaa74cef84f9f5b0f7328de10d7a7b23085995e660bf00bb7a78526d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
44
content-type
text/javascript

Redirect headers

location
https://ih.adscale.de/sium/5ae188fe2f73463093f772e1ae63e0b7/1676393888430/0/js?tpid=48&tpuid=aa607d48864f56e3be0caa02a00fa258
date
Tue, 14 Feb 2023 16:58:09 GMT
content-type
text/plain; charset=utf-8
content-length
147
vary
Accept
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
js
ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/ Frame FB01
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=f9abcc07c5da3d9d5cd08d907b6c606be05abdffcc0aa1665d9bc59db592a994&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8180b4a...
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=f9abcc07c5da3d9d5cd08d907b6c606be05abdffcc0aa1665d9bc59db592a994&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd9a77fe8...
  • https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/js?tpid=48&tpuid=9d40cf7568a8a65b0eb024f61c99ba53
44 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/js?tpid=48&tpuid=9d40cf7568a8a65b0eb024f61c99ba53
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
Protocol
H2
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
597ffb6e8c53c11bd4a799e48fb2dd335160a942f5ca3b07f10d32c5dc2ac200

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
44
content-type
text/javascript

Redirect headers

location
https://ih.adscale.de/sium/d9a77fe8180b4a59b323d0ff51ca9789/1676393888425/0/js?tpid=48&tpuid=9d40cf7568a8a65b0eb024f61c99ba53
date
Tue, 14 Feb 2023 16:58:09 GMT
content-type
text/plain; charset=utf-8
content-length
147
vary
Accept
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2037 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73171
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 14 Feb 2023 16:58:09 GMT
expires
Wed, 15 Feb 2023 13:17:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 59DA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73171
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 14 Feb 2023 16:58:09 GMT
expires
Wed, 15 Feb 2023 13:17:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 9847 		1 KB
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Tue, 14 Feb 2023 16:58:09 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
457575
x-77-nzt
Abm0DAbdJNb/Z/sGAA
x-accel-expires
@1676973114
last-modified
Thu, 09 Feb 2023 09:51:05 GMT
server
CDN77-Turbo
etag
W/"63e4c209-42e"
x-77-nzt-ray
fefc880de3fef348a1bdeb6380a6531d
vary
Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
urlsvid.json
vpaid.vidoomy.com/sync/ Frame CF09 		1 KB
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Tue, 14 Feb 2023 16:58:09 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
457575
x-77-nzt
Abm0DAY6v73/Z/sGAA
x-accel-expires
@1676973114
last-modified
Thu, 09 Feb 2023 09:51:05 GMT
server
CDN77-Turbo
etag
W/"63e4c209-42e"
x-77-nzt-ray
fefc880de3fef348a1bdeb63f049581d
vary
Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
sium
ih.adscale.de/ Frame FB01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Tue, 14 Feb 2023 16:58:09 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
sium
ih.adscale.de/ Frame E4BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.148.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fdekor.delfi.ee%2F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Tue, 14 Feb 2023 16:58:09 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
PugMaster
image6.pubmatic.com/AdServer/ Frame 2037 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26757409&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
62474df4ad32d0bd3883ceb4d85bb8aa62ac8afe29f0bd0daaad550a23fcd0b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 16:58:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
ap.lijit.com/ Frame 3D84 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Feb 2023 16:58:09 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync.php
pixel.rubiconproject.com/exchange/ Frame 3D84 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
user-sync.adxpremium.services/ Frame 3D84
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6129535923113100799
86 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6129535923113100799
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:09 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6129535923113100799
date
Tue, 14 Feb 2023 16:58:09 GMT
server
nginx
content-length
0
content-type
text/plain
match
c1.adform.net/serving/cookie/ Frame 8E3B 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=702368EB-BF93-4702-B129-500AC7A3037B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 14 Feb 2023 16:58:09 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9EB2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2db263eb-bda0-4100-95f5-6014c985a428&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2db263eb-bda0-4100-95f5-6014c985a428&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 14 Feb 2023 16:58:09 GMT
Expires
Tue, 14 Feb 2023 16:58:08 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 457 2362390 master cdg-pixel-x28 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2db263eb-bda0-4100-95f5-6014c985a428&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame AEF8
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3221908229510423063
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3221908229510423063
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3221908229510423063
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 492E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 16:58:08 GMT
expires
Tue, 14 Feb 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
883724
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame B03B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kxyUJMdLkHeITsgknEvcdMZJxSKIF8Z2wBfqC69w
42 B
574 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kxyUJMdLkHeITsgknEvcdMZJxSKIF8Z2wBfqC69w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 14 Feb 2023 16:58:09 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kxyUJMdLkHeITsgknEvcdMZJxSKIF8Z2wBfqC69w
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4C6E 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=702368EB-BF93-4702-B129-500AC7A3037B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Feb 2023 16:58:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W7NQBAQPRK7R9PCGBX0C
setuid
user-sync.adxpremium.services/ Frame 7DD4 		86 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=702368EB-BF93-4702-B129-500AC7A3037B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Tue, 14 Feb 2023 16:58:09 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2037
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cCNo67-TRwKxKVAKx6MDew%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
2.18.36.193 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:09 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=73171
accept-ranges
bytes
content-length
5554
expires
Wed, 15 Feb 2023 13:17:40 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2037
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=702368EB-BF93-4702-B129-500AC7A3037B&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 2037
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=702368EB-BF93-4702-B129-500AC7A3037B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=702368EB-BF93-4702-B129-500AC7A3037B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=702368EB-BF93-4702-B129-500AC7A3037B&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=702368EB-BF93-4702-B129-500AC7A3037B&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Redirect headers

date
Tue, 14 Feb 2023 16:58:09 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=702368EB-BF93-4702-B129-500AC7A3037B&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 2037
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzAyMzY4RUItQkY5My00NzAyLUIxMjktNTAwQUM3QTMwMzdC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2037
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOFJyjcNx7olaICaEPV938g&google_cver=1
42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOFJyjcNx7olaICaEPV938g&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOFJyjcNx7olaICaEPV938g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2037 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 13 Feb 2023 16:58:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2037
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6129535923113100799
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6129535923113100799
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6129535923113100799
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 2037 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
in-screen
stats-collector.cxense.com/cr-stats/event/ 		42 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-collector.cxense.com/cr-stats/event/in-screen?adId=735879&bnId=57365606&pId=954892&location=https%3A%2F%2Fdekor.delfi.ee%2F&t=%D0%94%D0%B5%D0%BA%D0%BE%D1%80&cb=1676393889882&siteId=1145189970857384309&cxId=cx%3Aqwo8wfxslz05w9drj7zdatob%3A25mm80z00mkg8&cxprnd=le4hmsu3nvq70xr3&configId=22&timeOnScreen=4&impRndId=y305scqd86nz5v1q&evid=cx:qwo8wfxslz05w9drj7zdatob:25mm80z00mkg8
Requested by
Host: ee-production-portal-root-3dc.s3.delfi.ee
URL: https://ee-production-portal-root-3dc.s3.delfi.ee/1.3.39/vendors/app.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dekor.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:09 GMT
server
Jetty(9.4.28.v20200408)
content-length
42
content-type
image/gif
pixel
ap.lijit.com/ Frame D975 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Feb 2023 16:58:09 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync.php
pixel.rubiconproject.com/exchange/ Frame D975 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
user-sync.adxpremium.services/ Frame D975
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6129535923113100799
86 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6129535923113100799
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:10 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6129535923113100799
date
Tue, 14 Feb 2023 16:58:09 GMT
server
nginx
content-length
0
content-type
text/plain
PanDisplayTT-Bold.woff
s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/ Frame 4453 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/PanDisplayTT-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/adStyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
24292d38ebb420580416c3f12d323cf8c6b568969887bf0f211bf947f29a05a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7806254510354989056/PAND_DE_DISPLAY300x600_COLLECTION_MOMENTS_X_SPLIT_STANDARD/adStyle.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 23:32:15 GMT
x-content-type-options
nosniff
age
149155
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25160
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 21:05:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Feb 2024 23:32:15 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame CF09 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CF09 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers
pbscookie
a.vidoomy.com/api/rtbserver/ Frame CF09
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=6ca7441c-0fb3-402e-89b7-9e22bcaf31da&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=6ca7441c-0fb3-402e-89b7-9e22bcaf31da&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
Protocol
H2
Server
52.59.131.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:11 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:10 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=6ca7441c-0fb3-402e-89b7-9e22bcaf31da&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
bdklkumt3sophgdvldm59ph745dbojsk
sync.php
pixel.rubiconproject.com/exchange/ Frame 9847 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookie
a.vidoomy.com/api/rtbserver/ Frame 9847
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3b...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=2db263eb-bda0-4100-95f5-6014c985a428&expires=30&ssp=vidoomy&bsw_param=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&gdpr=0&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd
Protocol
H2
Server
52.59.131.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:11 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd
date
Tue, 14 Feb 2023 16:58:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 9847
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=6129535923113100799&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=6129535923113100799&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Protocol
H2
Server
52.59.131.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Feb 2023 16:58:11 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=6129535923113100799&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
date
Tue, 14 Feb 2023 16:58:11 GMT
server
nginx
content-length
0
content-type
text/plain
SPug
simage4.pubmatic.com/AdServer/ Frame 2037 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
big-play.svg
af1.nh.ee/banners/scripts/components/images/controls/ Frame 9393 		666 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://af1.nh.ee/banners/scripts/components/images/controls/big-play.svg?v=2
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/banners/scripts/components/styles/videoThemeV2.css?version=1027
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.193 Harjumaa, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy2.delfi.ee
Software
DWS /
Resource Hash
3333ceba07529a9d18b2c7624884e84492d0a721eebf88bc70e5c779fde4c4c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://af1.nh.ee/banners/scripts/components/styles/videoThemeV2.css?version=1027
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:53:20 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 11:34:17 GMT
server
DWS
x-amz-request-id
tx000004113486f2da5066e-0063ebb7e9-32957437-default
age
291
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
412
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=184&time=11&baid=57365606&name=Viewable%20at%20100%25&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=168414927
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 5146 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61584290&event=29&time=11&baid=57365606&asid=12380176&name=Video%20Playback%20Complete&imprid=1288490541348636409&icid=6129535923113100799&eData=eDht8QEB4nRQvX1aGrjNFKgyZUJ1g7cnNv9eZnf1nu0b065lO4M5dTSNFNNLZDzA4a-D5Zf0Jm2rfM17CEpKp5ybT8iVn7GZIMrQPQD1LnQRRZsmgOuM2tE16n0Er-rYaOJDsqAYsG41&adxvars=4zIebbcTUfVNwz4yVgz-tMLH1jCFgOGYJjKZc6_NBNQwxxLIrYNrtuBlg8VKMoShqVg6FuwllTj1OWwwriIIiX9ya_Q5QN7EAOD_3Wlmt60H8uHY-qGac9AuJnfUpaa817X2cqN6CNZlJ0QIrUe_VXFNbdWUUaeHhYVA3Gruup7G_A65Uwu_34HSMvtm1_wnvb2nCWmvjEb8azw_sWk-lFahCktTiE_YB4UU4I55QYmnMT-wgZXtDTYeCzTDcAHB-zA_xmPGUQ48K1jSrPejR8S7jkNJMltHK55kpMgdyqhI9OnmtaiBAs114sznKqbFAN_TbmmgkOY86jl7BECdkRrVwMFCHvbE453E-e_YsebVSKXpyFEF-Q_8YArr0KHMz_E0TP8j91F97G6HWr6q2ze07rp8TwDAre2BqzsziDkqtEtKu7fHnY7JzI3WqEhMSQbG-Vm4dZhhgHHAM0O6SSITvp2KBVWoEip6fXQPOzjBrk0C-8tIQQ2&rtbdata=ZDjHwIaYSBHP7cAQQsWqIJU79JjCxURqTtcYjjl3bomK5XAMrzITFIp-BrszzkeaLHD-E28xIVuTuYAYCsijxEq2dFfFgu_oObIQNiUjZvkd3NH99xe58lMKRHqCAsG4ty0dHfibiZ_DeIjrSAcYFw2&rtbwp=y-aYpd_4Euk1&rnd=329893261
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dekor.delfi.ee/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://dekor.delfi.ee
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 59DA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96751211&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
685930c9ebee4cbdcf5531a2455f570e169ec2361cd2dd0643acc99a3a2f0502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 14 Feb 2023 16:58:10 GMT
content-length
2001
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 7419
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3019568783745404024&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3019568783745404024&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
df01aab7-d09d-49c8-a995-1bc239a84e6c
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Feb 2023 16:58:12 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3019568783745404024&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F65A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7200056941381417105&gdpr=0&gdpr_consent=
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7200056941381417105&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 14 Feb 2023 16:58:12 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7200056941381417105&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame FEAE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=J0FVUZCESRhtjksP7BZXs7nVm6I&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=J0FVUZCESRhtjksP7BZXs7nVm6I&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Feb 2023 16:58:12 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=J0FVUZCESRhtjksP7BZXs7nVm6I&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 2E6E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFINXMwN0gxM3NBQUNGeGF3YXh2QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAH5s07H13sAACFxawaxvA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7983959275830541028&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAH5s07H13sAACFxawaxvA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7983959275830541028%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7983959275830541028&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAH5s07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH5s07H13sAACFxawaxvA&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH5s07H13sAACFxawaxvA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 16:58:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 14 Feb 2023 16:58:13 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH5s07H13sAACFxawaxvA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B370 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 14 Feb 2023 16:58:12 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220096-HHN
x-timer
S1676393893.534873,VS0,VE89
setuid
user-sync.adxpremium.services/ Frame 6148 		86 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=702368EB-BF93-4702-B129-500AC7A3037B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Tue, 14 Feb 2023 16:58:12 GMT
info2
uipglob.semasio.net/pubmatic/1/ Frame 59DA
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=702368EB-BF93-4702-B129-500AC7A3037B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=702368EB-BF93-4702-B129-500AC7A3037B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=702368EB-BF93-4702-B129-500AC7A3037B&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:18 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:18 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=702368EB-BF93-4702-B129-500AC7A3037B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 59DA 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=702368EB-BF93-4702-B129-500AC7A3037B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
799758e49f722c5f-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 59DA
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=702368EB-BF93-4702-B129-500AC7A3037B
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.237.145.190 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 16:58:13 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 14 Feb 2023 16:58:12 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ids
idsync.frontend.weborama.fr/ Frame 59DA
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=361324025
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=702368EB-BF93-4702-B129-500AC7A3037B
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=702368EB-BF93-4702-B129-500AC7A3037B
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:12 GMT
via
1.1 google
last-modified
Tue, 14 Feb 2023 16:58:12 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=702368EB-BF93-4702-B129-500AC7A3037B
date
Tue, 14 Feb 2023 16:58:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 59DA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_afd94998-ec83-4b72-8dc0-b5e758bc6c29&bsw_param=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&gdpr=&gdpr_consent=&gdpr_pd=
1 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 16:58:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 14 Feb 2023 16:58:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
702368EB-BF93-4702-B129-500AC7A3037B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 59DA 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/702368EB-BF93-4702-B129-500AC7A3037B?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:6b2a:5cae:833b:4670 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 59DA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=702368EB-BF93-4702-B129-500AC7A3037B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIHCuz9E2uXbZfGQF_0W8HFMGPk1Qa4-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIHCuz9E2uXbZfGQF_0W8HFMGPk1Qa4-~A&gdpr=0
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MIHCuz9E2uXbZfGQF_0W8HFMGPk1Qa4-~A&gdpr=0
date
Tue, 14 Feb 2023 16:58:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 59DA 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=702368EB-BF93-4702-B129-500AC7A3037B&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 16:58:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 59DA 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 14 Feb 2023 16:58:12 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
user-sync.adxpremium.services/ Frame CF09 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Tue, 14 Feb 2023 16:58:13 GMT
setuid
user-sync.adxpremium.services/ Frame 9847 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Tue, 14 Feb 2023 16:58:13 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 59DA 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 16:58:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery object| Adform object| _adform object| adformtag object| _fscope object| delfi_afp function| uuid function| afp_desktop_interscroller function| afp_interscroller function| afp_pagebreak object| cookie function| Get_Cookie function| Set_Cookie function| Delete_Cookie object| iframeConfObj undefined| en_container_id function| setEnContainerId string| configId function| setConfigId object| cX string| CUSTOMER_ID object| adtlgcen_SETTINGS object| enr_vars object| _slots object| _iterations object| _timers function| BaseSize function| InViewNode function| InViewData function| ClientRectImpl function| getData function| trackImpression function| trackClick function| onClickHandler function| getGPTParamsObject function| updateSlotVisibility function| runOnTickVisibilityTime function| onSlotLoad function| onImpressionViewable function| onSlotVisibilityChanged function| en_adf_trackAD object| adtlgcen_Cookie object| en_ads object| loc_ object| en_slots object| adtlgcen function| en_regAD function| alen_onactiveelementchange object| admp_ object| __NUXT__ object| webpackJsonp object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| __SENTRY__ function| _ object| PortalRoot number| LoginApiModuleStatus object| AppleID object| GoogleGcLKhOms object| LoginAPI object| MobileAPI number| cp_user_package_counter object| $nuxt object| DelfiAFPcounter object| jQuery18308370314329716793 string| GoogleAnalyticsObject function| ga function| clarity function| fbq function| _fbq function| __tcfapi boolean| _inter_adf_3034__rendered__ number| _inter_adf_3034 object| gapi object| ___jsl function| _dct undefined| _adform_cb_1676393880596_8515966073704906 function| gsc object| ari number| bfsample object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init function| gemius_close function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event string| pp_gemius_identifier function| EDTracker object| _edtracker object| gaplugins object| gaData object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis boolean| _inter_adf_294107__rendered__ number| _inter_adf_294107 boolean| _inter_adf_881562__rendered__ number| _inter_adf_881562 boolean| _inter_adf_203448__rendered__ number| _inter_adf_203448 undefined| cXJsonpCB1 boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall function| __adform_adbox_fixedLeft function| __adform_adbox_fixedCenter function| __adform_adbox_fixedRight function| __adform_adbox_fixedTop function| __adform_adbox_fixedMiddle function| __adform_adbox_fixedBottom number| __adform_adbox_init function| AdformWin24o7hb8iuls string| evid_00XX object| googletag undefined| cXJsonpCB2 object| __bt_intrnl object| google_image_requests

55 Cookies

Domain/Path Name / Value
.delfi.ee/ Name: delfi-adid
Value: 57735dcf-d89c-4cf6-b132-857d48b8b4b2%2C1676393877940%2C1676393877940
.delfi.ee/ Name: __gads
Value: ID=862aab2aea5be9ba-2211f59990dc0043:T=1676393878:RT=1676393878:S=ALNI_Mbk1OBP01iNMHTurKhlsvYFugDoGQ
.delfi.ee/ Name: __gpi
Value: UID=00000bb6f01939a6:T=1676393878:RT=1676393878:S=ALNI_MZA2hiVpeaNFM4sjIcM-KwC-5ZyKw
.delfi.ee/ Name: cp_user_package_t
Value: 1676393880194
.delfi.ee/ Name: _fbp
Value: fb.1.1676393880633.2137689925
s.delfi.ee/ Name: _edcCORS
Value: d95677d37ed0eaebc797b9ee6cab1864
s.delfi.ee/ Name: _edc
Value: d95677d37ed0eaebc797b9ee6cab1864
www.clarity.ms/ Name: CLID
Value: 3110cf80859547b38570829bbf4123ab.20230214.20240214
.adform.net/ Name: uid
Value: 6129535923113100799
.delfi.ee/ Name: dcid
Value: 2317361853,1,1707929880,1676393880,a401780ce7b9b5f7343022dd0f703c7b
.delfi.ee/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAWAVg4AcATiEB2AAwDeogMwDuM8UJABfIA
.delfi.ee/ Name: _pcid
Value: %7B%22browserId%22%3A%22le4hmst48isqinfk%22%7D
.delfi.ee/ Name: cX_P
Value: le4hmst48isqinfk
.delfi.ee/ Name: cX_S
Value: le4hmsu4knlvy32p
.delfi.ee/ Name: _edid
Value: 0:le4hmsua:~okXn9zWHKUEEVF0fkeDRTRg9uR9xUtG
.delfi.ee/ Name: _edt
Value: 0:le4hmsua:HmnPnGbU8Ir2Ai0xbQoQ~yj5v98EDNU4
.delfi.ee/ Name: _ga
Value: GA1.2.835921100.1676393879
.delfi.ee/ Name: _gid
Value: GA1.2.35143455.1676393881
.delfi.ee/ Name: _gat
Value: 1
.adnxs.com/ Name: uuid2
Value: 3019568783745404024
.delfi.ee/ Name: __gfp_64b
Value: KmPAHRgnnjes3i4k7nI5T35gtj3_crq7_d2sYxh3QsX.B7|1676393880
.bidswitch.net/ Name: c
Value: 1676393880
.bidswitch.net/ Name: tuuid_lu
Value: 1676393880
.bidswitch.net/ Name: tuuid
Value: 9bb81e5e-5f66-4ebc-a02e-9b1e6ef8b3bd
.delfi.ee/ Name: _clck
Value: 10mnbof|1|f94|0
.adform.net/ Name: TPC
Value: 1676393880957
.doubleclick.net/ Name: IDE
Value: AHWqTUlFEDNJ9uEsKAj2vI4kpIo_EQAcmL0K28_droo5e3P_kYvEXyhEVcKsI_hH_6c
.adsby.bidtheatre.com/ Name: __kuid
Value: 96b9477b-14df-47b2-a638-8a791e801306.445607881
.hit.gemius.pl/ Name: Gtest
Value: KlxhhMaGQMGGrEXRiXhRvdfissGMXP8c25nSGuvETrH5XBG.
.hit.gemius.pl/ Name: Gdyn
Value: KlGIBRXGQMGGrEXRiXhRvdfissGMXP8c25nSGuvETrH5FRxSG7RrGS6Gt4FBFlM1YH8PlexaG0F6Sssa
.cxense.com/ Name: gckp
Value: 2di00u41i0iit2w6ym6x3sjz8t
.delfi.ee/ Name: cX_G
Value: cx%3Aqwo8wfxslz05w9drj7zdatob%3A25mm80z00mkg8
dekor.delfi.ee/ Name: evid_00XX
Value: cx:qwo8wfxslz05w9drj7zdatob:25mm80z00mkg8
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjGyABLm5obGQnyGulUVpSlOpo6-llkmwQCGk1KrJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjGyABLm5obGQnyGulUVpSlOpo6-llkmwQCGk1KrJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5mbGlsYWFoYmgKAHYV3b0QAAAA
.bing.com/ Name: MUID
Value: 32B8A7179F2F6E2F17AAB5AF9EFD6FC7
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 32B8A7179F2F6E2F17AAB5AF9EFD6FC7
.delfi.ee/ Name: _clsk
Value: 1ful3o5|1676393881476|1|0|k.clarity.ms/collect
pool.admedo.com/ Name: tuuid
Value: 8226dc0c-98ad-4d56-b0df-7fe84f48306a
pool.admedo.com/ Name: c
Value: 1676393881
pool.admedo.com/ Name: tuuid_lu
Value: 1676393881
dekor.delfi.ee/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 32B8A7179F2F6E2F17AAB5AF9EFD6FC7
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.delfi.ee/ Name: cX_partner
Value: adform%3D3
.delfi.ee/ Name: cto_bundle
Value: m41tMV9zaFYlMkJmSk4lMkY1bk9WSktDaEpSQWo2QWNmMjFaOXlaUnAlMkZsbXV4UU5MYmJrOWhLJTJGUlZOQ08lMkJXYWZ5Y0V2Sk9UeTRmd1hxVDlrcXNxbjVzYTVENFRkaUlMTEp5OUtLSzF0dWY3ck5RcWdrJTJCcFR5S0NqVEhCckFPYWclMkZuMHJTZ2cz
.delfi.ee/ Name: cto_bidid
Value: ltVC6V9BSHRWRkUyYUslMkZERTFRRlJDbkQ3WUR0TzRWZkxjMkVLY1VabEc5cmpTZWZYZHl1bTczcXZ1d2pWRzRGbnJQV1RFR0JEZW4xbCUyQmw5JTJCdmFvZGJuSkhtdyUzRCUzRA
.adscale.de/ Name: cct
Value: 1676393884879
.adscale.de/ Name: uu
Value: 87e135d3b73947ff84267b415158d608
.rubiconproject.com/ Name: khaos
Value: LE4HMVZW-1Q-M2ZF
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3Ck4wrTIXPZT5APvdogVCbaTd6KyMQnaub55ZO9yeic9Gclb7pWFUPl/YFSdXAABCyQy6UQ0P5J8xuhZpbWKLtotBalZsqcqc=

1 Console Messages

Source Level URL
Text
security warning URL: https://sgaee.hit.gemius.pl/xgemius.js(Line 826)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' https://*.delfi.ee
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9718abed89a2adb46ee6b2c5558fa4fd.safeframe.googlesyndication.com
a.audrte.com
a.rfihub.com
a.teads.tv
a.vidoomy.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad4m.at
adnet-d.openx.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
adxbid.info
af1.nh.ee
ap.lijit.com
api.btloader.com
api.cxense.com
api.delfi.ee
apis.google.com
appleid.cdn-apple.com
as.ck-ie.com
aud.pubmatic.com
banners.adnetmedia.lt
bbnaut.ibillboard.com
bh.contextweb.com
bid-collector.digitalmatter.ai
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.cintnetworks.com
c.clarity.ms
c1.adform.net
cc-endpoint.digitalmatter.ai
cdn.cxense.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
connect.facebook.net
cr.frontend.weborama.fr
cs.media.net
csyn-r.cxense.com
d5p.de17a.com
dekor.delfi.ee
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e18bd1066b9816244f71462ca40d06dc.safeframe.googlesyndication.com
eb2.3lift.com
ee-production-portal-root-3dc.s3.delfi.ee
ee-production-portal-root-3dc.s3.delfi.net
eus.rubiconproject.com
events.getsitectrl.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g.delfi.ee
g1.nh.ee
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h.delfi.ee
hb.adscale.de
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
id.cxense.com
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
js.adscale.de
k.clarity.ms
keytarget.adnet.lt
l.getsitecontrol.com
lb.eu-1-id5-sync.com
ls.hit.gemius.pl
macro.adnami.io
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.delfi.ee
s0.2mdn.net
s1.adform.net
s2.getsitecontrol.com
scdn.cxense.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sgaee.hit.gemius.pl
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssp.wp.pl
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats-collector.cxense.com
stats.g.doubleclick.net
std.wpcdn.pl
storage.googleapis.com
sync-tm.everesttech.net
sync.mathtag.com
sync.srv.stackadapt.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
tracking-a.dsp.m6r.eu
tracking.m6r.eu
ts.delfi.ee
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
user-sync.adxpremium.services
vid.vidoomy.com
visitor.fiftyt.com
vpaid.vidoomy.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.33.19
104.18.36.94
104.77.42.191
104.96.145.246
13.227.198.171
13.32.28.197
130.211.23.194
135.125.163.79
141.94.170.64
141.95.98.65
142.250.180.230
142.250.201.194
142.251.208.130
145.239.237.56
146.59.21.33
147.75.83.64
147.75.85.120
151.101.194.49
159.65.196.12
162.19.138.118
172.64.151.162
172.64.154.237
174.137.133.49
178.250.0.157
178.250.2.151
18.159.14.212
18.204.184.179
185.106.140.18
185.180.12.68
185.184.8.90
185.20.100.193
185.20.100.195
185.29.134.248
185.64.189.110
185.64.189.229
185.64.190.78
185.64.190.81
185.80.39.216
185.86.138.124
185.86.138.151
185.89.210.82
193.0.160.129
193.200.125.15
193.200.125.19
193.200.125.237
198.148.27.139
2.18.36.193
20.205.115.81
20.54.110.135
20.96.88.162
2001:678:cb4:bbbb::11
212.77.98.32
212.77.99.29
213.155.156.180
216.52.2.30
23.203.124.21
23.65.195.36
2400:52e0:1e00::1080:1
2600:1f18:1aca:4281:2d4d:67a7:4e93:963f
2600:9000:206f:8c00:f:4f64:8940:93a1
2600:9000:211a:1e00:1b:5138:8a40:93a1
2600:9000:215d:e200:a:e047:752:5701
2600:9000:2304:4200:8:48e:53c0:93a1
2602:803:c004:200::140
2606:4700:10::ac43:266a
2606:4700:10::ac43:db6
2606:4700:20::681a:78b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4513
2606:4700:4400::6812:271f
2606:4700:e6::ac40:c012
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:400d:802::2002
2a00:1450:400d:803::2002
2a00:1450:400d:803::200e
2a00:1450:400d:804::2002
2a00:1450:400d:805::2001
2a00:1450:400d:805::2002
2a00:1450:400d:805::2003
2a00:1450:400d:806::2003
2a00:1450:400d:807::2004
2a00:1450:400d:807::2006
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2010
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::200e
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::200a
2a00:1450:4025:401::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:2638:3::7
2a02:26f0:11a:391::268b
2a02:26f0:11a:398::268b
2a02:6ea0:cb00::2
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::485
2a05:d018:d29:3605:6b2a:5cae:833b:4670
3.124.13.195
3.124.92.31
3.125.71.9
3.126.56.137
3.67.118.188
3.67.148.232
34.102.146.192
34.111.129.221
34.111.131.239
34.111.151.213
34.120.107.143
34.255.210.6
34.91.62.186
34.96.105.8
35.186.253.211
35.201.96.126
35.210.53.219
35.244.159.8
37.157.2.247
37.157.5.141
37.157.5.142
37.252.171.53
37.252.172.123
50.16.15.12
51.144.7.192
52.211.240.68
52.223.40.198
52.46.151.131
52.58.123.114
52.59.131.191
52.94.223.167
54.217.61.24
54.225.207.120
54.237.145.190
54.81.177.226
62.209.227.211
69.173.144.138
69.173.144.139
76.223.111.18
77.243.60.138
8.2.110.113
85.114.159.93
85.206.141.183
92.123.36.4
98.98.134.243
0113743e37aa07d12dd6d38d0faa2ffa9dbd0baff8d3c389a512e5a4ea2b9ec7
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
020eaa0d6f9e265f6a573590c26669574523c0842d263d9eb48694fbc66ed19c
034759a545e372f8668347d5b9c8c6f1b32f6fed8249ff6df729ffb019e0aaf0
04bcd678f7cbb4f1c0e335a9d19b38b0f41a9cd61ec1c59cd27c648d8ea31661
04d7836e823edecb6c46216fc26b091fc2ae1b421d2129602b00092fd8686170
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06639d033d7cf998bac4c166c2040102efc566e743de92c2d7b932dee909e3c7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081a5bd68c731a03d33c0531b8f3605b427d25b3d363ed57d561ccf31a8a1127
08a0669e6eccef3240a6c2e11da33d69a45a19fe97a12769518cbf550087c910
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
0a76b85e697813fc51676112ff4ea247ac7d642f671c997151678e1611f4afa0
0b1158e2173ea5d51c8ebd267f5f55d49df1558c94db63ff69f8b45b46ac931d
0b81c309b17e73f8d72fd1fec9bd418f1e4604946c025c10134c5a8c0a9b6ff9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca4b51839bbce037fa7aa19f1155e8fb8c80adef6f5bf00302f7a73a11e1b9b
0d3e4f9af38db0f2b0e22fc9c4766db2905562ec2d6e57f05e7d6f1b0c2e2935
0ff6e3cb20b3dfaa3e4bed7d1b5882fd586760b00f37e5887525ef1875052117
10500246a382cea643d5be30b598992a1abea3fd497f33cbe0527fdac47bf4ee
10978d4206f43439c284c198d512ee1b7c110a7e163ad46bb1cc811802ddc486
1105d5809e54d7baedd88406d9e72c240a38d60e1f894ab9affb0568eae29859
123e25687ea20a51faec9df8484cc5bab963f8355a2de1fda0021dfdcc3ed66c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128fe826f7377e487b7bf20d8a42b8f6c5acdb47def31508215d4e2a92a4e3a7
12d15a0ee7341fc5f7442a76acd2f8634032b7b333bf0165821c2e7405e046b9
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b
13685a4cbb636df27dce53ae2c21a3c12c8d3068e7d2cda954befc88476d170e
1394abdaa84a9462fa37786c3d713d4aee0df4a053003bc9ab6b53b8faccdd7e
153c351a8c1decc7854812b546874a5100de60783f738a611da8e940f0c267bb
1642c186826461b5466e7c8ca32ff87b03a60ece7002d41950d5a31bddc835e5
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1773370a8a6d6dc48377300d30e4a125d499a1b32a24c0c3c44e9df9a40ba4aa
1791cec4211d0c92c1a80e5a47e105627d42eeb8e1ebd8e837243800f7fe1c8c
17a5a19916cdbab148de9dfca900fd8c7d0cf8588244618c0ca876544c25acbe
1810a6403b291b58492325c75efebcb58e1ce8469ba9b3804a293cd0829f1a51
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b656f26cf47fd0d5f613aaa52b6744c347a3b4eb9a1829426344ace9661d0a8
1b9be055b4ebf8a9600730423bf4c7e1287e14adcc63386feba3e506fff84432
1ba75ebfba9f1d3181f1fc042d00939d82027d2d6267bee1b6f382624d8ec23b
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f4a93acd6eee48d66e7b64e5f8631ea21b6190d013ee7b85debf7ad35efe424
2020e8a3c910eca0ba278da98160214b0798a0bf37269ea5426e5a97d3f123bc
24292d38ebb420580416c3f12d323cf8c6b568969887bf0f211bf947f29a05a5
24656028405a35df20c7680b70d6b4997129dd9403993a849140b26042c695cf
24f3faaf4e5e2e7d742610d896743273c500aae0617c4627f139d535621648fb
251696d5f38629eb591e510befe0d10e64e2f56916538013f3cba6c530f97929
257ee1e2ce38b9c99ba80cc4e2608f0597ff4fb6e7831aa6a5822270826466df
25e3945c58ee32264dc6dbde8cbe845028f82c721c375cf1dba9830976670a2f
2666547aa5f21c8976a98216692f3b6a049323f244593d67772523533e703b76
284cc0215846e0177a71374a6b5edfc803d932978413faca489263984d2866fc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b2f95356652b862c3994e8425b07a396418c62aecce8c63ca20639064de0fd1
2bc9c045bb7e85c817d05212f850787274f5b3de3fe63df280d0a486d838f434
2d7f23560495bf3906401f877b3e1e435257e2fde10f14ecb2fffcb6a9eee27b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3f6589e4f416de5c6c38d9b3b2acae2ebfed796634fc627eb0dc58148fc2b3
2ffb6db274553f1e53040cbd9cef4e8a4823d0048cfb7754326273128acbbd82
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
331c63a6cd0f5d1da1e18621dbd1ca356b6ba2ba8a63057384e5fcaac3edad21
3333ceba07529a9d18b2c7624884e84492d0a721eebf88bc70e5c779fde4c4c9
3394281507aea79d8bf61c2fe889709e24c33f0ef3485b4e30c9a48d514a541e
34f366db74b3f0394bfef7413c8416176c7a06946ef5352bc97a7f8d4f19da71
35497c029304e711703af33f1bc415b3db4f854b6c7e6e24a489221cf40c44c4
36c76d38e9f6cd46ff0f84f70e5abd560b82abbc0003b2e73b5d91dde47b5848
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
386c46133094026b452a2e7f359d6c958d62a159703a71f64cef113b45d3595b
39235861d9bc9a21651d032048c05298d7018a1a70de913b10fd48902e0cd339
3a4e93e9b0405c363a153d924c6e6e9a269c19363efc1f86bb1214ec0733be53
3a71f2d4cdf846b4955bf06fca7417f4720915225e99cd27efb14f08c2e86a3f
3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fc322dcef5cb6e553b9157653cc74e88099e5f6aabefedf52eae368c99dbb0b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40706017efbd5f62404d4393667ce6bd5fd7db58e044abedaac5d87ef422d0ca
40ef54d0436a54f266417eb228961bf6cea2fde3e8adf2b1bf6f3fd0d617c332
422d0fbdaa74cef84f9f5b0f7328de10d7a7b23085995e660bf00bb7a78526d2
43d770b69af69d2605e20517ba52e4bf913159fb0f3c20167513b0d9feb5cf6a
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44d24cfbd544a681ebcc61438641cbc17722f3274866752eedb82625ddf058d2
454909afa2d03c3684af7e23c971482ec045eb4e9559195a4d4522f0bdf3f775
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
45e9a7d593ad90119c54535c776a7f09c8974be37724d569eda2515fc830703b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
46ab61748e150272aab5c0224e72d0c8a3c6df9f40277db62a52f9f7b02ee637
46bfcc499b55652cd794cfe8e7cedf8c301f90784055eda4cc5ff77e1b2c8c98
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48aff1d666f53f7b69d718cbe52234a90665daed42bd1ce545cc945e8082a802
48c019652057ffa263a9566bd84fcd4d3b034cc2cfd713acd5f835544ff2c68f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4caf607cf2f924aeddc636f4f666b2275be1f86ce40f729a2360366d31c46027
4d8a252b3c1ea2559fdd3786da4f32b182d9a780533315103bffbd6aa81b0498
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0e56016291fb04cf08d069e25d2d5a522943ca215eabc22b245925d63d0569
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52036e323fca4d2cb6f0fee2d99bc0cff78cda2dfdded17e8280d92fc833e73c
5298a10e67a5354ddbb587aa1558c0e6476ab614afdec917d036794ef5688cf0
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
53acd1d23d0957fe5dc1d36964cc501e65e3522406a29106d8fadcf02ec9142f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57486c62cdf807e878d75ca686484e1b3e2a9e57337d8b6533b8b16427ac6524
578df5aea91ff2cc8fb30ed380cc68137bf9f92ad755cfeb73d1e1c0929953bd
5797691548eb8ee126ca300c213860aac9a5c967f1066e301cffc03aa13e060e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
597ffb6e8c53c11bd4a799e48fb2dd335160a942f5ca3b07f10d32c5dc2ac200
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5ddc3339d37dfe2b34eb5dffe38ce9701d09d3e34451b57d42820c412369d6ca
60031fc7e21875f8d8e7e5275c013427dd04707dc262732711ac2c5e5f87b1e2
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
61835352dfbbfbfae4345655fc7451e580272b28a4aa3377fe008701ac7ebf34
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ea6d2146faefbfa5bac6c6b818e59cd41c5730afb968b6617c27c1d0f53a73
62474df4ad32d0bd3883ceb4d85bb8aa62ac8afe29f0bd0daaad550a23fcd0b8
6362d595fe704d1a94572dc761e58bb0fefce1414c7eaf1b7d85be41d429a617
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
645fed6817d3a464dc56507cb4c285f417e7891bc3d0be0fffb47cf8bf482e1d
649a428192ef3f9a3c3569840cde04c4bc0f16f9fce5b87255185cf20fcd0999
6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
66b0b91e982db62ea6b5439ea192f5ba5e7d4ffd99fe098a89fbf79b4836c472
680804e8c7f24478e4ab89685f9863062735c5fad082ed24718206e1370289f5
685930c9ebee4cbdcf5531a2455f570e169ec2361cd2dd0643acc99a3a2f0502
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
691e665562268f82554eb81043b44cf3ee555e88763cc1385c86a750cfa3f579
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b1a904496300b3e8367894aab2c9769af60c1bf58f349bd68938afb124db13c
6c20331abdc043852ae7e985502e211d4edb4d7f55f0af21791658c0cab03557
6d69e799f177456dc072b835030213ca9fbc42ea03ed64193d1f43f75858967a
6f60b024b9991c6c8235adc277353ad6624bfa4f2c3384e1ee1e107131dcb5de
71cb8c3f3cf0da4cd8a1d4d27d08e5ea5bd899814517d706f9db21e1135d4b82
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7362e1beaa76f870436bdcdfac7ead0b00c779baba45784469e3897301ed748f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045
7665a78398ac9159d54d1ebca3f257a5fbe564425cbef3492508e288c0439cb8
7764c27fef5c3adde7c0ca7a3b4de6122a5ac205500946a7805a65d494c92133
79653416f8da556b5c2e7fe5072f81682fe0b6ff4d40089468c0a2fa8fa9ec29
797b49f272d46e3b075cc18c6f8e4ecdbe7a5d3239e2576d2161099e13898648
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c
7a37a4e2f1464a5f82bafc1aea9bc92be25447be734467ecdbd5e1874e22551b
7ac0a8d8faf26b8a5ab31b9a5dcb8778adb98efcea5b4d2e38197e0a06e765c2
7bf6c9555cdc5218e9f44a2cc1967aa5dfa332fc155e9ca03dc4af9e669ffe34
7e32c53d6dac82707140d83d751315b79939d6ea4f818903d57e27e72f42df98
7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e
80006734e4dbd5a0e60f885b1d9c9b5d440bf496e80b254238dc20271272352b
805e50e94fbcb7d68b58ce9f186cde8113203b0874fc85c3e82038be7fd708fa
808e6c1287361172a67028f278c1d530fbb90923d433047b5b350a06bfa9c12f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859ca09d35e47fed4262ed3230d408da83dc76731555d4a22663f8f54ab61b60
86f280a49df7f3f2ecfcbb9f0b2e3b24021b601a8cb97ea2bb166de26b4f8ab1
8822b98fa653c0088ee3481faef2bec0b6b2dc9970294591901dcafb7dc539c3
89053367ca0471a50274294eacfc92059c28fbd72c823ac79ca61682d19cb96b
8acc4ecd21841390489dc022ab190c753b64c363185a99d45cceba3e23b3888c
8b0fb17b69c707614669f65102063f3535305f605e39f62a83da8ccea3acd072
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8c3934d35760a650d44b3116e9df6ad49ce597da426fdfe72cc32ca6c10c52bd
8d25400c3d89a2d74221a25fb66c122f94365ee8d4ffbe2622cbad64ddc4f745
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91e3714e8491d6a8fd59cf78fcbe630ae28b406f5cb426782e00016c96401fc3
943ce8a6b3f4050ec3051bf0c0568212216a2d7ffac33b0ffc1120206899c518
96a98f9460ee711db398da161bd1176038788cc112090705e132c43868b2613f
979f22e251965d22160a798cc3b8827d9b099acb1113123fe033a1b4186dab50
980c5d3f2c9d21b9c5ddd170f98a7a3f77a8e96cf2406ed205d5ce339aeabf91
988e27f42a1d2f659130dde78bbec44060cf1a8e3c0b7a21e118387056bb2c8f
98cd0f1162423e25e30f3146d59a282867582c86ed028cf2ac5e9b380a331f61
98dc160dfed39fda5ff70fb2c4bbbdfe36bfe85a618bec19d7d791327dd466cd
9902d2306f452022956d113268414d57ac0183fa038a24124a6af2de49016baa
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f4cdef5ebd4fd33b153334aef03491f7ca6cead60ced5d0c881928650cce50
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7d0cd64aa16c119196c2033b4411c2f9f95d12b8a2dd533cba94ca946d0c78
9c0c60164a6c62ed5403f3355809187f907639e048cafc24a6d8d3ba87f76060
9c7d7ff3ac1e736ae590c9d7d063e39c10f77b4adae5a79067923e3b25443f4f
9d24806e33b2d3d330c0b08a53b440c3ca943f40a471b6f558dd950f467802fb
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e66ef31e40868d5251f0832216c3a89a3a648e86115f10c208eed979ce28816
9e9a0fee08f54a7955afc0f906fdbfca87e2d33860d26a713bf052bc185588f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2
a33c3749cbeefbb4b745b0966a5f8d6125b4f3bb779416491059c2e4a61aef0b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a597197a7acd25e8121eafbda1af7b742bafaf0018da7e3df7fa13dd4c0875f0
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62
a6dd4c92bf9ff88b1c1a5640b447412726139322acb924812ffce7b153811f6c
a8aa8dca6d3f41f762764727d05a94e5777de9bce6f31fd4fe5e051c810a60dd
abf86ee36738da2b8035276a38f8b6f8d6b262cc799b5f2844c57f60db00e2da
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a
ae4b3a302e40995eda4592557914e9927c05121d6f021b99d219af1773a35413
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812
af3909aa6a6fe89f312d8d34ee3fb59a1cd673f54bfb58744be46a1c5897dde1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b318b43a62302eba28a5b555ac5bf701feb1c17717036f6ca1f4c706ad941a28
b5b4f4c535f52ae39f2476d0fc3758c8db87f9b21f4b9a10cbeb501fa5d778cf
b7589ad815e0add1866a1717a065830d4a9251ad9e33c6808bd930eacef27c96
b819f03123a31ae83c1fb734aa83e8ca613b7ed025ce5fc26b06bd38e72b6433
b82de132537da69427cc65e31a46cdd793abb796da9cff47f4035cd973441eb8
ba555072c108dbcbbd53ca420ea2fbff4799fec2ec092067e0a1cb4e6fdeca10
bb1f49f3f2c8946bc3a3f8f4c471bc883aa1cc12ff7d07f48b31552ba1f667ce
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6428edd601872def753fbac1e22bf8c27711328cadca827ebba43dd272654d
bb96d5bb2d91fce2c8edd688d10c4f34cccab84083fa2282073b6a544f1ab514
bb9a67c0bd8a184cc47b0a4acc667278e2f666c9b89d319dfd8d5f1931bf4375
bcec855983d0f91c80b990053d4984b799ba8c14dcf3a210ddefed9cf88c2c66
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be6c756d6018f907ac9b8ff853e1ddcd59922a725db6130313c02f52629691de
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c18ad3169d1e12d597e20a9328bd1cd18559ec73406b2c2ec03235bc7d3821cc
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25219f53f3660ba604a25433b6485e8e250020bd6fa5e2eeb666b0d8089da76
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c33f752a05890675b289493621fa60a2953b22a38f6d5b07d091e8e7ed7fd50a
c4f66986527aaa9fefbc2a92d8890f1d863e1554990cdf6415accd5994d48880
c6337f4e6f0e5c5ad74fe203a06dc0040609d673b8e2a5f2160c5d6562cffeaf
c6d45a9596913887865197a423e46ec9bcb127bb64e540f156230ab70254637e
c6e9f1ded43f6bf0b1c1932404478ecbaef9dea0d804a4e764286dc6bcc091e8
c73b60cbdff28b19e5d19eecddb1c579391360e90145687f11024fdcae9716fd
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c85fc7754f20007829760c6881ca59ff087a718b79eb2d313ebae8c7157b2f2e
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cdd9258e1dff12b31b6033b9062f211ca59beba17e118ad46d2363b376b213d5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d145253703a360ab1651a59ec9f675663831918d541515720bddbc7ac85a6005
d4256d63b2a57d8cf4fdea040ae35a01e762c85644b964c7e0a454448c1dc0b7
d62708967c348dbf47fb028f9a71673f70d4f4af3405b03a3045eb2a63813410
d67bf5a965bc250522d68415ba649832a01cd45116c72d8a5535c2db56754127
d6d360fbeb75b28351d8a4f41cb0714cbabdf52eb253bf643d877972f901cbf8
d7376900ed06e630d37f2d3fc0b8305400072836275c9c070a0b7cdfd79d8d3b
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da99004a3dd3736a976dbff7dfe56ebf70076475ba4e60d67506dead66e38ee4
db63f5cb5ce4679a3ed40cb6d220d8e4515d2d9dd9198bee70e41853e29c8b30
e31e156ac243c4707ca5e03e1470d7a17c870afe5ecfa5e337c79a5765a5351b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e75c85bf47f2dd4a26bd3ed7cfc867047539c5c95fe5e809271cec0078bccc8d
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e994fbb42463c8b16d6d2ca3b8c2d71ffde867c6d147e6950d6b7c2b97a072c2
e9fc948d4225e3a06d410517eca60e1841a30dd0ecfa2ca9b0670f2af0e680c6
ea12dfa0a21ef0aff014277a2a2f37e1cdb77aa0d12418d163d32a24236228f1
ea874000f2f5ea529b3f5b8550093c494fb15a3caef182995c41c8f5048327eb
ed1a6f20d6b26f15244630b9355842a1f206b2179873bc30df040e6e2e2eab82
ed58ac34535ea8ee1a46f4ec3eb69da7a4d2b9a744ddb3abf46015ae4f813293
ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bb4f4e526c417896deb5521d188bd77fc982b0ed258cfbfa91dccc681548e0
f1df7cdd2012da6588d571f8c80f58da81d992a30b9ab12d181d188eb009354a
f222d6b8480c70924bcf36f24afe56f2e30c1a4cddf16854410384bb4be973ab
f42c0f8f346250ff215abbf141f82ce17d469f20bb5f38f7a0bc234060ae7b6f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f62078c9887750aa2191f6fa53bbef9af30d070f1980cefb7cdc039cbae1d5b0
f6c42d9e5fcaf58b27955d50545a7c093fc1324462e08160ec1e2460b50b864d
f778831f0c51045430aa5fbce0abe4cefcf373095253b0ac136c980f6540397c
f8b491dadebd033401986d85a2ee758763f22d7516ff9a614ef570a73498d302
f90348af51b4aa0d28a64008d1e52de5c65cdcae03726b347a98db2e6514102e
fa54f89966969c8efda97a165feefc2191b78f5d8d0800217a712507e56ce360
fbc3cc788029fca04cb84850d5b7b93d65ff051de267621e453a9eccac3db18a
fd48751f608df0faaa476b684b50ccdf5f707aec427e499ff39e84b1f5eefd1d
fe64a48d3bbecfe9f1b630e910a4f655a2e2dc42550cad62a59bf473cc2b9503
fe95a11067829c81431a5a59eb809232569fe01724ffe482766a0cb203f4bb5d
ffbbe56bf8e357b215eafea3a0c591db1bfb363bb956399f0d5a9c0398faca29