urlscan.io logo urlscan.io
SecurityTrails logo

www.minitool.com Open in urlscan Pro
2606:4700::6812:14b2  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Submission: On June 06 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 136 IPs in 14 countries across 119 domains to perform 584 HTTP transactions. The main IP is 2606:4700::6812:14b2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.minitool.com. The Cisco Umbrella rank of the primary domain is 108947.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 6th 2022. Valid for: a year.
This is the only time www.minitool.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
5 23.35.237.86 16625 (AKAMAI-AS)
7 18.66.192.102 16509 (AMAZON-02)
2 199.232.196.134 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:20c... 16509 (AMAZON-02)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
8 161.35.253.218 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
60 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.97 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 52.209.172.99 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 141.95.33.111 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
2 35.190.39.111 15169 (GOOGLE)
1 23.35.229.181 16625 (AKAMAI-AS)
2 2001:4860:480... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
1 146.75.118.132 54113 (FASTLY)
6 35.244.159.8 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 12 70.42.32.63 13789 (INTERNAP-...)
21 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 31 142.250.186.34 15169 (GOOGLE)
6 26 185.80.39.216 27381 (CASALE-MEDIA)
12 16 185.89.210.153 29990 (ASN-APPNEX)
24 2a00:1450:400... 15169 (GOOGLE)
3 6 52.215.211.28 16509 (AMAZON-02)
8 142.250.186.98 15169 (GOOGLE)
1 5 34.247.133.3 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:245... 16509 (AMAZON-02)
6 2600:9000:245... 16509 (AMAZON-02)
23 2600:1f13:800... 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
9 3.33.220.150 16509 (AMAZON-02)
7 137.184.242.150 14061 (DIGITALOC...)
3 69.166.1.15 27630 (AS-XFERNET)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 18.195.80.95 16509 (AMAZON-02)
3 2602:803:c003... 26667 (RUBICONPR...)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 34.120.63.153 396982 (GOOGLE-CL...)
3 18.194.223.184 16509 (AMAZON-02)
3 2a0c:5c81:514... 55081 (24SHELLS)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 5 51.75.86.98 16276 (OVH)
1 5 193.3.178.4 399668 (E-PLANNING-)
3 98.98.134.241 21859 (ZEN-ECN)
2 2 8.2.110.24 46636 (NATCOWEB)
12 193.3.178.3 399668 (E-PLANNING-)
2 193.3.178.1 399668 (E-PLANNING-)
2 2 44.216.78.19 14618 (AMAZON-AES)
6 69.166.1.10 27630 (AS-XFERNET)
2 35.186.253.211 15169 (GOOGLE)
2 2 3.217.213.80 14618 (AMAZON-AES)
4 4 104.80.242.37 16625 (AKAMAI-AS)
12 23.201.255.110 16625 (AKAMAI-AS)
2 205.234.175.175 30081 (CACHENETW...)
19 2606:4700:10:... 13335 (CLOUDFLAR...)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
4 6 37.157.5.132 198622 (ADFORM)
1 2a04:4e42:200... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 7 185.64.189.115 62713 (AS-PUBMATIC)
1 2a05:d018:24:... 16509 (AMAZON-02)
3 4 34.250.200.92 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.82 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
2 3 3.71.149.231 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
2 52.31.71.52 16509 (AMAZON-02)
1 162.55.236.224 24940 (HETZNER-AS)
5 8 151.101.66.49 54113 (FASTLY)
1 1 95.101.148.198 16625 (AKAMAI-AS)
1 1 35.171.239.119 14618 (AMAZON-AES)
4 8 67.220.228.200 16509 (AMAZON-02)
1 2.23.197.190 16625 (AKAMAI-AS)
2 2 52.31.201.132 16509 (AMAZON-02)
4 8 69.173.144.165 26667 (RUBICONPR...)
12 14 18.194.57.28 16509 (AMAZON-02)
3 5 209.54.182.161 16509 (AMAZON-02)
4 4 185.89.211.12 29990 (ASN-APPNEX)
3 3 35.214.243.70 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 52.213.148.186 16509 (AMAZON-02)
2 76.223.111.18 16509 (AMAZON-02)
9 23.35.236.201 16625 (AKAMAI-AS)
5 5 185.29.134.244 30419 (MEDIAMATH...)
14 185.64.191.210 62713 (AS-PUBMATIC)
2 2 213.155.156.181 1299 (TWELVE99 ...)
8 185.64.189.110 62713 (AS-PUBMATIC)
1 1 178.250.1.9 44788 (ASN-CRITE...)
3 3 193.0.160.131 54312 (ROCKETFUEL)
1 1 2620:116:800d... 16509 (AMAZON-02)
5 6 54.154.11.143 16509 (AMAZON-02)
4 5 208.93.169.131 46244 (WEBMD-IDC...)
1 1 185.86.138.150 201081 (SMARTADSE...)
3 3 54.227.251.232 14618 (AMAZON-AES)
1 173.231.181.122 32475 (SINGLEHOP...)
1 1 52.220.229.2 16509 (AMAZON-02)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.242.206 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.111.129.221 396982 (GOOGLE-CL...)
3 4 18.214.236.190 14618 (AMAZON-AES)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
3 185.64.190.81 62713 (AS-PUBMATIC)
2 5 2a05:d018:d29... 16509 (AMAZON-02)
2 2 52.48.238.17 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 46.228.164.11 56396 (AMOBEE)
1 1 134.122.57.34 14061 (DIGITALOC...)
2 27 34.247.233.198 16509 (AMAZON-02)
1 1 35.210.239.72 15169 (GOOGLE)
2 2 64.74.236.223 22075 (AS-OUTBRAIN)
2 2 3.211.219.149 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
2 169.197.150.7 398989 (DEEPINTENT)
4 4 52.211.178.255 16509 (AMAZON-02)
2 185.86.138.151 201081 (SMARTADSE...)
2 77.245.57.72 36057 (WEBAIR-IN...)
2 8.2.111.13 46636 (NATCOWEB)
2 2 124.146.215.47 2514 (INFOSPHER...)
2 80.77.87.166 46636 (NATCOWEB)
1 18.66.192.107 16509 (AMAZON-02)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 108.138.233.121 16509 (AMAZON-02)
1 108.138.36.121 16509 (AMAZON-02)
2 108.138.36.98 16509 (AMAZON-02)
1 216.52.2.30 32475 (SINGLEHOP...)
1 67.202.105.33 32748 (STEADFAST)
1 13 185.239.172.77 55081 (24SHELLS)
3 4 37.157.5.133 198622 (ADFORM)
2 2a0c:5c81:515... 55081 (24SHELLS)
2 184.30.20.22 16625 (AKAMAI-AS)
2 2 18.195.124.86 16509 (AMAZON-02)
2 34.98.64.218 396982 (GOOGLE-CL...)
3 142.250.185.66 15169 (GOOGLE)
1 23.88.86.2 24940 (HETZNER-AS)
4 4 213.19.147.44 26120 (RHYTHMONE)
1 2 77.243.51.121 42697 (NETIC-AS)
2 2 146.59.148.16 16276 (OVH)
2 2 18.198.126.47 16509 (AMAZON-02)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 23.206.20.27 16625 (AKAMAI-AS)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
584 136
9    2606:4700::6812:14b2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.minitool.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2606:4700:20::681a:644 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
5    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
7    18.66.192.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-102.muc50.r.cloudfront.net
widget.trustpilot.com
2    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
minitool.disqus.com
2    2606:4700:10::ac43:1627 (United States)

ASN13335 (CLOUDFLARENET, US)
www.linkconnector.com
1    2600:9000:20c3:2400:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
3    2606:4700:20::ac43:4b3f (United States)

ASN13335 (CLOUDFLARENET, US)
www.artfut.com
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    161.35.253.218 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
60    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:225b:b800:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
4    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
4    52.209.172.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-172-99.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
pixfuture2-d.openx.net
us-u.openx.net
u.openx.net
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
sync.outbrain.com
21    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
31    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
26    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
16    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
24    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    52.215.211.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-211-28.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
8    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
5    34.247.133.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-133-3.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
ajax.googleapis.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2600:9000:2450:5e00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
6    2600:9000:2450:4400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
23    2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
9    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
7    137.184.242.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebidserver.pixfuture.com
3    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
3    18.195.80.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-80-95.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
3    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
3    18.194.223.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-223-184.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    2a0c:5c81:5142::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
11    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
5    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
5    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
3    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
pixel-sync.sitescout.com
2    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
12    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-ams03.e-planning.net
2    193.3.178.1 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
2    44.216.78.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-78-19.compute-1.amazonaws.com
ssp.disqus.com
6    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    3.217.213.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-213-80.compute-1.amazonaws.com
cookies.nextmillmedia.com
4    104.80.242.37 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-242-37.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    205.234.175.175 (Cantonment, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
19    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
6    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f00:c809:e236:12ac:7ef7 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
7    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a05:d018:24:b002:87fa:f3e4:ea80:83b3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    34.250.200.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-200-92.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.82 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
3    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    52.31.71.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-71-52.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
8    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    35.171.239.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-239-119.compute-1.amazonaws.com
usermatch.krxd.net
8    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    52.31.201.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-201-132.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
8    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
14    18.194.57.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-57-28.eu-central-1.compute.amazonaws.com
x.bidswitch.net
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
3    35.214.243.70 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 70.243.214.35.bc.googleusercontent.com
csync.loopme.me
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    52.213.148.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-148-186.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
9    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
14    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
6    54.154.11.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-11-143.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
5    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    54.227.251.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-251-232.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    173.231.181.122 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.242.206 (France)

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    18.214.236.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-236-190.compute-1.amazonaws.com
a.audrte.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
5    2a05:d018:d29:3601:6b04:f2d6:9b64:eb08 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    52.48.238.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-238-17.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
27    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
2    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    3.211.219.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-219-149.compute-1.amazonaws.com
sync.ipredictive.com
2    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    52.211.178.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-178-255.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    8.2.111.13 (United States)

ASN46636 (NATCOWEB, US)
cs.iqzone.com
2    124.146.215.47 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    18.66.192.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-107.muc50.r.cloudfront.net
get.s-onetag.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    108.138.233.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-233-121.lhr61.r.cloudfront.net
onetag-geo.s-onetag.com
1    108.138.36.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-121.muc50.r.cloudfront.net
signal-beacon.s-onetag.com
2    108.138.36.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-98.muc50.r.cloudfront.net
signal-segments.s-onetag.com
1    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
13    185.239.172.77 (Newham, United Kingdom)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.spotim.market
sync.console.adtarget.com.tr
4    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
s.adtelligent.com
2    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    18.195.124.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-124-86.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
pixfuture2-d.openx.net
3    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ade.googlesyndication.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
4    213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
2    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loada.exelator.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    2602:803:c003:200::37 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    23.206.20.27 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-20-27.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    2a02:26f0:480:f::213:7ede (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
Apex Domain
Subdomains		 Transfer
79 googlesyndication.com
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
ade.googlesyndication.com — Cisco Umbrella Rank: 306
473 KB
53 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221
stats.g.doubleclick.net — Cisco Umbrella Rank: 111
googleads.g.doubleclick.net — Cisco Umbrella Rank: 51
cm.g.doubleclick.net — Cisco Umbrella Rank: 231
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351
343 KB
44 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 541
image6.pubmatic.com — Cisco Umbrella Rank: 762
ads.pubmatic.com — Cisco Umbrella Rank: 540
simage2.pubmatic.com — Cisco Umbrella Rank: 690
image2.pubmatic.com — Cisco Umbrella Rank: 899
image4.pubmatic.com — Cisco Umbrella Rank: 1135
simage4.pubmatic.com — Cisco Umbrella Rank: 1258
76 KB
35 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 975
fastlane.rubiconproject.com — Cisco Umbrella Rank: 523
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1117
eus.rubiconproject.com — Cisco Umbrella Rank: 614
pixel.rubiconproject.com — Cisco Umbrella Rank: 362
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2286
token.rubiconproject.com — Cisco Umbrella Rank: 605
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9047
77 KB
35 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 947
static.adsafeprotected.com — Cisco Umbrella Rank: 633
dt.adsafeprotected.com — Cisco Umbrella Rank: 572
298 KB
30 pixfuture.com
cdn.pixfuture.com — Cisco Umbrella Rank: 49517
served-by.pixfuture.com — Cisco Umbrella Rank: 46207
prebidserver.pixfuture.com — Cisco Umbrella Rank: 51402
598 KB
29 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1531
usersync.gumgum.com — Cisco Umbrella Rank: 1829
10 KB
26 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
ssum.casalemedia.com — Cisco Umbrella Rank: 1329
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
dsum.casalemedia.com — Cisco Umbrella Rank: 1413
20 KB
24 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 324
969 KB
21 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3860
u-ams03.e-planning.net — Cisco Umbrella Rank: 35286
s.e-planning.net — Cisco Umbrella Rank: 7497
i.e-planning.net — Cisco Umbrella Rank: 6558
sync.e-planning.net — Cisco Umbrella Rank: 5219
7 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
secure.adnxs.com — Cisco Umbrella Rank: 446
20 KB
19 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3441
mwzeom.zeotap.com — Cisco Umbrella Rank: 2935
6 KB
17 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1400
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3513
mv.outbrain.com — Cisco Umbrella Rank: 1926
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5848
sync.outbrain.com — Cisco Umbrella Rank: 740
127 KB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 340
5 KB
13 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1001
s.amazon-adsystem.com — Cisco Umbrella Rank: 318
9 KB
12 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1372
google-bidout-d.openx.net — Cisco Umbrella Rank: 1466
pixfuture2-d.openx.net — Cisco Umbrella Rank: 60456
rtb.openx.net — Cisco Umbrella Rank: 1176
us-u.openx.net — Cisco Umbrella Rank: 474
u.openx.net — Cisco Umbrella Rank: 695
2 KB
11 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8171
va.tawk.to — Cisco Umbrella Rank: 7864
142 KB
11 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5987
ghb1.adtelligent.com — Cisco Umbrella Rank: 8842
sync.adtelligent.com — Cisco Umbrella Rank: 5395
s.adtelligent.com — Cisco Umbrella Rank: 10570
ghb2.adtelligent.com — Cisco Umbrella Rank: 10809
7 KB
10 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3099
c1.adform.net — Cisco Umbrella Rank: 598
cm.adform.net — Cisco Umbrella Rank: 1224
4 KB
9 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1149
ups.analytics.yahoo.com — Cisco Umbrella Rank: 315
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452
4 KB
9 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2122
sync.go.sonobi.com — Cisco Umbrella Rank: 1055
9 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 365
2 KB
9 minitool.com
www.minitool.com — Cisco Umbrella Rank: 108947
201 KB
8 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 702
2 KB
7 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 4615
44 KB
6 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 23338
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 22981
3 KB
6 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4315
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5638
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5815
signal-segments.s-onetag.com — Cisco Umbrella Rank: 10148
19 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 579
3 KB
6 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1111
sync.mathtag.com — Cisco Umbrella Rank: 518
4 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 416
mug.criteo.com — Cisco Umbrella Rank: 2331
dis.criteo.com — Cisco Umbrella Rank: 587
8 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 616
3 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 826
132 B
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1463
contextual.media.net — Cisco Umbrella Rank: 638
20 KB
5 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 517
fid.agkn.com Failed
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
271 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 1866
21 KB
5 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1448
creativecdn.com — Cisco Umbrella Rank: 484
4 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 995
bcp.crwdcntrl.net — Cisco Umbrella Rank: 871
sync.crwdcntrl.net — Cisco Umbrella Rank: 844
13 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 648
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2137
3 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13828
pixel.onaudience.com — Cisco Umbrella Rank: 3115
2 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22269
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24405
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 216
4 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 485
2 KB
4 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 6106
cs.admanmedia.com — Cisco Umbrella Rank: 1102
1 KB
4 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3425
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3405
552 B
4 gstatic.com
fonts.gstatic.com
63 KB
4 disqus.com
minitool.disqus.com — Cisco Umbrella Rank: 275006
ssp.disqus.com — Cisco Umbrella Rank: 1465
3 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 66
imasdk.googleapis.com — Cisco Umbrella Rank: 486
ajax.googleapis.com — Cisco Umbrella Rank: 398
129 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 601
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 952
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 732
2 KB
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 595
ssbsync.smartadserver.com — Cisco Umbrella Rank: 802
942 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 859
2 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 993
808 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 634
usermatch.krxd.net — Cisco Umbrella Rank: 1574
942 B
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7971
loada.exelator.com — Cisco Umbrella Rank: 26243
2 KB
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3776
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
561 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1215
475 B
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 9034
flint.defybrick.com — Cisco Umbrella Rank: 8055
20 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 797
id5-sync.com — Cisco Umbrella Rank: 429
18 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 103
www.google.com — Cisco Umbrella Rank: 3
2 KB
3 artfut.com
www.artfut.com — Cisco Umbrella Rank: 26481
16 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
224 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1259
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 896
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1040
1 KB
2 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 1573
378 B
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1287
384 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1107
60 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1671
677 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1006
930 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 556
572 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4272
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 870
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 2005
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5220
562 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 402
279 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 38758
731 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1588
1 KB
2 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 3780
405 B
2 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 9550
log.outbrainimg.com — Cisco Umbrella Rank: 2488
833 B
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1552
360 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8155
www.google.de — Cisco Umbrella Rank: 5230
939 B
2 linkconnector.com
www.linkconnector.com — Cisco Umbrella Rank: 43073
3 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1411
63 KB
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3956
400 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4045
463 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1209
527 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6807
1 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 2537
452 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 8504
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 718
277 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 382
647 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5003
238 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2357
555 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2588
308 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 17896
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5932
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5538
369 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3102
643 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1442
283 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 773
587 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9491
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 583
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1995
375 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1148
213 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19360
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 102929
659 B
1 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1616
67 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10493
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 650
166 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1079
7 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1445
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 569
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1496
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 367
878 B
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 3684
11 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
584 119
Domain Requested by
51 pagead2.googlesyndication.com bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
www.minitool.com
securepubads.g.doubleclick.net
30 cm.g.doubleclick.net 22 redirects googleads.g.doubleclick.net
spl.zeotap.com
rtb.gumgum.com
eus.rubiconproject.com
27 usersync.gumgum.com 2 redirects rtb.gumgum.com
ads.pubmatic.com
24 s0.2mdn.net www.minitool.com
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
s0.2mdn.net
23 dt.adsafeprotected.com bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
www.minitool.com
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
www.minitool.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
20 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
16 ib.adnxs.com 12 redirects googleads.g.doubleclick.net
spl.zeotap.com
15 mwzeom.zeotap.com spl.zeotap.com
rtb.gumgum.com
15 cdn.pixfuture.com www.minitool.com
cdn.pixfuture.com
static.cloudflareinsights.com
14 simage2.pubmatic.com ads.pubmatic.com
rtb.gumgum.com
14 x.bidswitch.net 12 redirects rtb.gumgum.com
12 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
rtb.gumgum.com
cdn.pixfuture.com
www.minitool.com
12 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
9 ads.pubmatic.com ads.us.e-planning.net
ads.pubmatic.com
rtb.gumgum.com
cdn.pixfuture.com
s.adtelligent.com
9 match.adsrvr.org cdn.pixfuture.com
spl.zeotap.com
ssum.casalemedia.com
ads.pubmatic.com
rtb.gumgum.com
eus.rubiconproject.com
9 www.minitool.com www.minitool.com
8 image2.pubmatic.com ads.pubmatic.com
8 aax-eu.amazon-adsystem.com 4 redirects spl.zeotap.com
ads.pubmatic.com
eus.rubiconproject.com
8 sync-tm.everesttech.net 5 redirects spl.zeotap.com
ads.pubmatic.com
rtb.gumgum.com
8 embed.tawk.to www.minitool.com
embed.tawk.to
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.minitool.com
8 googleads.g.doubleclick.net bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.minitool.com
8 served-by.pixfuture.com cdn.pixfuture.com
7 sync.adtelligent.com cdn.pixfuture.com
ads.us.e-planning.net
s.adtelligent.com
s.console.adtarget.com.tr
ads.pubmatic.com
7 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
7 image6.pubmatic.com 2 redirects spl.zeotap.com
ads.pubmatic.com
7 prebidserver.pixfuture.com cdn.pixfuture.com
ads.us.e-planning.net
7 widget.trustpilot.com www.minitool.com
widget.trustpilot.com
6 sync.outbrain.com 4 redirects rtb.gumgum.com
6 match.prod.bidr.io 5 redirects ssum.casalemedia.com
6 sync.go.sonobi.com ads.us.e-planning.net
6 static.adsafeprotected.com bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
www.minitool.com
6 fw.adsafeprotected.com 3 redirects googleads.g.doubleclick.net
www.minitool.com
6 securepubads.g.doubleclick.net www.minitool.com
securepubads.g.doubleclick.net
www.googletagservices.com
5 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
5 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
rtb.gumgum.com
ssum.casalemedia.com
5 bh.contextweb.com 4 redirects
5 sync.mathtag.com 5 redirects
5 s.amazon-adsystem.com 3 redirects ssum.casalemedia.com
eus.rubiconproject.com
5 onetag-sys.com 1 redirects ads.us.e-planning.net
cdn.pixfuture.com
s.adtelligent.com
5 mcdp-nydc1.outbrain.com widgets.outbrain.com
5 aa.agkn.com 1 redirects cdn.pixfuture.com
5 www.googletagservices.com securepubads.g.doubleclick.net
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
s0.2mdn.net
4 cm.adform.net 3 redirects googleads.g.doubleclick.net
4 token.rubiconproject.com 4 redirects
4 creativecdn.com 4 redirects
4 ad.360yield.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 secure.adnxs.com 4 redirects
4 dpm.demdex.net 3 redirects ssum.casalemedia.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
4 secure-assets.rubiconproject.com 4 redirects
4 gum.criteo.com 1 redirects static.criteo.net
cdn.pixfuture.com
4 bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 widgets.outbrain.com www.minitool.com
widgets.outbrain.com
3 sync.1rx.io 3 redirects
3 ade.googlesyndication.com
3 ad.turn.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 p.rfihub.com 3 redirects
3 csync.loopme.me 3 redirects
3 ssum-sec.casalemedia.com ssum.casalemedia.com
rtb.gumgum.com
3 ups.analytics.yahoo.com 2 redirects spl.zeotap.com
3 idsync.frontend.weborama.fr 2 redirects ads.pubmatic.com
3 ads.us.e-planning.net 1 redirects cdn.pixfuture.com
3 va.tawk.to embed.tawk.to
3 btlr.sharethrough.com cdn.pixfuture.com
3 prebid.media.net cdn.pixfuture.com
3 hbopenbid.pubmatic.com cdn.pixfuture.com
3 fastlane.rubiconproject.com cdn.pixfuture.com
3 prebid-server.rubiconproject.com cdn.pixfuture.com
3 pixfuture2-d.openx.net cdn.pixfuture.com
3 web.hb.ad.cpe.dotomi.com cdn.pixfuture.com
3 apex.go.sonobi.com cdn.pixfuture.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.artfut.com www.minitool.com
www.artfut.com
3 www.googletagmanager.com www.minitool.com
www.googletagmanager.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects rtb.gumgum.com
2 simage4.pubmatic.com ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 contextual.media.net cdn.pixfuture.com
2 u.openx.net cdn.pixfuture.com
2 signal-segments.s-onetag.com get.s-onetag.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 cs.admanmedia.com rtb.gumgum.com
2 tg.socdm.com 2 redirects
2 cs.iqzone.com rtb.gumgum.com
2 sync.adkernel.com rtb.gumgum.com
2 sync.e-planning.net rtb.gumgum.com
2 ssbsync.smartadserver.com rtb.gumgum.com
2 match.deepintent.com rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 us-u.openx.net rtb.gumgum.com
2 b1sync.zemanta.com 2 redirects
2 ads.avct.cloud 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 eb2.3lift.com ads.us.e-planning.net
2 rtb.gumgum.com ads.us.e-planning.net
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 dsp.adfarm1.adition.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 i.e-planning.net ads.us.e-planning.net
2 ssum.casalemedia.com ads.us.e-planning.net
2 cookies.nextmillmedia.com 2 redirects
2 rtb.openx.net ads.us.e-planning.net
2 ssp.disqus.com 2 redirects
2 s.e-planning.net ads.us.e-planning.net
2 sync.admanmedia.com 2 redirects
2 pixel.sitescout.com ads.us.e-planning.net
2 flint.defybrick.com rock.defybrick.com
www.minitool.com
2 www.google.com www.minitool.com
tpc.googlesyndication.com
2 region1.google-analytics.com www.googletagmanager.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 id5-sync.com cdn.id5-sync.com
cdn.pixfuture.com
2 oajs.openx.net 1 redirects www.minitool.com
2 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
2 www.linkconnector.com www.minitool.com
www.linkconnector.com
2 minitool.disqus.com www.minitool.com
minitool.disqus.com
2 fonts.googleapis.com www.minitool.com
cdn.pixfuture.com
1 code.createjs.com s0.2mdn.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 beacon-ams3.rubiconproject.com www.minitool.com
1 ads.playground.xyz 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 ghb2.adtelligent.com cdn.pixfuture.com
1 sync.spotim.market s.adtelligent.com
1 s.adtelligent.com cdn.pixfuture.com
1 s.console.adtarget.com.tr cdn.pixfuture.com
1 ic.tynt.com cdn.pixfuture.com
1 ap.lijit.com
1 ghb1.adtelligent.com cdn.pixfuture.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 get.s-onetag.com cdn.pixfuture.com
1 u.ipw.metadsp.co.uk 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 cr.frontend.weborama.fr 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 ad4m.at ssum.casalemedia.com
1 dsum.casalemedia.com ssum.casalemedia.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 sync.tidaltv.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 ghb.adtelligent.com cdn.pixfuture.com
1 ajax.googleapis.com s0.2mdn.net
1 rock.defybrick.com widgets.outbrain.com
1 static.cloudflareinsights.com cdn.pixfuture.com
1 imasdk.googleapis.com cdn.pixfuture.com
1 www.google.de www.minitool.com
1 log.outbrainimg.com widgets.outbrain.com
1 stats.g.doubleclick.net www.google-analytics.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mv.outbrain.com widgets.outbrain.com
1 mug.criteo.com www.minitool.com
1 widget-pixels.outbrain.com www.minitool.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.dwin1.com www.minitool.com
0 api.rlcdn.com Failed cdn.pixfuture.com
0 fid.agkn.com Failed cdn.pixfuture.com
584 203
Subject Issuer Validity Valid
*.minitool.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-06 -
2023-11-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-17 -
2024-04-16		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.trustpilot.com
Amazon RSA 2048 M02		 2023-02-02 -
2024-03-02		 a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
*.dwin1.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-12-01		 9 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-01 -
2023-12-03		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
rock.defybrick.com
Amazon RSA 2048 M01		 2023-04-09 -
2024-05-08		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-26 -
2023-07-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-06-01 -
2023-08-30		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.e-planning.net
R3		 2023-05-06 -
2023-08-04		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-19 -
2023-06-19		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-04-24 -
2023-07-23		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-06-04 -
2023-09-02		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-05-24 -
2023-08-22		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-05-27 -
2023-08-25		 3 months crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-05-24 -
2023-08-22		 3 months crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-05-22 -
2023-08-20		 3 months crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-06-04 -
2023-09-02		 3 months crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh

This page contains 125 frames:

Primary Page: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Frame ID: 518330C7625FD521BC7C6FA3202B801A
Requests: 166 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
Frame ID: 5CAEC8F559713195560051F9CB5C9F01
Requests: 2 HTTP requests in this frame

Frame: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 71AB28F8BBCA1470387BC9F3CFA78561
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.minitool.com
Frame ID: 5B3CE985F0DFED5C1014401CB6A228DC
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 76B22FA82C9C7FC12868D8B9FF56B779
Requests: 1 HTTP requests in this frame

Frame: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C288DAE25D90FB415C03A9F68BD18D59
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrFnQYI4yYAJDRI1YFyPf1h5NzSLJbzESbu2n12l9OM1gsR0mWlqgyQizA6A1ZZHDEkJPZlHDEc45Ipcn-1ZSCeiOcJ2OzuJ11YiodnyIKn10QMKu4t3CKB-QTaWkTFjPt5JvxE4_ZocxAz4wKCWKUdre60AftnY8T-xhchRJBOf6MleqE23oi6ORM6HrtTtefdF8gP9Mv9qz_DdgyCVCFjlqd6D3luFftnMpE8VqKBy3ypm0x_LkrvhY9vyYGPOJXlP7vRMPX_xmm8KWPs_IZmWiRBheyp-7PG08vvCX1qFCf2pTRLBJMPQj3KSBf2OR7q7WkY0nRue6ssGnm8Ar9gQUq&sai=AMfl-YSUgryktwWPORR8O7hVAXAE4LTNaworC1pUNO1cZ126lt_QzlBrcTSnlWam3aP33Vb76Z-snMr2JK_gNHmyl2BAnWmJTeu54pN63196nAUoRRaQuPja46GgsbNbRLBns1NpBe93vyN5MYLKXH6W&sig=Cg0ArKJSzCJZ407hr3WOEAE&uach_m=[UACH]&adurl=
Frame ID: 4A3D2CB5F8790C9B1C403183413F2670
Requests: 8 HTTP requests in this frame

Frame: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F36C16D23963BB1DA0D466ED6D1F050E
Requests: 31 HTTP requests in this frame

Frame: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D29F1350171A52D470D94E8224B04F70
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVjYLILg3ZJU-4w2oyFI-IcJByiMvcnfIYwVrfBQjBZB-HS4cYD1YkfryAK2TtjVEeMPthvmw7u9DUBc5F6u_SG4hvbMT7M_ATqtleAhGJQvVcoXP2rrk_meBRewCReWUZnmLPI3227gm7fDMg5iNjCYpKebYXO-bQh1f3lt2j8DW4Aubc
Frame ID: 03F1807A5C5AFFD6B13CA4471E0ED260
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNVp5JRtrhiIsC7oYxeWQEgYfild4Gu78mFkXEf3-xe71yhyWtIM9Y0-iinwrO0k_r8ioh45sX-B4CcuubOE889S0MtbsoWLQI_iJWTBguNMaj1QJ5KIYSk668Wx9JesL2PO3ElT9MhgAZINyBDNS6FH0G6Msqn2vhaTnT-b3MD5c1YsMRI
Frame ID: 6D42D9C5D9599F7D7452532273DC2017
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLunhd0BMAE&v=APEucNV9kNS3NBshVHXVus5FbU5dg_X5ksltO6oltPjXuOScOY0IFZG_0REqzXdAB3sX_pxGYfEyebOaMLXk8WyGB1tkPaox0PP5m1gBPoBDp4ZUBMiFyyDUtXFuIFhEKr9Se9mugpPynl13PhXzVweIpGMqQHsN5YPp0IpgHhEazx8uYX2Fpaw
Frame ID: 3DA7B0A0E442B3401DF830A0530F700B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: A668799ED7BDB3B5A0B7B2A8BE9CB622
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
Frame ID: 029ED82E7663A9D8E2EAEE19246E5EBB
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 22F885C298F5E283240243508BACEFBE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6E5569ACDA3FD6C35D67DC60FF1FCFC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DB0EB14833C4F63D94AF3730FDDD418E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9191181530477769020/index.html
Frame ID: 5C7431F2F6014DE7090362D1E7E61428
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E93F17CA3316C40561FD62A3E51ABB1C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B33ADFC7035DBBE7371BE236B61619B3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Frame ID: DA9F7BA96BDFEED85D761A85870A6BF3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E7019A9256ABE2AEFE584A782BDF9F87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4FD743F39E91C1ECC8396ED69B27F058
Requests: 2 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
Frame ID: 381CBA6DEBDA72A01D50388E2947C494
Requests: 4 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: 818C55873C58388D7D15B64B88D25115
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: A46B73964337038442BC22717FFDED2A
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: FF5F4F705CD15FE44B33067758E72A72
Requests: 11 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Frame ID: D86CB4D631A24FFC82AF627B9376D755
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: D8245AB82317BD57FDA3E3A9A7DCA7C1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 627AF35C9581ACE3C33C44CD8AF56AD1
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 6F79615F62D3926172446157E870301F
Requests: 33 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Frame ID: E43DF04D268C469E5C7AC851AAB16F8B
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 18640920045F4DBE4E8D2D9A131FCA4D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Frame ID: C321623D05094A873F02D25FE6E0E9BA
Requests: 19 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AE-6BVEg%2fYH6CFbO
Frame ID: DAC9905754AF1FB24A9E043DF8CD6E51
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0f53647f-78a9-4f00-aa63-6b113f87aaed&gdpr=0&gdpr_consent=
Frame ID: 2EA139E93401E3E55F4487C43476B90D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3372652571521370752
Frame ID: 347578C5AEF061D1C773B74A0846641F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 30712708C258E9DC9918BEAA0E886498
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828226987759
Frame ID: 9FB9086993950920F4542F904FF4D63B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 7E44F185DC7CF12F7403C7019529EAED
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ayzOa2ogmDRwfZw1ayjUaDkhnDtwe81paS37EZpw
Frame ID: F928F1B8404C59174E3F69DAA29F9479
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081950935233263137&gdpr=0&gdpr_consent=
Frame ID: 5E223385889B857D1B87BB566C5D2EDA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241639393108555921&gdpr=0&gdpr_consent=
Frame ID: 5147ED1BE1AD2211FDABE843AC598F97
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABvYU7I_vEAACJXLuhy5w&gdpr=0&gdpr_consent=
Frame ID: 8F6F90B84BFED762F718877787DA89C8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZH94qgACl4XR6wBR
Frame ID: C7634AA5F5AA05CA496AD1C4FE38C6FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D3GEDFRxXaFfOglBLK1ZkVD_Cs0&gdpr=0&gdpr_consent=
Frame ID: 423EFF2FBD5B4E0A7ACF55B83537E735
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 936AE4448CCA944E0467787766702A81
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1puxks5jee0l
Frame ID: 22C530CEB5062774B78FC562309C9AA1
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D94E1B0A04E0605E7492B38F00B1C3B1
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 4C235965ECF9C17C392F3CCA7D1824B8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXUMWnQTSgnhXXnQh&gdpr=0&gdpr_consent=
Frame ID: CB0CF040768F5B904D567683E1AD8D33
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
Frame ID: CC331271EC940CC9749295639F156703
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2D512FB34C98F3646B9CCF41952D27AC
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=c873439cfa8a0b72&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Frame ID: 6F47F164AA653AF645792AA9037869BB
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: B916C5CF1F6B6C6676516C5D6368DC3B
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: 0DEB237F32C2D5BF6B6FFA3D915F4A14
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: D08CF9916342A9EE2BE0B2A2220B4BE6
Requests: 7 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 5E8ED669649506DE6511F2EC3FFFD96A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
Frame ID: 1C5CFE48162597FCF60371CEA75DF77B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZH94qgAP0z2gkABa
Frame ID: 4326A561F14C49CE936D5836160FA418
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82OGMxN2UyOS03NTBkLTQ3MWMtYjBlNS1kOGJhMWZmMDgwZWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: D8AB0ABA7AF678F1A8DD9670EF211AB4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZH94qsCo8YUAAL1sksUAAAAA
Frame ID: 997778E0ECDD501151E6D3134D5B1876
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: FF59008EA030F4F75B1028D0C155858D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 0A4B9B68D53012FA36B15FC224D88FD6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum&tc=1
Frame ID: 7C0C9F0BF1362D69DD0B5681AF6A5A61
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: BE44478478F4539587B62E55A6925FC1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 3934A5C83E78E2B98B6C150C459862B6
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: EEF3A40C7EC773D52D675C22A50FF3ED
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: FF2BBE92DED57749145D3216D8FF001D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8A1941DD7C83971FB3D12943C161487C
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 356A1872FC00BDCBB26342F6BA40DEDA
Requests: 9 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7081950935233263137
Frame ID: C86AAE87E5E6C1CEFE7797465255B0E2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: D31A51C71051C65315CA8E7589207C48
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2556422807963527101&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: AAF79CF82C89F05C898848024A43EFEB
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743295&extuid=${UID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: D59A4A093E2048C74BDF0B496AADF216
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 208F81008B6252C39682764FBD8BEAB0
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: FF05B676C4EB5D87F140A0C0823E3777
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: BE463EF48FA982235ED253764DAEC5C3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4E080621283D65BF05DDEBB44E1731A9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B7F69BF79721B037C1FB51887D9F4885
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 146DC8D62A0FA48FFD0673CC65274E6C
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: C1D7090BB01AE76D17165F6D1BFF8E90
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 1B997F0BEF15F4330A967DB01B2911DC
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Frame ID: 667FE3074D6F29A6264CAF910AF3B982
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: BB61ECC537A6268B9959C7BE843A56AD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: D5F3AF4F66F0C17089781696FE2F113A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 2B18AF2869F05FFAA4988DAC16067688
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Frame ID: 140651BD039C82C5C606A9EEFAA895CC
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: D6729A92FFE35D599AB7A03620B90B8C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D3436542dc08617db%26uid%3D
Frame ID: C0321B448FAA0F4D210F295B8E11FDCC
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AE-6BVEg%2fYH6CFbO
Frame ID: 19FE696DBC6FA9A56A7816A50640330E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 0EA69F0E3C34E0E79583D5AE4D073C96
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: D0C05DFD193A035BB50F2395D78D8A01
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7081950935233263137&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: ED18507C54FF630D0806901E13221D50
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=xQLsnIjCKJftNpspaiXm&pi=admatic
Frame ID: 7DB62450BD970249E0C5499CC043ABC9
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2556422807963527101
Frame ID: 29081F3CDCAF072427F2DEC74A7D30D0
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=143c3ee1-0d02-4cb8-847e-01e80745e860&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: EBABB5542B3D1D32ADDE32F36B947A60
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=2556422807963527101
Frame ID: 2E25C082AA84945B8293E7DAA3BFAF9D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 31A348FD805894D0C83B17F135CC8394
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: C21BD3CFCCBC345C9D952F356BA63AB2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 9A1BBD167ABB6734EA14AFB042387A98
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 7F2F4D89A05F4F6E0C2A37FEAC34AB3B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
Frame ID: B39262DC11513B140FA17CCEA47366CF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZH94qgACl4XR6wBR&gdpr=&gdpr_consent=
Frame ID: 48EA0C7E79542061D1750A3B36418072
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82OGMxN2UyOS03NTBkLTQ3MWMtYjBlNS1kOGJhMWZmMDgwZWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: D675D53C112A36CE65F846ED313ED9D6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZH94q8Co8YUAAL1skzEAAAAA
Frame ID: 7B7D29920F43EAFD9E7497518E606176
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 7664AEC84AFAA5FE49C60684F55040E1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: D023D76D08468F9D6023070E526D432E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum
Frame ID: 5BFD7B342E9479FDD3C77BA4F86A8407
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 05776FC7CA371BC637FAE57EA12D4742
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
Frame ID: C074BFEFC2C26C0379C6F4BF3064DBA0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 01B0D29B8B43FAC0D298364AD96D516D
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 5C4050963F4144CBC6C5A22E8A26284D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003
Frame ID: B8B48933D9054C52760B1214A189CF0F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78AF8DD4D24C413680E21FE54DD39F08&gdpr=0&gdpr_consent=
Frame ID: 3618EA9F59E33FF6FB9EF72295A52867
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Frame ID: 07AFE6DF62C750EF0ECD6467731A178A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNV0F2XlLhsr9ziKDIEQEiez6nS8CkRWGEKhN8L8oCJx7611q7qLJflrxH7PsEz1_khFPgzmqMxa5B7WTPNEaquVTg7Os_P5tUd4t1mld8su67Daqsb3JCMJ_EIzlfHUhT2bRp9PqzxlLdaFKL2sN24o7sR2tYv3JZKFGmjtI0oWzRyuwQE
Frame ID: 3B88DFA656E807D05D426D72367594F7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 39961EB0EF12D6C9432A9A0584258064
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 37D60B0A5CE2D29819A5BB713C88752E
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
Frame ID: 5A292C8C13476466DFC6B4C08B3853F6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0ACBCA605CD68252D956E3E6B906A916
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4D82B248B6E1CF181AEF91B45592446B
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=3436542dc08617db&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Frame ID: A71A43BFD222DBCF220828EAF221E640
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Frame ID: 2DB74FF57F7771009724D0A551AEC9C7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Frame ID: 1B46C682C5453AED335B815C08086A97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

How to Check the Windows Registry for Malware and Remove it?

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

584
Requests

82 %
HTTPS

28 %
IPv6

119
Domains

203
Subdomains

136
IPs

14
Countries

4364 kB
Transfer

10314 kB
Size

159
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&rid=esp&cc=1
Request Chain 56
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=minitool.com&sn=ChromeSyncframe&so=0&topUrl=www.minitool.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Wem0y3xjTTFtS0JZZDB4aVFYd01XSnE0Q1EzdUhzY0VZd1M4WnJMek5PbUx6SndoWTN5bUtPbURBNHQ5MnpEY3BVWVZTTXk4bXNiazM0dnVsVTRKckZBS1dnc0dWMU9VWWJZR1QvOVpBV0g5Nk1rc3ByNTZIeUl5QzQvZGljWGZDU09ocHRmb2lVeUNWdHBwVmN2MWo1QjVvK1U1KzJxR3d4MFI3ZzMvZk52SHI5ZlFBNlRTWldCZWZWUTJIWTFDbDF3UXJ2aU54aU1iWlVRVXMwTytkVjdmdXBMMk5sOXVBZnA4czVGSWdqbmMzM2llbnA4KzV6WkZOdXorZlZCZUVIL3Z4WFhLWDlUdjRNZm80ZW8wVTM2d3FZdz09fA&cppv=2
Request Chain 96
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Request Chain 97
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH94o2wrGx9DZKclpu7LNwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
Request Chain 99
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
Request Chain 100
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Request Chain 101
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH94o2wrGx9DZKclpu7LNwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
Request Chain 103
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
Request Chain 104
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Request Chain 105
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH94o2wrGx9DZKclpu7LNwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Request Chain 106
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
Request Chain 107
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
Request Chain 178
  • https://fw.adsafeprotected.com/rfw/st/1302878/68126404/4.js?ias_dspID=3&ias_campId=1010093102&ias_pubId=pub-8017808889715710&ias_chanId=1&ias_placementId=19421203336&bidurl=https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h43M6r50GA0qeExdR8HjTL&adContainerId=gcc_o3h_ZNjMLeCPjuwPk62S8AQ&cbFunctionName=goog_wrapCb_o3h_ZNjMLeCPjuwPk62S8AQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.minitool.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.minitool.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fbd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:96a0233b-2c75-6e03-b750-05f65aa930a4,c:eMCKIq,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-597464b965-lrrr9,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C171%7C1721%7C173%7C18*.1302878-68126404%7C181%7C1821%7C19,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:19,oid:a5528cc8-0496-11ee-bf7f-be470805f42f,v:19.8.416,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 182
  • https://fw.adsafeprotected.com/rfw/st/1475223/71249284/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-8017808889715710&ias_chanId=1&ias_placementId=20111329642&bidurl=https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i_rSfLJMZM8PuvVFuKgmZR&adContainerId=brand_safety_o3h_ZJTvLdaSjuwPucOxqAU&cbFunctionName=goog_wrapCb_o3h_ZJTvLdaSjuwPucOxqAU&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.minitool.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.minitool.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fbd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e61ed528-ba50-d6b0-334f-5f95a38204a0,c:eMCKIZ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-597464b965-snb8x,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tGqtdIb+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17*.1475223-71249284%7C171%7C1721%7C173%7C181%7C1821%7C183%7C19,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:15,oid:a5528c60-0496-11ee-a899-56e47eda3adc,v:19.8.416,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 252
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Request Chain 260
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Request Chain 263
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Dc873439cfa8a0b72%26uid%3D%5BUID%5D HTTP 302
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=c873439cfa8a0b72&uid=90ed9ff3-14d1-4244-acef-26223b453a6f
Request Chain 265
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc873439cfa8a0b72%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=c873439cfa8a0b72&uid=7081950935233263137
Request Chain 266
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dc873439cfa8a0b72%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=c873439cfa8a0b72&uid=ua-731bb5b0-ce77-3b68-bb54-6d8159e958d3
Request Chain 269
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3Dc873439cfa8a0b72 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c873439cfa8a0b72
Request Chain 270
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 278
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5ea144a6-d5c4-44ed-a341-bb599495d9b7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Request Chain 285
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a7b7b304-8b60-40d3-7492-3944620c0ed2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a7b7b304-8b60-40d3-7492-3944620c0ed2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=59036700125370289730573378542898266694&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Request Chain 287
  • https://bn01.er.bemail.it/zeotap.php?_bid=a7b7b304-8b60-40d3-7492-3944620c0ed2&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023060620-99927-0.816453001686075561-90f772e525c33ba5bdffe39d091a3671&zdid=533&env=mWeb
Request Chain 288
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7241639393108555921&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Request Chain 289
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a7b7b304-8b60-40d3-7492-3944620c0ed2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a7b7b304-8b60-40d3-7492-3944620c0ed2
Request Chain 290
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a7b7b304-8b60-40d3-7492-3944620c0ed2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a7b7b304-8b60-40d3-7492-3944620c0ed2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361&bounce=1&random=3422758759 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=HF1GOIwZlxmvBO/3xGEbau&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Request Chain 292
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a7b7b304-8b60-40d3-7492-3944620c0ed2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Request Chain 293
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
Request Chain 294
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=IJCWLtvYHBEq2K6F92l4WpVNAgiXtuo9%2BS41iYitP1U%3D
Request Chain 298
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361&_test=ZH94qgAPwpd7ywAp
Request Chain 299
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4d39647f-78a9-4e00-9b2f-b4c7572445c0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Request Chain 300
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Request Chain 301
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7b7b304-8b60-40d3-7492-3944620c0ed2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7b7b304-8b60-40d3-7492-3944620c0ed2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361&dcc=t
Request Chain 303
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361&puid=a913b2b0-0496-11ee-83b7-23cb6a422402
Request Chain 304
  • https://pixel.rubiconproject.com/token?pid=41544&puid=a7b7b304-8b60-40d3-7492-3944620c0ed2&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LIKLUTNU-T-3VK9&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 305
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=a7b7b304-8b60-40d3-7492-3944620c0ed2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=a7b7b304-8b60-40d3-7492-3944620c0ed2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Request Chain 309
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAQTJVV7iZWJOAFbSrJ5KK8&google_cver=1
Request Chain 311
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7081950935233263137
Request Chain 312
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZH94o2wrGx9DZKclpu7LNwAA%261178?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZH94o2wrGx9DZKclpu7LNwAA%261178
Request Chain 313
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7081950935233263137
Request Chain 314
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=08b34c65-9369-467f-b260-f661bec49816&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 325
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0f53647f-78a9-4f00-aa63-6b113f87aaed&gdpr=0&gdpr_consent=
Request Chain 326
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3372652571521370752
Request Chain 327
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 328
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828226987759
Request Chain 329
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 330
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ayzOa2ogmDRwfZw1ayjUaDkhnDtwe81paS37EZpw
Request Chain 331
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081950935233263137&gdpr=0&gdpr_consent=
Request Chain 332
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241639393108555921&gdpr=0&gdpr_consent=
Request Chain 333
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdllVN0lfdkVBQUNKWEx1aHk1dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABvYU7I_vEAACJXLuhy5w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABvYU7I_vEAACJXLuhy5w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABvYU7I_vEAACJXLuhy5w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2590308365955943298&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABvYU7I_vEAACJXLuhy5w&gdpr=0&gdpr_consent=
Request Chain 334
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZH94qgACl4XR6wBR
Request Chain 335
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D3GEDFRxXaFfOglBLK1ZkVD_Cs0&gdpr=0&gdpr_consent=
Request Chain 337
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1puxks5jee0l
Request Chain 340
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=26f4ed78aeb22edb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DGp1rLOrtXUMWnQTSgnhXXnQh%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DGp1rLOrtXUMWnQTSgnhXXnQh%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXUMWnQTSgnhXXnQh&gdpr=0&gdpr_consent=
Request Chain 341
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
Request Chain 342
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MfNbDo5US2OgavLFhWvunw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 346
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Request Chain 347
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZW0yTEdZd1VuYm1SOVNabGU1THZlYUNZdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2556422807963527101&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzFGMzVCMEUtOEU1NC00QjYzLUEwNkEtRjJDNTg1NkJFRTlG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJq5SBg9UI9JUOaWmAwXIZ4&google_cver=1
Request Chain 351
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2556422807963527101
Request Chain 353
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lVsoKtBE2uX055BFbHqIKLhxxdoa9e0-~A&gdpr=0
Request Chain 355
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=7a86a7b6-84fd-449e-bc27-087750661b82&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 358
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3845378058995340535&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 359
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:85df1338-e83e-4a18-9e51-0c419766503f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 360
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7081950935233263137
Request Chain 361
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
Request Chain 362
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0f71840c-5471-5da1-5f3a-09412cad5991$ip$80.255.10.205
Request Chain 363
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 364
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=8u7ueEZeQ34y&ev=1&pid=558355
Request Chain 365
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&obuid=ENC(BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 368
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=a48a0a6e-c06a-4b72-8b5f-8e3e0837e31b
Request Chain 369
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 371
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=143c3ee1-0d02-4cb8-847e-01e80745e860
Request Chain 378
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
Request Chain 379
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZH94qgAP0z2gkABa
Request Chain 381
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZH94qsCo8YUAAL1sksUAAAAA
Request Chain 386
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum&tc=1
Request Chain 387
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 388
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIKLUTNU-T-3VK9
Request Chain 389
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5m8l_g2hRki-iEYe2-Y3nQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5m8l_g2hRki-iEYe2-Y3nQ
Request Chain 390
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/w8IE6bof6VbC1UBrbmHGRg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-yJdxKK1E2oKFDYMm1_bzlNsG7iLM0aVFjlCGNA--~A
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIlm4izX5ia8UfNi4DFHSBM&google_cver=1
Request Chain 392
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA4ZDZiOGU1NGE0MDNkMmU5Y2Q0OWIwZmJmZTM3MDg2ODJmOGY4Mw
Request Chain 394
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElLTFVUTlUtVC0zVks5 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDGWTekSRIHR0HDPee1qTq0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElLTFVUTlUtVC0zVks5&google_push=
Request Chain 395
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9kDH8KrtQUu2nq8NpqKlDw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9kDH8KrtQUu2nq8NpqKlDw
Request Chain 406
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
Request Chain 424
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7081950935233263137
Request Chain 426
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D HTTP 303
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2556422807963527101&gdpr=[replace_me]&gdpr_consent=[replace_me]
Request Chain 435
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=themediagrid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433828226987759&expires=30&ssp=themediagrid
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&google_hm=NmRmYjlhMWMtYWQ3ZC00NjMzLTllOGMtNmQ5YTQ4ODRkMTE4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELnQObOA4vV2uQkYqTqf8XY&google_cver=1&ssp=sonobi&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
Request Chain 438
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=b44a1d23-dd26-4cb5-ae90-c40987326ac3&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=THVYNEdac29mb1FmcktzY2tGeTBYQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMz8XJf6GlLM_Z6Lv_aGrn4&google_cver=1
Request Chain 440
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433828226987759
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YjQ0YTFkMjMtZGQyNi00Y2I1LWFlOTAtYzQwOTg3MzI2YWMz HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESENeZc63NQ-TAP-oxQ2XH3nY&google_cver=1
Request Chain 442
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8560647f-78a9-4600-b129-0daebddfd485
Request Chain 444
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D3436542dc08617db%26uid%3D%5BUID%5D HTTP 302
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=3436542dc08617db&uid=90ed9ff3-14d1-4244-acef-26223b453a6f
Request Chain 446
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D3436542dc08617db%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=3436542dc08617db&uid=7081950935233263137
Request Chain 447
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D3436542dc08617db%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=3436542dc08617db&uid=ua-731bb5b0-ce77-3b68-bb54-6d8159e958d3
Request Chain 450
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D3436542dc08617db HTTP 302
  • https://u-ams03.e-planning.net/um?uid=csuid_05ea6405-e04a-49c6-adb2-3751fccfc44b&dc=b337141cfdc8cf59&fi=3436542dc08617db
Request Chain 452
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 459
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZH94qgACl4XR6wBR
Request Chain 460
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8560647f-78a9-4600-b129-0daebddfd485
Request Chain 461
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=08b34c65-9369-467f-b260-f661bec49816&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 462
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7bJTvbsH1Q6Bh95
Request Chain 463
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3845378058995340535
Request Chain 464
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2556422807963527101&expiration=1687285161
Request Chain 467
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3D2970c64c-cf06-44b8-575d-27f693f08540%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=2970c64c-cf06-44b8-575d-27f693f08540&zdid=1361&puid=a98c1700-0496-11ee-821a-9b29867dbf7b
Request Chain 476
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7081950935233263137&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 478
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7081950935233263137
Request Chain 479
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&us_privacy=
Request Chain 480
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0f71840c-5471-5da1-5f3a-09412cad5991$ip$80.255.10.205
Request Chain 481
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 482
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Jd9232H2nV4s&ev=1&pid=558355
Request Chain 483
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&obuid=ENC(BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 485
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-2JMohW9E2pcXDzdubTRA2bp9P7r8in2LOlRZ~A
Request Chain 486
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=a48a0a6e-c06a-4b72-8b5f-8e3e0837e31b
Request Chain 487
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 489
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=143c3ee1-0d02-4cb8-847e-01e80745e860
Request Chain 492
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=xQLsnIjCKJftNpspaiXm&pi=admatic
Request Chain 493
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2556422807963527101
Request Chain 494
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=143c3ee1-0d02-4cb8-847e-01e80745e860&gdpr=[replace_me]&gdpr_consent=[replace_me]
Request Chain 495
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=2556422807963527101
Request Chain 496
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=10b2990ca19c8ea2
Request Chain 501
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
Request Chain 502
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZH94qgACl4XR6wBR&gdpr=&gdpr_consent=
Request Chain 504
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZH94q8Co8YUAAL1skzEAAAAA
Request Chain 507
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum
Request Chain 508
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 529
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 531
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1686075565060 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8645337645 HTTP 302
  • https://sync.1rx.io/usersync/turn/3845378058995340535?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003
Request Chain 532
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78AF8DD4D24C413680E21FE54DD39F08&gdpr=0&gdpr_consent=
Request Chain 535
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 536
  • https://pixel.onaudience.com/?partner=214&mapped=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bfb2bc610b429b26be3042259db04296&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 537
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7081950935233263137
Request Chain 544
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEMgP2_SaF0sixKcwt8lDDgs&google_cver=1
Request Chain 545
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIFn3u1O9sksBhFbrXenYqY&google_cver=1&adform_v=1
Request Chain 563
  • https://fw.adsafeprotected.com/rfw/st/1475223/71249284/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=23564&ias_chanId=8&ias_placementId=20111331724&bidurl=https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gBeqkz-uLy13RD6xIqX1l6&adContainerId=brand_safety_rXh_ZKmXGoWt9u8P2a2gwA8&cbFunctionName=goog_wrapCb_rXh_ZKmXGoWt9u8P2a2gwA8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwww.minitool.com%2F&adsafe_type=f&adsafe_jsinfo=,id:2d958644-abbc-dc43-d9a3-213c0a357ab3,c:eMCMe2,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-597464b965-hnzgj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tGqtfd2+11%7C12%7C13%7C141%7C1421%7C143%7C15%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1e61%7C1e62%7C1e631%7C1e632%7C1e633%7C1e634%7C1e635%7C1e636%7C1e64%7C1e65%7C1e66%7C1e67%7C1e68%7C1e69%7C1e6a%7C1e6b%7C1e6c%7C1e7%7C1e81%7C1e82%7C1e83%7C1e84%7C1e85%7C1e86%7C1e87%7C1e88%7C1e89%7C1e8a%7C1e8b%7C1e8c%7C1e8d%7C1e8e%7C1e8f%7C1e8g%7C1e8h%7C1e8i%7C1e8j%7C1e9%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j61%7C1j62%7C1j63%7C1j64%7C1j65%7C1j66%7C1j67%7C1j68%7C1j69%7C1j6a%7C1j6b%7C1j6c%7C1j7%7C1j8%7C1j9%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1v*.1475223-71249284%7C1v1%7C1v2%7C1v3%7C1v4,idMap:1v*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:27,oid:aaf9d7ea-0496-11ee-aee7-cecf4a186d74,v:19.8.416,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js

584 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request check-registry-for-malware-and-remove-it.html
www.minitool.com/news/ 		97 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e8619f2e3b9ff54627dd372dcf72535997d521a012f22d1eaef66fd909e8f9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
MISS
cf-ray
7d32a9907f4d9022-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 18:19:14 GMT
expires
Wed, 17 Aug 2005 00:00:00 GMT
last-modified
Tue, 06 Jun 2023 18:19:13 GMT
permissions-policy
join-ad-interest-group=(), run-ad-auction=()
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1;mode=block
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dde53fc96d217470fc220747f3deb58f7078ca339b91f2bdcfd6dc244db34b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 17:14:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Jun 2023 18:19:14 GMT
jquery-3.6.0.min.js
www.minitool.com/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.minitool.com/js/jquery-3.6.0.min.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
content-encoding
br
age
8928
x-xss-protection
1;mode=block
last-modified
Tue, 28 Jun 2022 06:46:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
join-ad-interest-group=(), run-ad-auction=()
cf-ray
7d32a9963e139022-FRA
expires
Wed, 07 Jun 2023 15:50:26 GMT
article.css
www.minitool.com/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.minitool.com/css/article.css?v=20220628144625
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b6e7bda0445481b20c3df30e61c061831f474108f019def255ba7f98ecc59a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
content-encoding
br
age
27449
cf-polished
origSize=28257
x-xss-protection
1;mode=block
cf-bgj
minify
last-modified
Tue, 28 Jun 2022 06:46:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
permissions-policy
join-ad-interest-group=(), run-ad-auction=()
cf-ray
7d32a9963e119022-FRA
expires
Wed, 07 Jun 2023 10:41:45 GMT
main.min.js
www.minitool.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.minitool.com/js/main.min.js?v=20220628144628
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17d11fd86d522fe722b3ba8049f3bcaf42a287036a515d507d62516df47b0b51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
content-encoding
br
age
8928
x-xss-protection
1;mode=block
last-modified
Tue, 28 Jun 2022 06:46:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
join-ad-interest-group=(), run-ad-auction=()
cf-ray
7d32a9968e669022-FRA
expires
Wed, 07 Jun 2023 15:50:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
751560c797fd689664c4cf946c59eb82fb5dc2b99fe33e0a80271b7308f46fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25282
x-xss-protection
0
server
cafe
etag
233 / 19514 / 31075093 / config-hash: 5032195517386799799
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:14 GMT
logo-light.png
www.minitool.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.minitool.com/images/logo-light.png
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219540d334db27bc55469e6d3d1fbf2d16255179cb5f1733e09756eff63796c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
4982
cf-polished
origSize=5354
content-length
3381
x-xss-protection
1;mode=block
cf-bgj
imgq:100,h2pri
last-modified
Tue, 28 Jun 2022 06:46:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
permissions-policy
join-ad-interest-group=(), run-ad-auction=()
accept-ranges
bytes
cf-ray
7d32a9969e7f9022-FRA
expires
Tue, 13 Jun 2023 16:56:12 GMT
gtm.js
www.googletagmanager.com/ 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b455aca16ddae9ab83d1f5c86b5263742b5d788090d5049d598bc726317735f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54232
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Jun 2023 18:19:14 GMT
truncated
/ 		62 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b537a26aa913602cf89943589dab0adce3c6e2f2137d31e28c685c5c043f2886

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
windows-malicious-software-removal-tool-download-run-update-uninstall-thumbnail.png
www.minitool.com/images/uploads/news/2022/06/windows-malicious-software-removal-tool-download-run-update-uninstall/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.minitool.com/images/uploads/news/2022/06/windows-malicious-software-removal-tool-download-run-update-uninstall/windows-malicious-software-removal-tool-download-run-update-uninstall-thumbnail.png
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d48fc4c7dcd58d3c5fcc72e7df0d5325d24ad8652ea05ca5489b5ed33449b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
content-length
50666
x-xss-protection
1;mode=block
last-modified
Mon, 20 Jun 2022 07:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
permissions-policy
join-ad-interest-group=(), run-ad-auction=()
accept-ranges
bytes
cf-ray
7d32a9969e869022-FRA
expires
Tue, 13 Jun 2023 18:19:14 GMT
load-widget.js
cdn.pixfuture.com/cw/ 		53 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cw/load-widget.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f13a8a652585934679b92ef7b5bceaeda7672269c9e8d6155e00d803dc359d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99237
cf-bgj
minify
last-modified
Thu, 23 Feb 2023 17:10:52 GMT
server
cloudflare
etag
W/"63f79e1c-d202"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REeyzYfwpdAi9WwlKp0kchvSftsEL51yohgLwrWCd5Pbycq7UmSZrQalL0Ui1k1tHSgQ5bllr0uKffdIC1EDi%2Bn5NtNRW9%2FyQ6nE%2BXIdqDOD6TtgDuuShCrAuPMeoHnuYivTnZ2ZiWJUSd7xwy6a"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7d32a9970d2b0418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 05 Jun 2023 22:34:01 GMT
outbrain.js
widgets.outbrain.com/ 		227 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d10b1676d0a384d6e9aabe76de94344c3629e3b63a18c6457c4b5f8d6fa7cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2023 14:07:25 GMT
etag
"24-qVM9sQYL0012GXfG/UB+awGaqKQ"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
cd4dde321a7f0a49aca6471b8c454d99
timing-allow-origin
*, *
content-length
83650
access-control-request-headers
X-OB-STG,X-OB-PRD
index.html
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 5CAE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-102.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51662
cache-control
max-age=86400
content-encoding
gzip
content-length
1930
content-type
text/html
date
Tue, 06 Jun 2023 04:13:57 GMT
etag
"1b1a56d9c9fcf8acab07f238231461df"
last-modified
Mon, 08 May 2023 11:42:34 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-cf-id
ToIJnpUZ42Vudvee1S9vnJk8T4z-nm7bshErJ0vXf5RPCs-iCuHWeA==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
other.min.js
www.minitool.com/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.minitool.com/js/other.min.js?v=20230522104633
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dcd752c4d997cffe71ecc77e8526e57628599f62601705b50ce13968a082e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
content-encoding
br
age
21272
x-xss-protection
1;mode=block
last-modified
Mon, 22 May 2023 02:46:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
join-ad-interest-group=(), run-ad-auction=()
cf-ray
7d32a996ae8d9022-FRA
expires
Wed, 07 Jun 2023 12:24:42 GMT
count.js
minitool.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minitool.disqus.com/count.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
53
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 01 Jun 2023 21:21:47 GMT
Server
nginx
ETag
"64790beb-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
gALb33uxuPiRnvBg9yUOwrP1gxCuVvUP20vYGtlQ_Hw1h27I07F6mw==
fontawesome-webfont.woff2
www.minitool.com/fonts/awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.minitool.com/fonts/awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
28449
content-length
77160
x-xss-protection
1;mode=block
last-modified
Mon, 02 Oct 2017 01:49:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=0
permissions-policy
join-ad-interest-group=(), run-ad-auction=()
accept-ranges
bytes
cf-ray
7d32a996ae9a9022-FRA
expires
Tue, 06 Jun 2023 10:25:05 GMT
uts_lp.php
www.linkconnector.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkconnector.com/uts_lp.php?cgid=901602
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/js/other.min.js?v=20230522104633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1627 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cce9f648b76fc254a7cd328ccd8085719c06f7600a5b6d258a2cc2d5b39a052
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.minitool.com
p3p
CP="NOI DSP COR NID CUR OUR NOR"
cache-control
no-cache, must-revalidate
x-server
lcweb1
timing-allow-origin
*
cf-ray
7d32a9973be23a6e-FRA
content-length
2617
19038.js
www.dwin1.com/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/19038.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/js/other.min.js?v=20230522104633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:2400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b04d72546f3d807901ac18982112fcf6c50c115095f76755040cd6be758599a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
zR32WRrkE_nbij0xnr90P7uyNi3RXSM2
content-encoding
gzip
via
1.1 24d97ac79c66f25c7df0732cb86ef322.cloudfront.net (CloudFront)
date
Tue, 06 Jun 2023 18:18:43 GMT
x-amz-cf-pop
MUC50-C1
age
31
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 10:09:50 GMT
server
AmazonS3
etag
W/"9575e6eeef2b4a42e72a0401cbc03c24"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
aTnNIVNRfA3YQv_eaWo2YOIhUXqoCOGlAN8hbhEOJZhC5D6uKjJrpQ==
tagtag.min.js
www.artfut.com/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tagtag.min.js?campaign_code=ed6bb38d20
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/js/other.min.js?v=20230522104633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44429f4e11a62335ca76e2dd9790dd80b005565fe962305a490fa3354abfee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3355
x-guploader-uploadid
ADPycdvpwAAg7Ug-T84OmY-307MmGp4ZlsZ5z7wCojesihajC8vrADOXd-1L7GTwc7h4yfH-JULPR6WRfW6IhZaP-QSLp5f_C3qB
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 04 May 2023 10:46:22 GMT
server
cloudflare
etag
W/"4812f8fd83d5cf6651f0b28f549ae045"
vary
Accept-Encoding
x-goog-hash
crc32c=rtpocA==, md5=SBL4/YPVz2ZR8LKPVJrgRQ==
x-goog-generation
1683197182623592
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JScK6t31gqSl398p4f%2BidZaCfLb2msxD9cVehOISCWWKYKLJJ6d%2Fr5zeYnw5Xp4f7MgdHoeBXmZfPIz6c4Jt%2FbdOLtov0y19nHI1RBWMsS3PJhQbeBIu220mdLyqgGvCSk7UxZkNNz8gEw8e"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=3600
x-goog-stored-content-length
3293
cf-ray
7d32a9972e3e1c44-FRA
expires
Tue, 06 Jun 2023 17:36:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options
nosniff
age
312527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 03:30:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 17:04:15 GMT
x-content-type-options
nosniff
age
263699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 17:04:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 19:08:02 GMT
x-content-type-options
nosniff
age
256272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 19:08:02 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 15:24:53 GMT
x-content-type-options
nosniff
age
269661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 15:24:53 GMT
google_logo_color.png
www.minitool.com/images/icon/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.minitool.com/images/icon/google_logo_color.png
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd4d9d732e7a4af52746ebabe6bb16941ee71ae3e919131af700cf4e1228a16a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
15539
cf-polished
status=not_needed
content-length
3831
x-xss-protection
1;mode=block
cf-bgj
imgq:100,h2pri
last-modified
Thu, 26 Sep 2019 01:45:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
permissions-policy
join-ad-interest-group=(), run-ad-auction=()
accept-ranges
bytes
cf-ray
7d32a9971f1b9022-FRA
expires
Tue, 13 Jun 2023 14:00:15 GMT
main.js
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 5CAE 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-102.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 12:06:27 GMT
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
22368
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15571
x-xss-protection
1; mode=block
last-modified
Mon, 08 May 2023 11:42:56 GMT
server
AmazonS3
etag
"f90daf8c8f47c6afab7d4e27466118b5"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
XZktgD__BPJ09RknnU6fOanp1i3n_A9qosB4wXTSfV69hAWXFCacsw==
gcws.php
served-by.pixfuture.com/www/delivery/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/gcws.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6171075e28005b5d5a436bfd400173be9cbb3c1ccdcb03853edf9282122b440f

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:14 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
transfer-encoding
chunked
content-type
application/json
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/ 		403 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f90e86e415fef9aea8d31405a00fde59f92c5968762d3f9fa78a2c386a32ff09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:41:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
27466
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126880
x-xss-protection
0
server
cafe
etag
5275185617162098568
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 05 Jun 2024 10:41:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		875 B
952 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.minitool.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8458fe11752d5d38331b7a5a2c7405d4b7576be553c29b925c6db3518e6599b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
409
x-xss-protection
0
expires
Tue, 06 Jun 2023 18:19:14 GMT
tracking.min.js
www.artfut.com/static/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tracking.min.js?campaign_code=ed6bb38d20
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=ed6bb38d20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847dcc41fed1022fe1e414c509c9580c3232c30ea0b68e7ed5a56cb0c06c064d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1989
x-guploader-uploadid
ADPycdv2ru9I3P5h_WqGEOXGd3lPMVdGeewu9r0A6LlaSYbQzdU6ufO9j64DjccQkTeloCt_Nptv8Np8U2cUvLMej2JnZOmqHhFK
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 04 May 2023 10:46:22 GMT
server
cloudflare
etag
W/"a31440944e447c0a338b082b8e67fc07"
vary
Accept-Encoding
x-goog-hash
crc32c=oTzsXQ==, md5=oxRAlE5EfAoziwgrjmf8Bw==
x-goog-generation
1683197182732576
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIRJOqa%2Bf5MTrBORu6VH%2FA3jOxPdP929X8NzFdk%2BTa0Ymwr3BZpM%2BIs0QoCJt2P5UMH1VF5FWkFMR8HQXHELRBHM3zvoW1UpgUtrl6aBvJfMCzDHt7sRKJVRjPHHnz%2B9ww%2F%2Fab2hqoDynrMw"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=3600
x-goog-stored-content-length
19997
cf-ray
7d32a9978ed61c44-FRA
expires
Tue, 06 Jun 2023 18:01:51 GMT
crossdevice.min.js
www.artfut.com/static/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/crossdevice.min.js?campaign_code=ed6bb38d20
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=ed6bb38d20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ed75e2d2be64a6b791dc665a6f65b7f732415592b4ccea7905c65a65560526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3128
x-guploader-uploadid
ADPycdtRQ9q0Ln9Z0gkIn2gdFBcd0WeWwfn08rLWx6AOY7yg7VTf2ISYO6xyqlmRSUch0f0aQGPohC_ydgahVAbMdZN7nMRLz7Tj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 04 May 2023 10:46:18 GMT
server
cloudflare
etag
W/"08646ff5c44a0a69313db7d24fe1627d"
vary
Accept-Encoding
x-goog-hash
crc32c=uTjiog==, md5=CGRv9cRKCmkxPbfST+FifQ==
x-goog-generation
1683197178175931
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVxew02aaZe%2BJuOqrH4ZBFBwI4zNNXCDFwQgsYub69RoAS4K5k1Ah1%2BMSSWgg4ZVQv7cPNm8IM4OS8r1%2B47RfRCGSF0gLWM3U%2FLgwtI7IVojHzhHMZMYYDsUn%2BPcjMbNXAoHavNwBqz%2Be9yF"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=3600
x-goog-stored-content-length
26437
cf-ray
7d32a9978ed71c44-FRA
expires
Tue, 06 Jun 2023 17:33:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.minitool.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.minitool.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:50:11 GMT
content-encoding
gzip
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
77344
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
GHDUdwzd8GjkDNN_TNAyd7aHCG0U3ItS2oFJBjV-0P00IsLFT_owpQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Jun 2023 18:19:14 GMT
x-content-type-options
nosniff
content-encoding
br
age
25181
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230036-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:00:55 GMT
content-encoding
gzip
age
1567099
x-guploader-uploadid
ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 18 May 2024 15:00:55 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Jun 2023 18:19:14 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b800:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 05:58:55 GMT
Via
1.1 8ebebe66cc8de626ee8e15b2ee72d826.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P1
Age
44420
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
C4sTIYbrHvfIoNHMUqJeetMfAVYzUgWqLYGHV9FRsAZWcBz89jJLpw==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
YZSQPNW47ZC4F5SN
age
2337
etag
W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d32a9991b73362b-FRA
x-amz-id-2
mjJhl4SJvKxNboLUXIRNYzPhclsutc6bQTQqZUtk1GdtPjQNGVVMSK7di3dunMCGVcIOMbPapKsRT+LZTP2y4Q==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:11:08 GMT
via
1.1 google
age
486
x-guploader-uploadid
ADPycdvTUNWucnbrV1fc4IQReOmmBeC51d7N4BjC4ueDWI5ti2VQcHUs2I_zUaymWl3ePA1BfNjrHVh0a-1FNAo4vaKuFv-ejadD
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Tue, 06 Jun 2023 19:11:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		116 KB
35 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2557905677746147&correlator=226972645486428&eid=31072019%2C31074948%2C31075093%2C31074733%2C31070233&output=ldjh&gdfp_req=1&vrg=202306050101&ptt=17&impl=fifs&iu_parts=22630280940%2Cglobal.mt%2Cpage-top-1%2Carticle-sidebar-1%2Carticle-sidebar-2%2Cpage-bottom-fixed&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=970x250%7C728x90%7C970x90%2C300x250%2C300x250%2C728x90%7C970x90&ifi=1&adks=1391017988%2C1952367145%2C3713715544%2C228627258&sfv=1-0-40&prev_scp=refresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1686075554611&lmt=1686075553&dlt=1686075554129&idt=440&adxs=315%2C1080%2C1080%2C436&adys=173%2C546%2C836%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&frm=20&vis=1&psz=1600x250%7C300x250%7C300x250%7C1600x-1&msz=970x250%7C300x250%7C300x250%7C728x-1&fws=4%2C4%2C516%2C516&ohw=1600%2C300%2C300%2C1600&ga_vid=1332409163.1686075555&ga_sid=1686075555&ga_hid=412363214&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqva8j4kxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiq9ryPiTFIAFICCGQSGQoKcHViY2lkLm9yZxiq9ryPiTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yqva8j4kxSABSAghkEhcKCHJ0YmhvdXNlGKr2vI-JMUgAUgIIZBIUCgVvcGVueBiq9ryPiTFIAFICCGQSGQoKdWlkYXBpLmNvbRiq9ryPiTFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89a3fe8d8dac41fa5d87bf24757e3a08c8e432740d8eb2cb9969e8e6f24edd10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36279
x-xss-protection
0
google-lineitem-id
-1,6303762171,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138433479207,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 71AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:14 GMT
expires
Wed, 05 Jun 2024 18:19:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
count-data.js
minitool.disqus.com/ 		312 B
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://minitool.disqus.com/count-data.js?2=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html
Requested by
Host: minitool.disqus.com
URL: https://minitool.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52d18f4159c16dd96b035ed92e3ecf2a5b041dcea097c0c25eb15e1ad437f564
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:14 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
312
X-XSS-Protection
1; mode=block
map
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.172.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-172-99.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f6dc859762441b3814cf106199e44b28560ae2fcbe57b7d0d82af101512f430

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache
x-server
10.45.19.164
access-control-allow-credentials
true
content-length
60
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&rid=esp&cc=1
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
313a9c8a42e2215432a2e1de99e69949b5a4858344559e44327971d22c5f0a45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-0vY+F/OFl0RyVFYz2hwaKDwck38"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.minitool.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 06 Jun 2023 18:19:14 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.minitool.com
location
/esp?url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 16:35:27 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6227
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 06 Jun 2023 18:35:27 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W6RNX75Q2P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fc6de47730df6a07e8f033f2489d1a4a7c2505e6750de172c13b408b48d8e8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86493
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Jun 2023 18:19:14 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KZX6JEMLPS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPJRVD9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6c5d2c7127a5ef007a6419f0b1cddd9c66669f042fb69ea75af80626de05a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87829
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Jun 2023 18:19:14 GMT
syncframe
gum.criteo.com/ Frame 5B3C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.minitool.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:13 GMT
server
Kestrel
server-processing-duration-in-ticks
543291
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.minitool.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.minitool.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 06 Jun 2023 18:19:15 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
7876c2d14ee97f73c2445b2e78906bbf
d3d3Lm1pbml0b29sLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm1pbml0b29sLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:15 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=11459
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
b31c79179a02c698356f528a23aaec33
Content-Length
15
Expires
Tue, 06 Jun 2023 21:30:14 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Thu, 06 Jul 2023 18:19:14 GMT
date
Tue, 06 Jun 2023 18:19:14 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
encrypt
esp.rtbhouse.com/ 		265 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a96b4a50173b3255eaf86e1186a1d44ba22af677343afbcf3d8a8fb54f27ded9

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
517f7e3433965dd0331091abf52200fb
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=412363214&t=pageview&_s=1&dl=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&ul=en-us&de=UTF-8&dt=How%20to%20Check%20the%20Windows%20Registry%20for%20Malware%20and%20Remove%20it%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=1600518368&gjid=1702580968&cid=1332409163.1686075555&tid=UA-686301-28&_gid=1080659650.1686075555&_r=1&_slc=1&gtm=45He35v0n81PPJRVD9&cd1=Stella&cd2=2023-01&cd3=2020-10&z=815805871
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxf_4992x522.min.css
cdn.pixfuture.com/content_widget/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/content_widget/pxf_4992x522.min.css?pxft_v=7894205747957524
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58cb74313848348b5465a8130165f77a8138313b5041f3c6057f188b4cdbb563

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:14 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Wed, 08 Mar 2023 16:04:54 GMT
server
cloudflare
etag
W/"6408b226-611"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jvu3yHnW8AzEMmKgkOP5Zd%2Bx4Swbg0T92X2pwEbFRyai9S5HXWaTorW2die17jNTk0FS%2B3Rx%2Bv4aYrDIi9oC3%2BVsurZziJ7Pk6nwe5Omlg5%2Bvdd2Gm%2FeA3iIZWyMV9uBTSe7raqE64bMe%2B7Wv8NP"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7d32a99a09210418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 08 Jun 2023 18:19:14 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KZX6JEMLPS&gtm=45je35v0&_p=412363214&cid=1332409163.1686075555&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686075554&sct=1&seg=0&dl=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&dt=How%20to%20Check%20the%20Windows%20Registry%20for%20Malware%20and%20Remove%20it%3F&en=page_view&_fv=1&_ss=1&ep.page_author=Stella&ep.page_published_date=2020-10&ep.page_modified_date=2023-01
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZX6JEMLPS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W6RNX75Q2P&gtm=45je35v0&_p=412363214&cid=1332409163.1686075555&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686075554&sct=1&seg=0&dl=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&dt=How%20to%20Check%20the%20Windows%20Registry%20for%20Malware%20and%20Remove%20it%3F&en=page_view&_fv=1&_ss=1&ep.path_clean=%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&ep.page_author=Stella&ep.page_published_date=2020-10&ep.page_modified_date=2023-01
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6RNX75Q2P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 5B3C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=minitool.com&sn=ChromeSyncframe&so=0&topUrl=www.minitool.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Wem0y3xjTTFtS0JZZDB4aVFYd01XSnE0Q1EzdUhzY0VZd1M4WnJMek5PbUx6SndoWTN5bUtPbURBNHQ5MnpEY3BVWVZTTXk4bXNiazM0dnVsVTRKckZBS1dnc0dWMU9VWWJZR1QvOVpBV0g5Nk1rc3ByNTZIeUl5QzQvZG...
427 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Wem0y3xjTTFtS0JZZDB4aVFYd01XSnE0Q1EzdUhzY0VZd1M4WnJMek5PbUx6SndoWTN5bUtPbURBNHQ5MnpEY3BVWVZTTXk4bXNiazM0dnVsVTRKckZBS1dnc0dWMU9VWWJZR1QvOVpBV0g5Nk1rc3ByNTZIeUl5QzQvZGljWGZDU09ocHRmb2lVeUNWdHBwVmN2MWo1QjVvK1U1KzJxR3d4MFI3ZzMvZk52SHI5ZlFBNlRTWldCZWZWUTJIWTFDbDF3UXJ2aU54aU1iWlVRVXMwTytkVjdmdXBMMk5sOXVBZnA4czVGSWdqbmMzM2llbnA4KzV6WkZOdXorZlZCZUVIL3Z4WFhLWDlUdjRNZm80ZW8wVTM2d3FZdz09fA&cppv=2
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
535a2494319cef4c32752caeb80b68b6fc12d29a5088e555739d642e2d933b29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1566914
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Wem0y3xjTTFtS0JZZDB4aVFYd01XSnE0Q1EzdUhzY0VZd1M4WnJMek5PbUx6SndoWTN5bUtPbURBNHQ5MnpEY3BVWVZTTXk4bXNiazM0dnVsVTRKckZBS1dnc0dWMU9VWWJZR1QvOVpBV0g5Nk1rc3ByNTZIeUl5QzQvZGljWGZDU09ocHRmb2lVeUNWdHBwVmN2MWo1QjVvK1U1KzJxR3d4MFI3ZzMvZk52SHI5ZlFBNlRTWldCZWZWUTJIWTFDbDF3UXJ2aU54aU1iWlVRVXMwTytkVjdmdXBMMk5sOXVBZnA4czVGSWdqbmMzM2llbnA4KzV6WkZOdXorZlZCZUVIL3Z4WFhLWDlUdjRNZm80ZW8wVTM2d3FZdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
360796
content-length
0
expires
0
uts_clickcounts.php
www.linkconnector.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkconnector.com/uts_clickcounts.php?cgid=901602&mid=156919&MerchantURL=https%3A%2F%2Fwww.minitool.com%2F&cid=&Mode=js&AffiliateReferer=&uts_lcid_arr=[]&uts_mlcid=LC1686075554.839
Requested by
Host: www.linkconnector.com
URL: https://www.linkconnector.com/uts_lp.php?cgid=901602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1627 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
css2
fonts.googleapis.com/ 		7 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/content_widget/pxf_4992x522.min.css?pxft_v=7894205747957524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.pixfuture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 17:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Jun 2023 18:19:15 GMT
get
mv.outbrain.com/Multivac/api/ 		107 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&idx=0&rand=69679&widgetJSId=GS_1&va=true&et=true&format=html&px=220&py=4698&vpd=3498&cw=1160&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010321&sig=CN0wwfqy&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3e0cd522b4efddfe135bfe77838791ea55b8f5cc22dc5edc761477458808a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 06 Jun 2023 18:19:16 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1686075555.349689,VS0,VE1063
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21943-LGA, cache-fra-eddf8230062-FRA
x-traceid
9421987814fdd028f83dba2294aa53b2
accept-ranges
bytes
content-length
22926
expires
Thu, 01 Jan 1970 00:00:00 GMT
cw_style.css
cdn.pixfuture.com/cw/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cw/cw_style.css
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f9dc3fe1126d55053b1638ed35e036916f5e407a2651e0222adf5f6ee8b75d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99040
cf-polished
origSize=28765
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 20:42:44 GMT
server
cloudflare
etag
W/"63dc2044-705d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSPl%2BMlTZIn974lEydl28D%2BL2SS%2BUvr9RIsBgXkDjXRAUk1Kn6vDRhbch%2BOaQ2L2cX4Nbdx%2B2YrVKFPy6Xe4K0k%2BWpMAwcoCUDQyFdLbrkcdI4Y2KcRyho6qnGJ%2Bi3GmwU4gRGpObwfTQrSO8dzx"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7d32a99b0aa10418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 05 Jun 2023 22:34:01 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 76B2 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 06 Jun 2023 18:19:15 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-686301-28&cid=1332409163.1686075555&jid=1600518368&gjid=1702580968&_gid=1080659650.1686075555&_u=YAhAAEAAAAAAACAAI~&z=281241942
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1686075555185&sessionId=421efe92-bdae-261c-de1f-781e1102a633&url=www.minitool.com&cheqSource=1&cheqEvent=3&responseTime=355
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
3b6f25767634b6bb6b6188104732dc05
Content-Length
4
Expires
0
container.html
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C288 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:14 GMT
expires
Wed, 05 Jun 2024 18:19:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4A3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrFnQYI4yYAJDRI1YFyPf1h5NzSLJbzESbu2n12l9OM1gsR0mWlqgyQizA6A1ZZHDEkJPZlHDEc45Ipcn-1ZSCeiOcJ2OzuJ11YiodnyIKn10QMKu4t3CKB-QTaWkTFjPt5JvxE4_ZocxAz4wKCWKUdre60AftnY8T-xhchRJBOf6MleqE23oi6ORM6HrtTtefdF8gP9Mv9qz_DdgyCVCFjlqd6D3luFftnMpE8VqKBy3ypm0x_LkrvhY9vyYGPOJXlP7vRMPX_xmm8KWPs_IZmWiRBheyp-7PG08vvCX1qFCf2pTRLBJMPQj3KSBf2OR7q7WkY0nRue6ssGnm8Ar9gQUq&sai=AMfl-YSUgryktwWPORR8O7hVAXAE4LTNaworC1pUNO1cZ126lt_QzlBrcTSnlWam3aP33Vb76Z-snMr2JK_gNHmyl2BAnWmJTeu54pN63196nAUoRRaQuPja46GgsbNbRLBns1NpBe93vyN5MYLKXH6W&sig=Cg0ArKJSzCJZ407hr3WOEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 18:19:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 4A3D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
78797
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 20:25:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 4A3D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 17:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 17:02:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A3D 		173 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:15 GMT
1908261016825256387
tpc.googlesyndication.com/simgad/ Frame 4A3D 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1908261016825256387
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9ea2dbd2340a080c3b117ccc97682072853a103029cb65bd2fd645a23f250b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 00:28:26 GMT
x-content-type-options
nosniff
age
582649
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39611
x-xss-protection
0
last-modified
Fri, 19 May 2023 02:55:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 May 2024 00:28:26 GMT
container.html
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F36C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:14 GMT
expires
Wed, 05 Jun 2024 18:19:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D29F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:14 GMT
expires
Wed, 05 Jun 2024 18:19:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4A3D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8644ad22d558cc88092ab54abe558602d1999e83ac681234daee57e44353cf0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 03F1 		624 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVjYLILg3ZJU-4w2oyFI-IcJByiMvcnfIYwVrfBQjBZB-HS4cYD1YkfryAK2TtjVEeMPthvmw7u9DUBc5F6u_SG4hvbMT7M_ATqtleAhGJQvVcoXP2rrk_meBRewCReWUZnmLPI3227gm7fDMg5iNjCYpKebYXO-bQh1f3lt2j8DW4Aubc
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:15 GMT
expires
Tue, 06 Jun 2023 18:19:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C288 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C288 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5gQkrd9AQbbuZOWM5GE6LjUaZmemSUtERx_idxGSqj7rn9JN9lWLX7UWwJlOs55c8CUBnSZwmyfgc_dqexuFg9y6mp9naNNDNHG0KStOhz3kBNzs
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C288 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18239272352981493582&x=1&ct=76
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame C288 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 17:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 17:02:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame C288 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:26:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
78745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 20:26:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C288 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:15 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6D42 		624 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNVp5JRtrhiIsC7oYxeWQEgYfild4Gu78mFkXEf3-xe71yhyWtIM9Y0-iinwrO0k_r8ioh45sX-B4CcuubOE889S0MtbsoWLQI_iJWTBguNMaj1QJ5KIYSk668Wx9JesL2PO3ElT9MhgAZINyBDNS6FH0G6Msqn2vhaTnT-b3MD5c1YsMRI
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:15 GMT
expires
Tue, 06 Jun 2023 18:19:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F36C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F36C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bwdqf_ALHo-aQTlB5_PRnqfSO3pSdcbevnWh6zYUSWfSqA3QqGaIc8dMBitFSn_Ewe7WlIHU4QsKH6sHySyKyt31Zv1bpQRw8sCB8rtdWLEShgqOI
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F36C 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12909564529962340046&x=1&ct=76
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame F36C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 17:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 17:02:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame F36C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:26:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
78745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 20:26:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F36C 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:15 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3DA7 		624 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLunhd0BMAE&v=APEucNV9kNS3NBshVHXVus5FbU5dg_X5ksltO6oltPjXuOScOY0IFZG_0REqzXdAB3sX_pxGYfEyebOaMLXk8WyGB1tkPaox0PP5m1gBPoBDp4ZUBMiFyyDUtXFuIFhEKr9Se9mugpPynl13PhXzVweIpGMqQHsN5YPp0IpgHhEazx8uYX2Fpaw
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:15 GMT
expires
Tue, 06 Jun 2023 18:19:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D29F 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D29F 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfagZ-U1U1nuGLM4d75XmdyXFt3kHuEao3FhA_BCQvtFyjH5ikjFp6sWzbxTITiv5dT9-izOqVm1fFcJTkRXC5xnU4lAts4sykU4g9Wz9yGNQi2tI
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D29F 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8069258177115415969&x=1&ct=76
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame D29F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 17:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 17:02:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame D29F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:26:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
78745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 20:26:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D29F 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:15 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-686301-28&cid=1332409163.1686075555&jid=1600518368&_u=YAhAAEAAAAAAACAAI~&z=1796110653
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-686301-28&cid=1332409163.1686075555&jid=1600518368&_u=YAhAAEAAAAAAACAAI~&z=1796110653
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNVp5JRtrhiIsC7oYxeWQEgYfild4Gu78mFkXEf3-xe71yhyWtIM9Y0-iinwrO0k_r8ioh45sX-B4CcuubOE889S0MtbsoWLQI_iJWTBguNMaj1QJ5KIYSk668Wx9JesL2PO3ElT9MhgAZINyBDNS6FH0G6Msqn2vhaTnT-b3MD5c1YsMRI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D42
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH94o2wrGx9DZKclpu7LNwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNVp5JRtrhiIsC7oYxeWQEgYfild4Gu78mFkXEf3-xe71yhyWtIM9Y0-iinwrO0k_r8ioh45sX-B4CcuubOE889S0MtbsoWLQI_iJWTBguNMaj1QJ5KIYSk668Wx9JesL2PO3ElT9MhgAZINyBDNS6FH0G6Msqn2vhaTnT-b3MD5c1YsMRI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6D42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNVp5JRtrhiIsC7oYxeWQEgYfild4Gu78mFkXEf3-xe71yhyWtIM9Y0-iinwrO0k_r8ioh45sX-B4CcuubOE889S0MtbsoWLQI_iJWTBguNMaj1QJ5KIYSk668Wx9JesL2PO3ElT9MhgAZINyBDNS6FH0G6Msqn2vhaTnT-b3MD5c1YsMRI
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
AN-X-Request-Uuid
4ef28f07-1fc0-4c28-ba72-962628ac772d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D42
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNVp5JRtrhiIsC7oYxeWQEgYfild4Gu78mFkXEf3-xe71yhyWtIM9Y0-iinwrO0k_r8ioh45sX-B4CcuubOE889S0MtbsoWLQI_iJWTBguNMaj1QJ5KIYSk668Wx9JesL2PO3ElT9MhgAZINyBDNS6FH0G6Msqn2vhaTnT-b3MD5c1YsMRI
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 18:19:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4d261a21-46c9-4b41-bf75-0003a00813f6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3DA7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLunhd0BMAE&v=APEucNV9kNS3NBshVHXVus5FbU5dg_X5ksltO6oltPjXuOScOY0IFZG_0REqzXdAB3sX_pxGYfEyebOaMLXk8WyGB1tkPaox0PP5m1gBPoBDp4ZUBMiFyyDUtXFuIFhEKr9Se9mugpPynl13PhXzVweIpGMqQHsN5YPp0IpgHhEazx8uYX2Fpaw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3DA7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH94o2wrGx9DZKclpu7LNwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLunhd0BMAE&v=APEucNV9kNS3NBshVHXVus5FbU5dg_X5ksltO6oltPjXuOScOY0IFZG_0REqzXdAB3sX_pxGYfEyebOaMLXk8WyGB1tkPaox0PP5m1gBPoBDp4ZUBMiFyyDUtXFuIFhEKr9Se9mugpPynl13PhXzVweIpGMqQHsN5YPp0IpgHhEazx8uYX2Fpaw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3DA7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLunhd0BMAE&v=APEucNV9kNS3NBshVHXVus5FbU5dg_X5ksltO6oltPjXuOScOY0IFZG_0REqzXdAB3sX_pxGYfEyebOaMLXk8WyGB1tkPaox0PP5m1gBPoBDp4ZUBMiFyyDUtXFuIFhEKr9Se9mugpPynl13PhXzVweIpGMqQHsN5YPp0IpgHhEazx8uYX2Fpaw
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
AN-X-Request-Uuid
255cdb4f-4dc5-4f18-a123-5706a5e79083
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3DA7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLunhd0BMAE&v=APEucNV9kNS3NBshVHXVus5FbU5dg_X5ksltO6oltPjXuOScOY0IFZG_0REqzXdAB3sX_pxGYfEyebOaMLXk8WyGB1tkPaox0PP5m1gBPoBDp4ZUBMiFyyDUtXFuIFhEKr9Se9mugpPynl13PhXzVweIpGMqQHsN5YPp0IpgHhEazx8uYX2Fpaw
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 18:19:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0fedba30-82d3-42da-8657-c345d1ec6a81
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 03F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVjYLILg3ZJU-4w2oyFI-IcJByiMvcnfIYwVrfBQjBZB-HS4cYD1YkfryAK2TtjVEeMPthvmw7u9DUBc5F6u_SG4hvbMT7M_ATqtleAhGJQvVcoXP2rrk_meBRewCReWUZnmLPI3227gm7fDMg5iNjCYpKebYXO-bQh1f3lt2j8DW4Aubc
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 03F1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH94o2wrGx9DZKclpu7LNwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVjYLILg3ZJU-4w2oyFI-IcJByiMvcnfIYwVrfBQjBZB-HS4cYD1YkfryAK2TtjVEeMPthvmw7u9DUBc5F6u_SG4hvbMT7M_ATqtleAhGJQvVcoXP2rrk_meBRewCReWUZnmLPI3227gm7fDMg5iNjCYpKebYXO-bQh1f3lt2j8DW4Aubc
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5lea_tttIsOGJvA1nbRCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 03F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVjYLILg3ZJU-4w2oyFI-IcJByiMvcnfIYwVrfBQjBZB-HS4cYD1YkfryAK2TtjVEeMPthvmw7u9DUBc5F6u_SG4hvbMT7M_ATqtleAhGJQvVcoXP2rrk_meBRewCReWUZnmLPI3227gm7fDMg5iNjCYpKebYXO-bQh1f3lt2j8DW4Aubc
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:15 GMT
AN-X-Request-Uuid
3e4631e5-7972-4fe8-b99e-33b3c87eb08d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFEhqOfXm-69jaYYwlHjSJ8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 03F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNVjYLILg3ZJU-4w2oyFI-IcJByiMvcnfIYwVrfBQjBZB-HS4cYD1YkfryAK2TtjVEeMPthvmw7u9DUBc5F6u_SG4hvbMT7M_ATqtleAhGJQvVcoXP2rrk_meBRewCReWUZnmLPI3227gm7fDMg5iNjCYpKebYXO-bQh1f3lt2j8DW4Aubc
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 18:19:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
eeb90eba-baef-4a5a-a72a-d42605fc049b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA4MTk1MDkzNTIzMzI2MzEzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C288 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4972998184467&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C288 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4972998184467&version=m202301230201&ct=76&x=1&cor=18239272352981494000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C288 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqnjkK_3MbAMK3aQ72mFJQ5ZbtGWAhSpZJN5MzYKDepvvpsEcjR7XTp0sTg6OK-ooFKM-ESqZmhqjfpIX63U8d4h3PNmEkktTctaafLx-Zv_0ThfA9No7WWJarE9Q8yE131xBoelqRk4JnqwHKuXhBKOCQytir5FHH3E3l3vWS9KElO-I&dbm_d=AKAmf-C6JmhsIKOjyogqgU1bJM3xUB2Cvmzzuef_6TP4ySV_2Y3LbqZL9bEByQeYW0jgz4fm6tsdcAaUaP5c6cj_gXsRUhpR6yLIsPcdwFHchtOIfMBMEGexVVMR4Me1skIYpCtf43tzPtexN-MVJec5hz4SHtVz-z3rNDwtKJp5KmGwCNimHB6uPojzUESzXw21Wm1nKnwDWKlZrfyor8VZ6V2Zxyjl49jEtosGp1Oy7u0JybcMsoPjmmRFOAKYg37c1QCRobbt8kvjXru1xlk1zf02CidfWgXy7qHZdb9yxzmBv51XTeeLPtjqj625bzNCrrKczJMkChxJgy84gpgMD4ZS9J4n-u1DFSjJMPtWGtqE7tCe-w0b0uiONdLR2F6aQqG1W0yut8L0mB9eWQr2-to553eAMUzGE1v4bcC3WIbA1X50F994jRcDn1sIaF_FZ-5yv4cihP__jEwwE1saBpxpDgRGM-ak41bFWA3CcaEbodm0xxU3OOG59kQaDGOKlvq41zs-kbVc8965cNcQZf7-REzlCi-kDndwMdzS0UcCdd55ZixwG4TxR4PHvNY7dcjLIuDxbNyZlHvHJ0Juy-qAx1QV9_30oA5MfJGOZ0RQfoL8VfMAtDmEffwjSqQG7cT3x9614NgcN4H2sGFZJHnsLGOJ7PSg_-vjMYxMn1UnS2C1OsydIauVwL-_YMGiznM-vGsAdAg_Q-cdV3gJF2L74hzEOS0f59G9eqx_UFbH4OVuJRwJfsq54OXdL_CMvPOBwPv1WkfLvgwI-FWn_M1Ura4KoQgshtO-pb7qPpCpzPxcRK8LYTC-1V-E4bgokG87jt8B1_OpJ39OqPEwn_R3cQs4UW7gp4E0W03jwumys9qfFizjHp5pIVrfXKJ98hLNyu2CsD93Afc42ItzDz8wzRNOnpy3CixoWPZtJ29jLqGKrKSGm9RfXnumSCQ4H8sACAjwqdYriSMhbvxYOEvWa-1l3Eam23pczZqlS3yFub63gl-q97eve5gPouUzQVNRX-lqt9eMjReWhzl1vmSp-J0NYnqQgnGBYMKAmD15FzxQp9uboQ2RTxFBGBx7u_5gCC06Su7XpncxCK__rKlEN107Hd8WMQLA19G5HO1FMzRJACz-CSSfdfNTDsnFL3bSlwlWw4WdtUduWgnnvbJ_NBun2oP1oj4__2b6MVepepmAP-O7YYZfgOEzRqEKOdh-U75WtT-HUgRxSzLHjlqYJVEymZt2wQMlXoYbd9GShMqcvdTm0vRav8e09zC1DxHU9nRJjhWO7s1ve1O2VVFGczrFOBSYmM91s25QTofrVSMPk8vunQtHmrCx0iehd1iQ2D9GhZO-X5KEAx3IruN5oa7M8Bq9dZ7--rRXCr5IZtDR1E0aLTG13xstdLk0A1zCFEx6vKuVWoa-F2nvFXTzwUyP757yyyV-zXLyNU-YvhMUNCS9YtVvkJgM68pZ86tTT28_WlXknyeJ573heJnVFfq0i8HoG99l2AvOhWvYrnAQx8pC4cTGTxTPlAU3y1u6Q3D_CNlptkuCQWBPU4oOCZRKC1qynRFD3l1KdxUoWJ-yjDdoqBMK6HWVerEARgJGPzClQjDRZV-QE1KagQwb4ioQcHe0cX1NscRGKRr9Nhp5Zu3oFVT6y_-v3TDJt4MKpBeVdBU9gky3TGypmFgYYWiByRfD9m1YGR7QmJMoBRLwOl4QPGwkSrf9IoxNmHd7-eiafoJVbsQhdbqF1Br-enARgs1I8cE5u98ORfi_DrzPtNjzwKqCO0UUNEEA-2vP68DZS0GRIMSVzIL0jHdpQ_VGbfEzWtSC7IU7Lyuy9GDmXreTqR4CzfFwcsmntu1mLwVcIu54JUXAtoFQrrEKKFOy5OUxRUQ_dZdLHW4wv7mqvqyuXmsZN_ZIKisUwFQTmGzvOWjjedGd0ZfizrTvp_ons0WFPmUXCcZ3xwZc_cqXOhVQbrU91i2p1AqRJhX_pbW8meKEbljBJU7pRjKSMLWr13jG_pvQe_i6x0y8NJqM4fthf7wXFxwERRCHG-iuwv2P_TT3_xC1jtFB9NheY7DuuWaYTjdHDFS3dUIw8mrsxZK3LAmMz2E76-voSteeY2YjyMbJrVC07KXCPtgiF-COi963kgxjHb8cIVFdrgiVm6WSEk0AnL16BxFq5cbzbC9ELUx7d7cf7oDTqTK1OseXDk_4XXhIW8aFl9CmBdAmtA06wtH8wFYBiKfBrgr4SuZUkbjW7S59ar0wksy1GV2KRlvxhu4pLMPoNrsGrPjG3wbZwojOmNDJNlmfx_OoncZ0SI0wPnqiDF-R2y2ay02VCmccbY2MW2FwwgvjOrTOoAoXfg2l18dmIdRJ1LQCzhjJmDr3S8XubjeJmFayTY-jVNiWD6-RczB6KX7fyeDbCn3EOO2WJTdAWSzeIV3EPYruEtwDYjkFleNys9loHYagWrvCF1gUcgDU7u0ovzRji_HPwLGzYqVcqsW3Mt1KJ_IXze15Y5lUwRATtJg7CqmAcrDko89lJiZM_O3ar8n7sptt3IoDXbfd7gj-jvQq6KLDvcIuwRDo_PSkRja8d6eHXv1f7Vt2XrGEzuBuuqbHHFfZQffLJRwRCeqpVyrJ3qZ80FgQOwSBCjjPBntqiqas9CBdE78U9AfM3V28cbmlnDv9pKAPR8GXmj2_RtEPuk9q1fTvS0hallohr-kQm8xKdr4wvPZuhHmOb4X56Jb3YmGCqJrXR_HHdl67Dsz1_sAXKZY-zkbr5ZxYKjD9MX2L7fCAX2NGzBArECa5b9ghTPlJ84FVU4pXwse1mI2U7R6Pyto7Hy-eUD8mPIhNF4sYej87qhlkG9z2xev8cvbtwc7Tiaf1716x_PgN-Hs4HE7q5WytpCeNRQoE1Vps11SXf12OqDuEyqIty2c6Z57aWgWTPXxkVNTAqsNR-0i9yz7xsyLnK7SWnhXFJJf39JmCuoz_gGdd5XKB1_DgPPv3Zze2YNOGGIGz5GMi5Hg-f1K4w3QdMvG_ujqxnTfZoeWfKrV-mdlXhXxGjbzFwjAaQmAVZijfOdFKcwXg2SpfBqFo0WZtOMPAM5FAuZaardP6WNWpsLUm3bEjzFnEmiGkuaUh5UiT26ZRjf00djeoLMYWMmVxcNSiuVHAPIf-fjWBqZui3zCttzvbGnWA_xTZPcSsFMmdpp1jXWCWsyWn_H5K_a498FDGrZRmxwxVRFNddRBKSPFP6ObVD1DwPJZzfpa8MRgrf_fKHal8rbo2igPwnvZBBHYqNH644hTSolhIuPFMT2mhfJb6D4SHjsrWX2Diuv6r2V4pkpzX6gLbaCu56LbINH6NNwe_O3bQw1wlHRWGX-Sc8eyiTeaENh8Ct9gT3FAGwuAdyKfyoSQc4Bd8NtFnRFAZFrhwL25sde8KQ_sgsk-N5c2tdwukgDNM6Q_hIWpXmrTODkRYiklIAfTaDHT12aWQAne-6pYCDctxIlp6Dsk11H8-165o9kUnMETFSgg40-UDHdkmAbP-rYKQanUzwpR6-raOB50-MoEqOqnQa85nGwwSLOhz-tN-ngw64AgtG5njrZ5zfcHSR03a5PxKsmlmI-0X6nCmhZyLh5qP8deI0jz7r74mztaXlrezP7WfImhNrILOsb5fPicXisHOchD_R9TK7G2KMl8ugY13BVFvIam1L-6J3YirHguHETEaENn5hoQtzHX-X9sl81bfjVTzfL4C7AL2i5NHC3WxqPDInoJPVM_fjvE-E08qauhd-t5xOQcg2JtYMPjyi3C8cK9kHtlfkDSYhFl3Sjra190zgzDFw3yUej9YVoI&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=18239272352981494000&adk=1964084972&idt=148&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a368489c379dc91bdae54a0bf07c01de5902c54f5c0bfdd5a57e0f732ede576e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37596
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4A3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstesWN-lnlfHpwBLbTfjqvncdLVF3-eFVNL3M8t2cicu2ifLc5bMMD6ojTyr4evV2OsWb_Y9V4p-LRRF_2GlV0Ga2G0L__qswPBPBAAogqWv7_N5p3sqDOGUkiE_uh_SQS1V62qnGwztpPsYtcYgNiQD5PnvqATeHCbjxdIYQUFqQq1XRWdj0-Ui-gTpioPi0QUzqgIPrErEZ0P2S57gpZf8Tms4SkjmL50RMWuqVteFeg1WU5pylI6oa_tvMXm1KNIMlZ0L8a3QmIxJsXD4gzWPeWH3L-ctV9a9TmqnJVyKVO_ukO137Oo7trM_MTuNN3r_ODpzvOYYWI8pXql0L_Fb5NZVF8&sai=AMfl-YTXzcWGwz93KdzQzonTjtUVVyrUnMRzrRUAY7lMPsBclebYgZZ96yMvXXmOvBjddXUoL-VAAyv4_HYH3u2b-MfsV2aobkFaKSXSsRA0lCL9yXELXvV-rstOzBoWjrCrcxarOGmXQmjDW59kk4ge&sig=Cg0ArKJSzK3CLjDPZiD1EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 18:19:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D29F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2133544335074&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D29F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2133544335074&version=m202301230201&ct=76&x=1&cor=8069258177115416000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D29F 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aimarl6hKciiKGF9y_5D0yulb_aau0NB8KZJhEKmdUth4HjBm-WADI9Mu6l40xwPTQh3PkMMpdxN5ERcJ-oM-iGbz1mtDsUYpFA4UaKXfEumEJpQfDMKtxiCXZR5oFsbAamcOp7Cz2e4pJDCHeFxgpnjq5J6z4NbtjhgFVgGOGBIK7QA8&dbm_d=AKAmf-AkpILMNI-yQpWAEVHDH9Fk4bxj-Tpv9IXBoCH3nSlIFi7eQ8p2FCM0YW8lTXS_aLsV4egGap4IDkYQje9QvWGmk4FK40sycRgSWn1kDqZcM5LUhXBovm9DsSAZ3zeaWXOW4gQbnSkbV3Wlr3n4kV2OsbgFE87oR3eir4LvHUUwfeOKMWg6y6K94v_sD943wdBoQrzCfSLA7Pf8NXcHVe-Cm-N7UH5o8Ne4j_A9hcpuWrONWSeuHw_RVEsvP2wWFfKXsnIc5PRdrpcK_DPykzfhf3q6Xz-r0WiLgtsFarMkiWf--licFKBYk84vDlKf7w65915zi2LmdX5b-8kpgNJqfYVplLDs8kz_ZNnsMmmtRAER0SVWU5p9C-zzgUdu93dDaAPaX3w919nRhKCDTUiLbWnQ_wn-C_5gItgZUPPZqb6vk-UtxAdPJNSTvZp-54lJP0qQPSAcE8tfnPoIrUFSF7whSNMTsgxne6EvsjJzDrsEjf9Mnp1gnVlT8E75K0dZhFvfxlCm-xRTJ7d-jQ9KkpaQ5_p12FzyF9LmWtH_31NnfKe5M7OBQyw2dg4y4kD1ElqbbCgWN2DjC5IQdZFRgnuwf0gNRHaY0sdVY3KSQVonRP6fa4Usxmn-ud77WEaI-I9quqv_M7Zw1X7ZfwdriCP8g1hgUB3OrXAatVNcxcl24GrGrTu6PNibwK8ZzB0fNiqvDVaK7lCPLIjjG8lyZxValLpO9hyWOXMdtNe2U8C2zc4hWqHz-AHWaQ3xCYInZaLBvlT9y5NKfdKgAURTHb1xabN1dRknMENNdqg-9FTUTsLbdyjXmb1IeHmjBB3p89pMJW95-jJPbR1YR6qrnXufjKVypnuZ9qhcQvIN2VMuDz_90P90KIR95ejCUoc0RhLxo1IleNvRdEz9uyysy29j8guUljxz8lzkXyhe5nwVFgQVW2yPLU5UjstwGTc30aulbXHXaooET0H2hTGQ4X2t2Pq7DSk7NgcYUfkPp3Z-wrjf7HWBO3SUZ1DjGgdKTfITDVUUCJwnO-4nytemyuieNgRm1ofZqONH0TRF5xkxl-CeWyJtoNE5IG7F8z944_jY3UDypPf9_IgtvG3Uk1v-ze2bK-tWAj3FAvJhdsiiRuxTAt5ohzrdYI2f-QbPT-v47_Vf0sTzj-oM-xNoO8z0P027XZl836WHqAXUUIRPX4y8en05IJg9_gRbme9wPDJQKOGx8CgkJ0DgimcgYJMKjyCUcASZCYICvBTj9tFHDvgUyuV3J3zC6JCcuHyy5oSTJWMt_9L8Ab9CWi6SlAjeg2e59PPmKKKurr6rmqEJ_RhPtHSpVQzj2q7y_X1ghpUzYdd4e3QamFSx1mnyslY44lM0nepTFNjjv2hKl5VsBbi8vxVrpCEVOgqtQL9dWDYQjIU84jJyk3ZsbAnFFIkuNoiyfIWfX45_8TfNDvuxAie5X1iQvDysXQ_vJTPww1OvznILZPxhVrRuWYCQI1BlQ-g2mMl05nrpIXDJ0_18gSoN5lRjaJHu4erQ8A5SOiFcCrauTmZxWEt79TMeN0oPVC97F9RpvZiv_-evJOj7c-VzSYqySvmPsb-l4MI4qVorDzJjPjM-DEcqCY3ZYjOxR3EFwvCzJ_imc0gp2TX0nl5-GuGb4xByGYVtYZeWCE0K_Ee8oEw-a7lW_Gxtpdocah5zfkx5JXQdNVw0XG7p5Rx_MWDZpO8CNEzcYaMO7ciF8zNGb_cc_pMpMGLElySkIxtUVLbve6MbeBERDTZj9SF9pu_VVWWjhS6-TUdSw2EvtZGetJnGn18ioIXCAxx1nMEgXhhrP08ULDr3QxGnRq0VULuYo0jRtNcS4QFucu_C7K3NEv_LTdeK1O09NPLqZG44jsnyIpYyVTAPHY76WYClkbNzfKsAHBspvLOa9fOLF1jRQDg5CDT71mhc8FvCBpBgjG2Wi9lorpHIyinUNPoIq2yyVlQVPKyF5dpL0l7ay7e0O7rUU-3zEviCJcoe-0IqNjAQVLpWmbttTgC4CbU_shX-cOkMu-EkqmD6UaD0284kmrU2DfipmQGiDiJYOsmvwnVmLQmwW8o2l6HemuTwCIyoONqMtPW6vqEkVRp_3kRDA50gLK7Z98jIK-Eeyt49eZAdz_LU90waTEnOnGXDH1924u5bTQ2jAkj6GV-BMm6RDqWkbTEHIBWa9WgwPj8QVZ-40DTrdbOKu6ivf1uFV2SX4jgyTK9HM82VbgaDlK7R_7I_lCEihUxeM9lRXxlKVp8iOm4iyL3Clvo4_TEohm6v2RVudkS1lXflxM6yLEzy1TIfbGOnpF8HAMC8sON9D8VeUq3orCVNVAp8DJWWlvXmknQN-_M_Wyx4KVDiqzCklpgs-U-BkWfFGOJV4ClrrU41KimqSgn2SfgqYmQ5AkjJuhM8IzTCCccq6VLi26ny_DWUFD26O-nHKjanb436a6GrHwOQQkHGPOJ3Js-6qsm-4UtsJt5S--H7nKXCP-iWc_FRuBzyazM2u6X4xb6NElDP7Is5l8NvpTckhFLw8Py5YzG5pLqocQhSWfAtMMSjuifPTvY_jo_wSkjBISOO3NYhAJ6Ci6NQ96_0ewkCoElLr4mFRjiEnfltuaQEdVxzwd7da_NYcUEEkN03XAWiMlNFDawKvWfE82Abs51KvJa00bZQ4WaFDNgnkpzEzZMtjrA70F-tKYhl9JcHseNpD8dCenwzEXoZBEuTRAcWt_-6JYsK4VtSPJHfTUGy-DmMyIe5MVsQ6Q2XPAcCx8mQsz_Vju3WXFzbfB1MrbcAkQC5Tqv-dZ41GPQuT_77wojoxiKjOUEzr7gFy5eKkve1Pqz3PzZSRs4TPfRrohBJ1Y4EdEEOJqlFfJWThsQH5wo0TKBl6UohXqN4ZPlrk5sMxQIN0_Exw2WW3FBu2iQlsQfQpMVy99uKnKBSLlkfx7n-Zqc7YDn4ZFhyFGWHDg6NsKZLQpqWVEnqO0vTUUwIXSAKKjvkGqpeB0hRhs1K_JtohAtqZjeQhns6gg7r6i3vmJdeTfsqAaNiH7hxO86dgkmvUddxv6ltoewPMpivRpXoH_KsFtEt-5ErTRwc0o36uok-XkE06Kzn9XBapOLqnRufpKQ1LhBxhHvvP3pkBkHs5AUrlbSXCKxzHeecokTYtsMQyd6uGeUYxdDrwiVGbMYWSE710TtKHM7CQGHjDuDVaRIL9FFLahNWql4bmfafpDfQGpbrXcW9Fny7zpLiIdTaONF53l1rY4xuS_j-CrPwTPLbziKw-QPTQqyJdWTLArmF03lYhxbT5w7Q8Ss5aPFHs5lP2EvtNAz20xTzQiWfgpGRfdizXVuewSYB0dq6hSiRZywofreso-QX4yQ-S79K2QNCAsTozA9JrhcJZMfOimrM9fVbEdOnXIpAYLRakqC9-ORg-BRVCs-o10vkaw_1xWu72yWPxwvDS4BcbMdTUqQo1rW1nhARGI40RxJhouxynJA11XHCCJHEEJ5jofHipgdM2pn4Z2mzTm3_5AW3sCCaGRcS58mBirbHzjDuhS-TVQvPpHh234bC5-Tf0pcLHwI9a0gtIrlu9_oQZNJPXEqZQZy-C_bPHZ_E3DG6ZfIraCEyfKOAZv1SVsHQ4O4lSF-WKGa34gTZ9k9FaJtzUWi3ScC-k27pT4xjpmvK8-SdkfmWcfflvGOMIFfGghrQwRP-M85DPnzN7rfQWTnr_fqOWxLspHLnjGR-OtJSQF952qLjt3Li1vI6OsM&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=8069258177115416000&adk=2857193498&idt=185&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de961f542dd891b32d3aeff150fb77aec0920f9638fdebf13f737a83c010e73a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37856
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F36C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4834981466052&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F36C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4834981466052&version=m202301230201&ct=76&x=1&cor=12909564529962340000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F36C 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A14JgO4EM_3tRKw3jzcVqMqQOGh86S2wv-9t328oRUKvRRyRA3lAvt3jHCw_npTMjEKUiC_mbyPir7e8W6TJ7rrWGZ8WqfOr9YEvJ6ISaYgO-gUOOYCsPnqlG9niVTR0sFC2bNy5S6EhFPqtbCnV6kHe__oWBMZRftL_TFd5PgH2SM6Hs&dbm_d=AKAmf-B2yHR791WgiRlOXT6QsMm7uw-tKlXGV6FylDAsXX0ONNbR0Oe9iH0W4jEbP4XWdJBDADIo6Ytzeolh1oKkEsfGHwN6oCbxg7VrOhb4DwEO4RCYgmaU73tvBGKy_-5A86Wqz5L-O5ac7KU4oattWMLYtFdZCtrdMohkrj7WNPIsyMQDdSuChKhBc6_9Ox8NSoZ565rEolxySdLUEJO2O9JoUtS_2jhkifB9YJsSmjO4t0YYf2pOtqbBID1457a7zqHbO1bAos7Io_QZQDAOdA6tAN8TPUvzrBKNUiq7DCKT-oRPi-fu2fTjGFde6epv_i1FjZJ_kQDGt6nN4GqvlEF5VSA1RzhEXAcIiC076_9B3FmJHcTMLaEp7-Fmob2x2ou_hNeqgk5s0EUGKkzf5rqa4A46xUORQXFTG9CPIN2Gk1Wth7Z7L0NbeowZQxXiMpmes9cy5qDAA4uuyblPpXz7pzBd0DFkmwBQYx3xbqG3zSciixilxSwREc4dolkEaHkM_Aw1HYoMkP1aRn0ceHhmOsZEjrHiQ6M8c-THKGIY2f1qMPlAlo8Zx5DgPkaw8UXxkrG6PKWotWBPRDJfAw6bHytqBl50VuMVCch_LP4gamtXi9ksjCOIQkO5iNfT9QPSjDTH_j0knfIa9PoIHxB6ulHrBu8fAh-fURmSsvMf6DyWuHDzpJHFWfYD1rP7Vc6PG0ZTERh7YNsBtD0JUQCsjBfjSGdMhDvZZHJRh8ySarTyK9f1gZHmeBt7aSPYLqK9Kr7XmU-moMRzfmZ4MRCDb-66e2LLR79KpBhQwma6h9vo3oECex4yuTrPaQS5QAk4r_bKggvXXLrR7cC17q8OJ8TXdwKeAK8bwWQHjvJmxRJHRF27XxdtvU-vxlZ5fcIo1as2rXY_2Rs1IcgoABplAG1SSuM2DkDau1zF703wgaNQq-h5QTxrv79WQRIbVxfC05E01beuN6p_UCMFVcZlpidbgCqe_20-o_Mjv9YPaJw0k-7tO8-5WqXNMx-opYb976q1M7jMOdFtbWv1tASAeyfRdc2nL9ohNSpskuTcKHHfVckFY_mPP0cPROPwy1YB4ILNTDVH5dpVFu-K5jr9SgAZItDydDdOSCFTeO8X_rTgQcX_KR7gK15H6Y2q1osc5qF6_8N88v4N6YBKOmwBzG5ylWvdjXq1GJmOPOURFoeuDG2EMEbj66Nt8OmjzOACRSAXOP_4AbElEBmQFmI8xh13wFS5ERhEY3Ec4cWGRSjnR9VF-HPUPuGsxFp0poWPTyVADYw3qpN226C-QIDTYHlBvogwlBADnYqFVcBjimEtvvG79pSWYE8cJUOJFJ1hLv-E_IfJ6C-FH1uXmsffGWosJXpaqVQpHs3YdFnuL_hI86y5CHbtyEjzbH6pJHKKhVEvOTtwrNGRy_zj93KBFi72PH4Deptv1rxrNOWV8NoGHZW_Ou1DVPJaxz_Ir82LV9PSl8vJKDtZmxqJCEbNvZiznCksNH3jiP5Ken9n79U2xlC2gCSbG4n7dH5HEsjUyG-9JwIjxNlHGZSHKWIr4ITdpCeVatJFRcWeO2yXYrGsPXjE-Om55HPJnvh4XBYo45m_WWpTNlmnl3EW2Xnv4cfqY3V2AlYY4OjG9rZfnXWg7-mdzLKiFullSB-vLgjhu0pQdP0fquRkgHLVCf8wjYH-FOE-zMG2CWbFSU9MdMZ3z0oIaqllD_5CW2n88VQUiy0ImfW26Dly55xZl9qiOSmqgMwGp9iCRC2F2xWtehF9OT2L99-Kw6T9Pz0dZWVS3890j9q83Ax0QxzesF7vnpS_V9SNl2u4FVYBeZ_IQk-b4SZy7dzjjKOjjr34QtW0mU76nqR0KS1kRXc9bYba-ArPrVJNcyaECtfEEgm9-t23YjGnRFkNYDFDFyHTTJtT9flwvL-PkxaIK4C8l47vlJ6dLhBtqCmRbq9lVGp3OMppCTlqfjT28Q8NOaXYZcGT6c3OHD20C_3dmwtvT03uDG6Gdm8bsSJXcl1YmGQ1gqq8FZIGXp3U5JnzfD6hXU12k0WqN2t_sHpfuA2fEug93blgVP32I1n7IEWDn6derGmEfdzXi3_UiF_x25zw2xU4PjhyyzShmOf5a9oE1tqW6ijkJte4QEc130qOzmwtJSc6ylK91v3m6SJqvxASMJFmFLsJ8_Z-VWF3BxaAhMvFgfGzxz9vStzTYXB987TCaP5RP6NFHgthNIY4KAXfWtCLlKWJW38siT652XpMcG_6-mhoLZpT1aaU4iTZ4hgG81B2FTU8Wlo7neZwwD8Z5QUonnyFXZ2M08mEGxXJO2l6xhq5P0a3HpDHOL-YgQVC1fXxkCfYPoSjhcGkFVJcu_Tl9IipLmMxZRVz8DilsbDDwvOvQAvak3psegsiQ56rIa9XVVmBE8gIMIreqbphMVhqn_akiPm6SawGDqtRjcmmqYheGYTULz0xlCGI4GQjWZYQo2pWn5Q7AnpM51flQbASmotXVhWcL7prpKIHpInvoQ_85XNYQhgKYHZYdbhLarRqK6BMP7mfQc5FH69esEr-jyeJDvdHuDt5Cw69Wg6mn_k-NrznHpntyP4U8LYrINWNHc19uaxjdTsyooTywNab2gvOCaRd7z3pFcqefn3uXDBAslcojWTv5QcgFDj01S3g1I5G1qZeVbm45H4poze5nRugFPLvYYlAUbHsnWEwxmjYR52NC3FhjSC2vi-dQJcSzeydTrz0nOk9IX3-wQrSayW8hh_KmjkicU8RToFoowBmSAxRyfViU2gffDjR23wLH1pTp5q23bVK6To4VTSfrC27TnlIDRKxzq4uO74kmbzdaIeD0RdN5naEykO6jp8Eg1p_O5tvGYN92h_geqPvtu59ghioDOTzx47yJDkFf4yWt0a6XAYPp1OOjj9dMPVNw6JbqX19wbygbGCn6uucMt9vsT-6eMtFJ0PDJXdxU0WPXyYEOZsQp9EJPX9wVNSSVjlb5hRsejVPu7YWystd98qNwf_F4195Tzyb2TQCRChU-yQL-UOiF62MuXXU-hrlAy5J8fIo4ySdx4w0zOq_G6O_sVo_lGuAbU1bW8lAcJIpik83MWkL2Rq3X0EzA9PoCzIYN_voqxe45OHbWc9O1dQt1hJEFk6wYEmmdJDBSfuADr7G3z1oel_E5xb4wFUrdvc0VOJm586mv5OnLa3p2HwoLV4mVLULbK41mBfYe9mzatPxCbidstOT5bgMTcnRRtzgoF_FqqIZrdAHMQIQyD9Qkwszfh2aFTusVh6CMlJ8lkdLFk8c40QQQZaBWvvxWBvWTpMInxMzCBENsw4wCbwv4RtU_le36L4c2bN9phXwNIIJrYknM6UJjJQri5cd5A_A0RXhyb2ibjP1-kaNgIWJ7PPnRIg-TGEEzAbaGn6XDN-cKD4dn_iiU9YLohPrmc3sECFjndgylOALvvyMI7ZnoX4iFAbZrYknw1IrANZLXdZrhUwF2zgpySXyvLVSS0GCxOoCoE1GN9fHA_2oxbcgRiq8MFrc1OLleYjJ2gfHSTKK4P6dv450iTZQmRXG1aSpMeDCVr0XgrAX6EpeNrD2ogVR312Sg4wDGM3nVghB-nIa7aRqOK6nsUjA6mWkVVIHRiQ_5oC8Pja1bAsoVpIYIr3z3qb0yLghft9zUXVAlQ&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=12909564529962340000&adk=3047537735&idt=192&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b52711528927060892e10870339ecc5ce012aaeaf2406ab4e9cac3acdbe48ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39521
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
524900d82f47593c26a7d9c7bfe8867f.png
cdn.pixfuture.com/content_widget/logos/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/logos/524900d82f47593c26a7d9c7bfe8867f.png?pxft_v=78879700227588
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/content_widget/pxf_4992x522.min.css?pxft_v=7894205747957524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cf94b76bddd35ba07c27b707556990e03b8f2694473ebf9a1d39a248fb94ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.pixfuture.com/content_widget/pxf_4992x522.min.css?pxft_v=7894205747957524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40148
content-length
7358
last-modified
Tue, 23 Aug 2022 07:55:45 GMT
server
cloudflare
etag
"63048801-1cbe"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcsGtO8E6O0SLeMkIyPlMMNbNTx8TTyjh1idWTXWAtb2IZ8Sh0Ofj6DYjpPhjEc%2BSAR%2FLjQH7FBXFszTAkOyOMO7CX40fcZCNMCbzXnxQLR0D3leIDj2qh2Jnl1GsUGiZVPWn2TJxPPG%2BVnDe5cD"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7d32a99f796e0418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 07 Jun 2023 15:23:48 GMT
cw_ad.js
cdn.pixfuture.com/cw/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cw/cw_ad.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94741d73e4500db83b9e05383f2ac96c80e5c6741314a7adb72312c3f405cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
98876
cf-bgj
minify
last-modified
Thu, 09 Mar 2023 20:35:22 GMT
server
cloudflare
etag
W/"640a430a-c03d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9FRO2ezX21feVbwSPEUo0UkPzX6bg9lyf2MhmfZzKjd%2BQbqi0fEuIyq38OZQ1PER66aHFhz9STOo3apWyXxXH4gepVY1ha4C6WTeHziqjHzO7R9vtYxVKuDhVL5eZ3kkgKftXdE0mxN7W5gmpMr"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7d32a99f99ae0418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 06 Jun 2023 16:34:20 GMT
95d6bbfdac29b315a266d82d4f09c043.jpeg
cdn.pixfuture.com/content_widget/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/95d6bbfdac29b315a266d82d4f09c043.jpeg
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd69d512d54d47e28a7c6debb7757762ffafcf32a8443d744ec71e7440439c59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21487
content-length
159702
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:12:07 GMT
server
cloudflare
etag
"631b0367-26fd6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtvPpZCRcqjyK56cZmryaZ5IOvxdQMKjcq8YR8eHkj5hFKfNd7ITrpBEhQpQiGjmtHouRdF7FwfPqUBg%2FcOm7MqZcTOtT4HMptNvngtzeNEjrsuCbO3lZG7lXFY8g2E9PEY%2FMEDjlIGGntcvgcTM"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7d32a99f99b60418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 07 Jun 2023 23:41:14 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C288 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Origin
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Jun 2023 05:06:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame C288 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqnjkK_3MbAMK3aQ72mFJQ5ZbtGWAhSpZJN5MzYKDepvvpsEcjR7XTp0sTg6OK-ooFKM-ESqZmhqjfpIX63U8d4h3PNmEkktTctaafLx-Zv_0ThfA9No7WWJarE9Q8yE131xBoelqRk4JnqwHKuXhBKOCQytir5FHH3E3l3vWS9KElO-I&dbm_d=AKAmf-C6JmhsIKOjyogqgU1bJM3xUB2Cvmzzuef_6TP4ySV_2Y3LbqZL9bEByQeYW0jgz4fm6tsdcAaUaP5c6cj_gXsRUhpR6yLIsPcdwFHchtOIfMBMEGexVVMR4Me1skIYpCtf43tzPtexN-MVJec5hz4SHtVz-z3rNDwtKJp5KmGwCNimHB6uPojzUESzXw21Wm1nKnwDWKlZrfyor8VZ6V2Zxyjl49jEtosGp1Oy7u0JybcMsoPjmmRFOAKYg37c1QCRobbt8kvjXru1xlk1zf02CidfWgXy7qHZdb9yxzmBv51XTeeLPtjqj625bzNCrrKczJMkChxJgy84gpgMD4ZS9J4n-u1DFSjJMPtWGtqE7tCe-w0b0uiONdLR2F6aQqG1W0yut8L0mB9eWQr2-to553eAMUzGE1v4bcC3WIbA1X50F994jRcDn1sIaF_FZ-5yv4cihP__jEwwE1saBpxpDgRGM-ak41bFWA3CcaEbodm0xxU3OOG59kQaDGOKlvq41zs-kbVc8965cNcQZf7-REzlCi-kDndwMdzS0UcCdd55ZixwG4TxR4PHvNY7dcjLIuDxbNyZlHvHJ0Juy-qAx1QV9_30oA5MfJGOZ0RQfoL8VfMAtDmEffwjSqQG7cT3x9614NgcN4H2sGFZJHnsLGOJ7PSg_-vjMYxMn1UnS2C1OsydIauVwL-_YMGiznM-vGsAdAg_Q-cdV3gJF2L74hzEOS0f59G9eqx_UFbH4OVuJRwJfsq54OXdL_CMvPOBwPv1WkfLvgwI-FWn_M1Ura4KoQgshtO-pb7qPpCpzPxcRK8LYTC-1V-E4bgokG87jt8B1_OpJ39OqPEwn_R3cQs4UW7gp4E0W03jwumys9qfFizjHp5pIVrfXKJ98hLNyu2CsD93Afc42ItzDz8wzRNOnpy3CixoWPZtJ29jLqGKrKSGm9RfXnumSCQ4H8sACAjwqdYriSMhbvxYOEvWa-1l3Eam23pczZqlS3yFub63gl-q97eve5gPouUzQVNRX-lqt9eMjReWhzl1vmSp-J0NYnqQgnGBYMKAmD15FzxQp9uboQ2RTxFBGBx7u_5gCC06Su7XpncxCK__rKlEN107Hd8WMQLA19G5HO1FMzRJACz-CSSfdfNTDsnFL3bSlwlWw4WdtUduWgnnvbJ_NBun2oP1oj4__2b6MVepepmAP-O7YYZfgOEzRqEKOdh-U75WtT-HUgRxSzLHjlqYJVEymZt2wQMlXoYbd9GShMqcvdTm0vRav8e09zC1DxHU9nRJjhWO7s1ve1O2VVFGczrFOBSYmM91s25QTofrVSMPk8vunQtHmrCx0iehd1iQ2D9GhZO-X5KEAx3IruN5oa7M8Bq9dZ7--rRXCr5IZtDR1E0aLTG13xstdLk0A1zCFEx6vKuVWoa-F2nvFXTzwUyP757yyyV-zXLyNU-YvhMUNCS9YtVvkJgM68pZ86tTT28_WlXknyeJ573heJnVFfq0i8HoG99l2AvOhWvYrnAQx8pC4cTGTxTPlAU3y1u6Q3D_CNlptkuCQWBPU4oOCZRKC1qynRFD3l1KdxUoWJ-yjDdoqBMK6HWVerEARgJGPzClQjDRZV-QE1KagQwb4ioQcHe0cX1NscRGKRr9Nhp5Zu3oFVT6y_-v3TDJt4MKpBeVdBU9gky3TGypmFgYYWiByRfD9m1YGR7QmJMoBRLwOl4QPGwkSrf9IoxNmHd7-eiafoJVbsQhdbqF1Br-enARgs1I8cE5u98ORfi_DrzPtNjzwKqCO0UUNEEA-2vP68DZS0GRIMSVzIL0jHdpQ_VGbfEzWtSC7IU7Lyuy9GDmXreTqR4CzfFwcsmntu1mLwVcIu54JUXAtoFQrrEKKFOy5OUxRUQ_dZdLHW4wv7mqvqyuXmsZN_ZIKisUwFQTmGzvOWjjedGd0ZfizrTvp_ons0WFPmUXCcZ3xwZc_cqXOhVQbrU91i2p1AqRJhX_pbW8meKEbljBJU7pRjKSMLWr13jG_pvQe_i6x0y8NJqM4fthf7wXFxwERRCHG-iuwv2P_TT3_xC1jtFB9NheY7DuuWaYTjdHDFS3dUIw8mrsxZK3LAmMz2E76-voSteeY2YjyMbJrVC07KXCPtgiF-COi963kgxjHb8cIVFdrgiVm6WSEk0AnL16BxFq5cbzbC9ELUx7d7cf7oDTqTK1OseXDk_4XXhIW8aFl9CmBdAmtA06wtH8wFYBiKfBrgr4SuZUkbjW7S59ar0wksy1GV2KRlvxhu4pLMPoNrsGrPjG3wbZwojOmNDJNlmfx_OoncZ0SI0wPnqiDF-R2y2ay02VCmccbY2MW2FwwgvjOrTOoAoXfg2l18dmIdRJ1LQCzhjJmDr3S8XubjeJmFayTY-jVNiWD6-RczB6KX7fyeDbCn3EOO2WJTdAWSzeIV3EPYruEtwDYjkFleNys9loHYagWrvCF1gUcgDU7u0ovzRji_HPwLGzYqVcqsW3Mt1KJ_IXze15Y5lUwRATtJg7CqmAcrDko89lJiZM_O3ar8n7sptt3IoDXbfd7gj-jvQq6KLDvcIuwRDo_PSkRja8d6eHXv1f7Vt2XrGEzuBuuqbHHFfZQffLJRwRCeqpVyrJ3qZ80FgQOwSBCjjPBntqiqas9CBdE78U9AfM3V28cbmlnDv9pKAPR8GXmj2_RtEPuk9q1fTvS0hallohr-kQm8xKdr4wvPZuhHmOb4X56Jb3YmGCqJrXR_HHdl67Dsz1_sAXKZY-zkbr5ZxYKjD9MX2L7fCAX2NGzBArECa5b9ghTPlJ84FVU4pXwse1mI2U7R6Pyto7Hy-eUD8mPIhNF4sYej87qhlkG9z2xev8cvbtwc7Tiaf1716x_PgN-Hs4HE7q5WytpCeNRQoE1Vps11SXf12OqDuEyqIty2c6Z57aWgWTPXxkVNTAqsNR-0i9yz7xsyLnK7SWnhXFJJf39JmCuoz_gGdd5XKB1_DgPPv3Zze2YNOGGIGz5GMi5Hg-f1K4w3QdMvG_ujqxnTfZoeWfKrV-mdlXhXxGjbzFwjAaQmAVZijfOdFKcwXg2SpfBqFo0WZtOMPAM5FAuZaardP6WNWpsLUm3bEjzFnEmiGkuaUh5UiT26ZRjf00djeoLMYWMmVxcNSiuVHAPIf-fjWBqZui3zCttzvbGnWA_xTZPcSsFMmdpp1jXWCWsyWn_H5K_a498FDGrZRmxwxVRFNddRBKSPFP6ObVD1DwPJZzfpa8MRgrf_fKHal8rbo2igPwnvZBBHYqNH644hTSolhIuPFMT2mhfJb6D4SHjsrWX2Diuv6r2V4pkpzX6gLbaCu56LbINH6NNwe_O3bQw1wlHRWGX-Sc8eyiTeaENh8Ct9gT3FAGwuAdyKfyoSQc4Bd8NtFnRFAZFrhwL25sde8KQ_sgsk-N5c2tdwukgDNM6Q_hIWpXmrTODkRYiklIAfTaDHT12aWQAne-6pYCDctxIlp6Dsk11H8-165o9kUnMETFSgg40-UDHdkmAbP-rYKQanUzwpR6-raOB50-MoEqOqnQa85nGwwSLOhz-tN-ngw64AgtG5njrZ5zfcHSR03a5PxKsmlmI-0X6nCmhZyLh5qP8deI0jz7r74mztaXlrezP7WfImhNrILOsb5fPicXisHOchD_R9TK7G2KMl8ugY13BVFvIam1L-6J3YirHguHETEaENn5hoQtzHX-X9sl81bfjVTzfL4C7AL2i5NHC3WxqPDInoJPVM_fjvE-E08qauhd-t5xOQcg2JtYMPjyi3C8cK9kHtlfkDSYhFl3Sjra190zgzDFw3yUej9YVoI&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=18239272352981494000&adk=1964084972&idt=148&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 14:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
14644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 14:15:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame C288 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqnjkK_3MbAMK3aQ72mFJQ5ZbtGWAhSpZJN5MzYKDepvvpsEcjR7XTp0sTg6OK-ooFKM-ESqZmhqjfpIX63U8d4h3PNmEkktTctaafLx-Zv_0ThfA9No7WWJarE9Q8yE131xBoelqRk4JnqwHKuXhBKOCQytir5FHH3E3l3vWS9KElO-I&dbm_d=AKAmf-C6JmhsIKOjyogqgU1bJM3xUB2Cvmzzuef_6TP4ySV_2Y3LbqZL9bEByQeYW0jgz4fm6tsdcAaUaP5c6cj_gXsRUhpR6yLIsPcdwFHchtOIfMBMEGexVVMR4Me1skIYpCtf43tzPtexN-MVJec5hz4SHtVz-z3rNDwtKJp5KmGwCNimHB6uPojzUESzXw21Wm1nKnwDWKlZrfyor8VZ6V2Zxyjl49jEtosGp1Oy7u0JybcMsoPjmmRFOAKYg37c1QCRobbt8kvjXru1xlk1zf02CidfWgXy7qHZdb9yxzmBv51XTeeLPtjqj625bzNCrrKczJMkChxJgy84gpgMD4ZS9J4n-u1DFSjJMPtWGtqE7tCe-w0b0uiONdLR2F6aQqG1W0yut8L0mB9eWQr2-to553eAMUzGE1v4bcC3WIbA1X50F994jRcDn1sIaF_FZ-5yv4cihP__jEwwE1saBpxpDgRGM-ak41bFWA3CcaEbodm0xxU3OOG59kQaDGOKlvq41zs-kbVc8965cNcQZf7-REzlCi-kDndwMdzS0UcCdd55ZixwG4TxR4PHvNY7dcjLIuDxbNyZlHvHJ0Juy-qAx1QV9_30oA5MfJGOZ0RQfoL8VfMAtDmEffwjSqQG7cT3x9614NgcN4H2sGFZJHnsLGOJ7PSg_-vjMYxMn1UnS2C1OsydIauVwL-_YMGiznM-vGsAdAg_Q-cdV3gJF2L74hzEOS0f59G9eqx_UFbH4OVuJRwJfsq54OXdL_CMvPOBwPv1WkfLvgwI-FWn_M1Ura4KoQgshtO-pb7qPpCpzPxcRK8LYTC-1V-E4bgokG87jt8B1_OpJ39OqPEwn_R3cQs4UW7gp4E0W03jwumys9qfFizjHp5pIVrfXKJ98hLNyu2CsD93Afc42ItzDz8wzRNOnpy3CixoWPZtJ29jLqGKrKSGm9RfXnumSCQ4H8sACAjwqdYriSMhbvxYOEvWa-1l3Eam23pczZqlS3yFub63gl-q97eve5gPouUzQVNRX-lqt9eMjReWhzl1vmSp-J0NYnqQgnGBYMKAmD15FzxQp9uboQ2RTxFBGBx7u_5gCC06Su7XpncxCK__rKlEN107Hd8WMQLA19G5HO1FMzRJACz-CSSfdfNTDsnFL3bSlwlWw4WdtUduWgnnvbJ_NBun2oP1oj4__2b6MVepepmAP-O7YYZfgOEzRqEKOdh-U75WtT-HUgRxSzLHjlqYJVEymZt2wQMlXoYbd9GShMqcvdTm0vRav8e09zC1DxHU9nRJjhWO7s1ve1O2VVFGczrFOBSYmM91s25QTofrVSMPk8vunQtHmrCx0iehd1iQ2D9GhZO-X5KEAx3IruN5oa7M8Bq9dZ7--rRXCr5IZtDR1E0aLTG13xstdLk0A1zCFEx6vKuVWoa-F2nvFXTzwUyP757yyyV-zXLyNU-YvhMUNCS9YtVvkJgM68pZ86tTT28_WlXknyeJ573heJnVFfq0i8HoG99l2AvOhWvYrnAQx8pC4cTGTxTPlAU3y1u6Q3D_CNlptkuCQWBPU4oOCZRKC1qynRFD3l1KdxUoWJ-yjDdoqBMK6HWVerEARgJGPzClQjDRZV-QE1KagQwb4ioQcHe0cX1NscRGKRr9Nhp5Zu3oFVT6y_-v3TDJt4MKpBeVdBU9gky3TGypmFgYYWiByRfD9m1YGR7QmJMoBRLwOl4QPGwkSrf9IoxNmHd7-eiafoJVbsQhdbqF1Br-enARgs1I8cE5u98ORfi_DrzPtNjzwKqCO0UUNEEA-2vP68DZS0GRIMSVzIL0jHdpQ_VGbfEzWtSC7IU7Lyuy9GDmXreTqR4CzfFwcsmntu1mLwVcIu54JUXAtoFQrrEKKFOy5OUxRUQ_dZdLHW4wv7mqvqyuXmsZN_ZIKisUwFQTmGzvOWjjedGd0ZfizrTvp_ons0WFPmUXCcZ3xwZc_cqXOhVQbrU91i2p1AqRJhX_pbW8meKEbljBJU7pRjKSMLWr13jG_pvQe_i6x0y8NJqM4fthf7wXFxwERRCHG-iuwv2P_TT3_xC1jtFB9NheY7DuuWaYTjdHDFS3dUIw8mrsxZK3LAmMz2E76-voSteeY2YjyMbJrVC07KXCPtgiF-COi963kgxjHb8cIVFdrgiVm6WSEk0AnL16BxFq5cbzbC9ELUx7d7cf7oDTqTK1OseXDk_4XXhIW8aFl9CmBdAmtA06wtH8wFYBiKfBrgr4SuZUkbjW7S59ar0wksy1GV2KRlvxhu4pLMPoNrsGrPjG3wbZwojOmNDJNlmfx_OoncZ0SI0wPnqiDF-R2y2ay02VCmccbY2MW2FwwgvjOrTOoAoXfg2l18dmIdRJ1LQCzhjJmDr3S8XubjeJmFayTY-jVNiWD6-RczB6KX7fyeDbCn3EOO2WJTdAWSzeIV3EPYruEtwDYjkFleNys9loHYagWrvCF1gUcgDU7u0ovzRji_HPwLGzYqVcqsW3Mt1KJ_IXze15Y5lUwRATtJg7CqmAcrDko89lJiZM_O3ar8n7sptt3IoDXbfd7gj-jvQq6KLDvcIuwRDo_PSkRja8d6eHXv1f7Vt2XrGEzuBuuqbHHFfZQffLJRwRCeqpVyrJ3qZ80FgQOwSBCjjPBntqiqas9CBdE78U9AfM3V28cbmlnDv9pKAPR8GXmj2_RtEPuk9q1fTvS0hallohr-kQm8xKdr4wvPZuhHmOb4X56Jb3YmGCqJrXR_HHdl67Dsz1_sAXKZY-zkbr5ZxYKjD9MX2L7fCAX2NGzBArECa5b9ghTPlJ84FVU4pXwse1mI2U7R6Pyto7Hy-eUD8mPIhNF4sYej87qhlkG9z2xev8cvbtwc7Tiaf1716x_PgN-Hs4HE7q5WytpCeNRQoE1Vps11SXf12OqDuEyqIty2c6Z57aWgWTPXxkVNTAqsNR-0i9yz7xsyLnK7SWnhXFJJf39JmCuoz_gGdd5XKB1_DgPPv3Zze2YNOGGIGz5GMi5Hg-f1K4w3QdMvG_ujqxnTfZoeWfKrV-mdlXhXxGjbzFwjAaQmAVZijfOdFKcwXg2SpfBqFo0WZtOMPAM5FAuZaardP6WNWpsLUm3bEjzFnEmiGkuaUh5UiT26ZRjf00djeoLMYWMmVxcNSiuVHAPIf-fjWBqZui3zCttzvbGnWA_xTZPcSsFMmdpp1jXWCWsyWn_H5K_a498FDGrZRmxwxVRFNddRBKSPFP6ObVD1DwPJZzfpa8MRgrf_fKHal8rbo2igPwnvZBBHYqNH644hTSolhIuPFMT2mhfJb6D4SHjsrWX2Diuv6r2V4pkpzX6gLbaCu56LbINH6NNwe_O3bQw1wlHRWGX-Sc8eyiTeaENh8Ct9gT3FAGwuAdyKfyoSQc4Bd8NtFnRFAZFrhwL25sde8KQ_sgsk-N5c2tdwukgDNM6Q_hIWpXmrTODkRYiklIAfTaDHT12aWQAne-6pYCDctxIlp6Dsk11H8-165o9kUnMETFSgg40-UDHdkmAbP-rYKQanUzwpR6-raOB50-MoEqOqnQa85nGwwSLOhz-tN-ngw64AgtG5njrZ5zfcHSR03a5PxKsmlmI-0X6nCmhZyLh5qP8deI0jz7r74mztaXlrezP7WfImhNrILOsb5fPicXisHOchD_R9TK7G2KMl8ugY13BVFvIam1L-6J3YirHguHETEaENn5hoQtzHX-X9sl81bfjVTzfL4C7AL2i5NHC3WxqPDInoJPVM_fjvE-E08qauhd-t5xOQcg2JtYMPjyi3C8cK9kHtlfkDSYhFl3Sjra190zgzDFw3yUej9YVoI&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=18239272352981494000&adk=1964084972&idt=148&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
76536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 21:03:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C288 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 18:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Jun 2024 18:25:16 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1302878/68126404/ Frame D29F 		244 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1302878/68126404/skeleton.js?ias_dspID=3&ias_campId=1010093102&ias_pubId=pub-8017808889715710&ias_chanId=1&ias_placementId=19421203336&bidurl=https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h43M6r50GA0qeExdR8HjTL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aimarl6hKciiKGF9y_5D0yulb_aau0NB8KZJhEKmdUth4HjBm-WADI9Mu6l40xwPTQh3PkMMpdxN5ERcJ-oM-iGbz1mtDsUYpFA4UaKXfEumEJpQfDMKtxiCXZR5oFsbAamcOp7Cz2e4pJDCHeFxgpnjq5J6z4NbtjhgFVgGOGBIK7QA8&dbm_d=AKAmf-AkpILMNI-yQpWAEVHDH9Fk4bxj-Tpv9IXBoCH3nSlIFi7eQ8p2FCM0YW8lTXS_aLsV4egGap4IDkYQje9QvWGmk4FK40sycRgSWn1kDqZcM5LUhXBovm9DsSAZ3zeaWXOW4gQbnSkbV3Wlr3n4kV2OsbgFE87oR3eir4LvHUUwfeOKMWg6y6K94v_sD943wdBoQrzCfSLA7Pf8NXcHVe-Cm-N7UH5o8Ne4j_A9hcpuWrONWSeuHw_RVEsvP2wWFfKXsnIc5PRdrpcK_DPykzfhf3q6Xz-r0WiLgtsFarMkiWf--licFKBYk84vDlKf7w65915zi2LmdX5b-8kpgNJqfYVplLDs8kz_ZNnsMmmtRAER0SVWU5p9C-zzgUdu93dDaAPaX3w919nRhKCDTUiLbWnQ_wn-C_5gItgZUPPZqb6vk-UtxAdPJNSTvZp-54lJP0qQPSAcE8tfnPoIrUFSF7whSNMTsgxne6EvsjJzDrsEjf9Mnp1gnVlT8E75K0dZhFvfxlCm-xRTJ7d-jQ9KkpaQ5_p12FzyF9LmWtH_31NnfKe5M7OBQyw2dg4y4kD1ElqbbCgWN2DjC5IQdZFRgnuwf0gNRHaY0sdVY3KSQVonRP6fa4Usxmn-ud77WEaI-I9quqv_M7Zw1X7ZfwdriCP8g1hgUB3OrXAatVNcxcl24GrGrTu6PNibwK8ZzB0fNiqvDVaK7lCPLIjjG8lyZxValLpO9hyWOXMdtNe2U8C2zc4hWqHz-AHWaQ3xCYInZaLBvlT9y5NKfdKgAURTHb1xabN1dRknMENNdqg-9FTUTsLbdyjXmb1IeHmjBB3p89pMJW95-jJPbR1YR6qrnXufjKVypnuZ9qhcQvIN2VMuDz_90P90KIR95ejCUoc0RhLxo1IleNvRdEz9uyysy29j8guUljxz8lzkXyhe5nwVFgQVW2yPLU5UjstwGTc30aulbXHXaooET0H2hTGQ4X2t2Pq7DSk7NgcYUfkPp3Z-wrjf7HWBO3SUZ1DjGgdKTfITDVUUCJwnO-4nytemyuieNgRm1ofZqONH0TRF5xkxl-CeWyJtoNE5IG7F8z944_jY3UDypPf9_IgtvG3Uk1v-ze2bK-tWAj3FAvJhdsiiRuxTAt5ohzrdYI2f-QbPT-v47_Vf0sTzj-oM-xNoO8z0P027XZl836WHqAXUUIRPX4y8en05IJg9_gRbme9wPDJQKOGx8CgkJ0DgimcgYJMKjyCUcASZCYICvBTj9tFHDvgUyuV3J3zC6JCcuHyy5oSTJWMt_9L8Ab9CWi6SlAjeg2e59PPmKKKurr6rmqEJ_RhPtHSpVQzj2q7y_X1ghpUzYdd4e3QamFSx1mnyslY44lM0nepTFNjjv2hKl5VsBbi8vxVrpCEVOgqtQL9dWDYQjIU84jJyk3ZsbAnFFIkuNoiyfIWfX45_8TfNDvuxAie5X1iQvDysXQ_vJTPww1OvznILZPxhVrRuWYCQI1BlQ-g2mMl05nrpIXDJ0_18gSoN5lRjaJHu4erQ8A5SOiFcCrauTmZxWEt79TMeN0oPVC97F9RpvZiv_-evJOj7c-VzSYqySvmPsb-l4MI4qVorDzJjPjM-DEcqCY3ZYjOxR3EFwvCzJ_imc0gp2TX0nl5-GuGb4xByGYVtYZeWCE0K_Ee8oEw-a7lW_Gxtpdocah5zfkx5JXQdNVw0XG7p5Rx_MWDZpO8CNEzcYaMO7ciF8zNGb_cc_pMpMGLElySkIxtUVLbve6MbeBERDTZj9SF9pu_VVWWjhS6-TUdSw2EvtZGetJnGn18ioIXCAxx1nMEgXhhrP08ULDr3QxGnRq0VULuYo0jRtNcS4QFucu_C7K3NEv_LTdeK1O09NPLqZG44jsnyIpYyVTAPHY76WYClkbNzfKsAHBspvLOa9fOLF1jRQDg5CDT71mhc8FvCBpBgjG2Wi9lorpHIyinUNPoIq2yyVlQVPKyF5dpL0l7ay7e0O7rUU-3zEviCJcoe-0IqNjAQVLpWmbttTgC4CbU_shX-cOkMu-EkqmD6UaD0284kmrU2DfipmQGiDiJYOsmvwnVmLQmwW8o2l6HemuTwCIyoONqMtPW6vqEkVRp_3kRDA50gLK7Z98jIK-Eeyt49eZAdz_LU90waTEnOnGXDH1924u5bTQ2jAkj6GV-BMm6RDqWkbTEHIBWa9WgwPj8QVZ-40DTrdbOKu6ivf1uFV2SX4jgyTK9HM82VbgaDlK7R_7I_lCEihUxeM9lRXxlKVp8iOm4iyL3Clvo4_TEohm6v2RVudkS1lXflxM6yLEzy1TIfbGOnpF8HAMC8sON9D8VeUq3orCVNVAp8DJWWlvXmknQN-_M_Wyx4KVDiqzCklpgs-U-BkWfFGOJV4ClrrU41KimqSgn2SfgqYmQ5AkjJuhM8IzTCCccq6VLi26ny_DWUFD26O-nHKjanb436a6GrHwOQQkHGPOJ3Js-6qsm-4UtsJt5S--H7nKXCP-iWc_FRuBzyazM2u6X4xb6NElDP7Is5l8NvpTckhFLw8Py5YzG5pLqocQhSWfAtMMSjuifPTvY_jo_wSkjBISOO3NYhAJ6Ci6NQ96_0ewkCoElLr4mFRjiEnfltuaQEdVxzwd7da_NYcUEEkN03XAWiMlNFDawKvWfE82Abs51KvJa00bZQ4WaFDNgnkpzEzZMtjrA70F-tKYhl9JcHseNpD8dCenwzEXoZBEuTRAcWt_-6JYsK4VtSPJHfTUGy-DmMyIe5MVsQ6Q2XPAcCx8mQsz_Vju3WXFzbfB1MrbcAkQC5Tqv-dZ41GPQuT_77wojoxiKjOUEzr7gFy5eKkve1Pqz3PzZSRs4TPfRrohBJ1Y4EdEEOJqlFfJWThsQH5wo0TKBl6UohXqN4ZPlrk5sMxQIN0_Exw2WW3FBu2iQlsQfQpMVy99uKnKBSLlkfx7n-Zqc7YDn4ZFhyFGWHDg6NsKZLQpqWVEnqO0vTUUwIXSAKKjvkGqpeB0hRhs1K_JtohAtqZjeQhns6gg7r6i3vmJdeTfsqAaNiH7hxO86dgkmvUddxv6ltoewPMpivRpXoH_KsFtEt-5ErTRwc0o36uok-XkE06Kzn9XBapOLqnRufpKQ1LhBxhHvvP3pkBkHs5AUrlbSXCKxzHeecokTYtsMQyd6uGeUYxdDrwiVGbMYWSE710TtKHM7CQGHjDuDVaRIL9FFLahNWql4bmfafpDfQGpbrXcW9Fny7zpLiIdTaONF53l1rY4xuS_j-CrPwTPLbziKw-QPTQqyJdWTLArmF03lYhxbT5w7Q8Ss5aPFHs5lP2EvtNAz20xTzQiWfgpGRfdizXVuewSYB0dq6hSiRZywofreso-QX4yQ-S79K2QNCAsTozA9JrhcJZMfOimrM9fVbEdOnXIpAYLRakqC9-ORg-BRVCs-o10vkaw_1xWu72yWPxwvDS4BcbMdTUqQo1rW1nhARGI40RxJhouxynJA11XHCCJHEEJ5jofHipgdM2pn4Z2mzTm3_5AW3sCCaGRcS58mBirbHzjDuhS-TVQvPpHh234bC5-Tf0pcLHwI9a0gtIrlu9_oQZNJPXEqZQZy-C_bPHZ_E3DG6ZfIraCEyfKOAZv1SVsHQ4O4lSF-WKGa34gTZ9k9FaJtzUWi3ScC-k27pT4xjpmvK8-SdkfmWcfflvGOMIFfGghrQwRP-M85DPnzN7rfQWTnr_fqOWxLspHLnjGR-OtJSQF952qLjt3Li1vI6OsM&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=8069258177115416000&adk=2857193498&idt=185&cac=0&dtd=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.211.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-211-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8f72012e0b5d04f9036e2a5ef4030d78ca3055e17b624fc68bca45111b7455d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame D29F 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aimarl6hKciiKGF9y_5D0yulb_aau0NB8KZJhEKmdUth4HjBm-WADI9Mu6l40xwPTQh3PkMMpdxN5ERcJ-oM-iGbz1mtDsUYpFA4UaKXfEumEJpQfDMKtxiCXZR5oFsbAamcOp7Cz2e4pJDCHeFxgpnjq5J6z4NbtjhgFVgGOGBIK7QA8&dbm_d=AKAmf-AkpILMNI-yQpWAEVHDH9Fk4bxj-Tpv9IXBoCH3nSlIFi7eQ8p2FCM0YW8lTXS_aLsV4egGap4IDkYQje9QvWGmk4FK40sycRgSWn1kDqZcM5LUhXBovm9DsSAZ3zeaWXOW4gQbnSkbV3Wlr3n4kV2OsbgFE87oR3eir4LvHUUwfeOKMWg6y6K94v_sD943wdBoQrzCfSLA7Pf8NXcHVe-Cm-N7UH5o8Ne4j_A9hcpuWrONWSeuHw_RVEsvP2wWFfKXsnIc5PRdrpcK_DPykzfhf3q6Xz-r0WiLgtsFarMkiWf--licFKBYk84vDlKf7w65915zi2LmdX5b-8kpgNJqfYVplLDs8kz_ZNnsMmmtRAER0SVWU5p9C-zzgUdu93dDaAPaX3w919nRhKCDTUiLbWnQ_wn-C_5gItgZUPPZqb6vk-UtxAdPJNSTvZp-54lJP0qQPSAcE8tfnPoIrUFSF7whSNMTsgxne6EvsjJzDrsEjf9Mnp1gnVlT8E75K0dZhFvfxlCm-xRTJ7d-jQ9KkpaQ5_p12FzyF9LmWtH_31NnfKe5M7OBQyw2dg4y4kD1ElqbbCgWN2DjC5IQdZFRgnuwf0gNRHaY0sdVY3KSQVonRP6fa4Usxmn-ud77WEaI-I9quqv_M7Zw1X7ZfwdriCP8g1hgUB3OrXAatVNcxcl24GrGrTu6PNibwK8ZzB0fNiqvDVaK7lCPLIjjG8lyZxValLpO9hyWOXMdtNe2U8C2zc4hWqHz-AHWaQ3xCYInZaLBvlT9y5NKfdKgAURTHb1xabN1dRknMENNdqg-9FTUTsLbdyjXmb1IeHmjBB3p89pMJW95-jJPbR1YR6qrnXufjKVypnuZ9qhcQvIN2VMuDz_90P90KIR95ejCUoc0RhLxo1IleNvRdEz9uyysy29j8guUljxz8lzkXyhe5nwVFgQVW2yPLU5UjstwGTc30aulbXHXaooET0H2hTGQ4X2t2Pq7DSk7NgcYUfkPp3Z-wrjf7HWBO3SUZ1DjGgdKTfITDVUUCJwnO-4nytemyuieNgRm1ofZqONH0TRF5xkxl-CeWyJtoNE5IG7F8z944_jY3UDypPf9_IgtvG3Uk1v-ze2bK-tWAj3FAvJhdsiiRuxTAt5ohzrdYI2f-QbPT-v47_Vf0sTzj-oM-xNoO8z0P027XZl836WHqAXUUIRPX4y8en05IJg9_gRbme9wPDJQKOGx8CgkJ0DgimcgYJMKjyCUcASZCYICvBTj9tFHDvgUyuV3J3zC6JCcuHyy5oSTJWMt_9L8Ab9CWi6SlAjeg2e59PPmKKKurr6rmqEJ_RhPtHSpVQzj2q7y_X1ghpUzYdd4e3QamFSx1mnyslY44lM0nepTFNjjv2hKl5VsBbi8vxVrpCEVOgqtQL9dWDYQjIU84jJyk3ZsbAnFFIkuNoiyfIWfX45_8TfNDvuxAie5X1iQvDysXQ_vJTPww1OvznILZPxhVrRuWYCQI1BlQ-g2mMl05nrpIXDJ0_18gSoN5lRjaJHu4erQ8A5SOiFcCrauTmZxWEt79TMeN0oPVC97F9RpvZiv_-evJOj7c-VzSYqySvmPsb-l4MI4qVorDzJjPjM-DEcqCY3ZYjOxR3EFwvCzJ_imc0gp2TX0nl5-GuGb4xByGYVtYZeWCE0K_Ee8oEw-a7lW_Gxtpdocah5zfkx5JXQdNVw0XG7p5Rx_MWDZpO8CNEzcYaMO7ciF8zNGb_cc_pMpMGLElySkIxtUVLbve6MbeBERDTZj9SF9pu_VVWWjhS6-TUdSw2EvtZGetJnGn18ioIXCAxx1nMEgXhhrP08ULDr3QxGnRq0VULuYo0jRtNcS4QFucu_C7K3NEv_LTdeK1O09NPLqZG44jsnyIpYyVTAPHY76WYClkbNzfKsAHBspvLOa9fOLF1jRQDg5CDT71mhc8FvCBpBgjG2Wi9lorpHIyinUNPoIq2yyVlQVPKyF5dpL0l7ay7e0O7rUU-3zEviCJcoe-0IqNjAQVLpWmbttTgC4CbU_shX-cOkMu-EkqmD6UaD0284kmrU2DfipmQGiDiJYOsmvwnVmLQmwW8o2l6HemuTwCIyoONqMtPW6vqEkVRp_3kRDA50gLK7Z98jIK-Eeyt49eZAdz_LU90waTEnOnGXDH1924u5bTQ2jAkj6GV-BMm6RDqWkbTEHIBWa9WgwPj8QVZ-40DTrdbOKu6ivf1uFV2SX4jgyTK9HM82VbgaDlK7R_7I_lCEihUxeM9lRXxlKVp8iOm4iyL3Clvo4_TEohm6v2RVudkS1lXflxM6yLEzy1TIfbGOnpF8HAMC8sON9D8VeUq3orCVNVAp8DJWWlvXmknQN-_M_Wyx4KVDiqzCklpgs-U-BkWfFGOJV4ClrrU41KimqSgn2SfgqYmQ5AkjJuhM8IzTCCccq6VLi26ny_DWUFD26O-nHKjanb436a6GrHwOQQkHGPOJ3Js-6qsm-4UtsJt5S--H7nKXCP-iWc_FRuBzyazM2u6X4xb6NElDP7Is5l8NvpTckhFLw8Py5YzG5pLqocQhSWfAtMMSjuifPTvY_jo_wSkjBISOO3NYhAJ6Ci6NQ96_0ewkCoElLr4mFRjiEnfltuaQEdVxzwd7da_NYcUEEkN03XAWiMlNFDawKvWfE82Abs51KvJa00bZQ4WaFDNgnkpzEzZMtjrA70F-tKYhl9JcHseNpD8dCenwzEXoZBEuTRAcWt_-6JYsK4VtSPJHfTUGy-DmMyIe5MVsQ6Q2XPAcCx8mQsz_Vju3WXFzbfB1MrbcAkQC5Tqv-dZ41GPQuT_77wojoxiKjOUEzr7gFy5eKkve1Pqz3PzZSRs4TPfRrohBJ1Y4EdEEOJqlFfJWThsQH5wo0TKBl6UohXqN4ZPlrk5sMxQIN0_Exw2WW3FBu2iQlsQfQpMVy99uKnKBSLlkfx7n-Zqc7YDn4ZFhyFGWHDg6NsKZLQpqWVEnqO0vTUUwIXSAKKjvkGqpeB0hRhs1K_JtohAtqZjeQhns6gg7r6i3vmJdeTfsqAaNiH7hxO86dgkmvUddxv6ltoewPMpivRpXoH_KsFtEt-5ErTRwc0o36uok-XkE06Kzn9XBapOLqnRufpKQ1LhBxhHvvP3pkBkHs5AUrlbSXCKxzHeecokTYtsMQyd6uGeUYxdDrwiVGbMYWSE710TtKHM7CQGHjDuDVaRIL9FFLahNWql4bmfafpDfQGpbrXcW9Fny7zpLiIdTaONF53l1rY4xuS_j-CrPwTPLbziKw-QPTQqyJdWTLArmF03lYhxbT5w7Q8Ss5aPFHs5lP2EvtNAz20xTzQiWfgpGRfdizXVuewSYB0dq6hSiRZywofreso-QX4yQ-S79K2QNCAsTozA9JrhcJZMfOimrM9fVbEdOnXIpAYLRakqC9-ORg-BRVCs-o10vkaw_1xWu72yWPxwvDS4BcbMdTUqQo1rW1nhARGI40RxJhouxynJA11XHCCJHEEJ5jofHipgdM2pn4Z2mzTm3_5AW3sCCaGRcS58mBirbHzjDuhS-TVQvPpHh234bC5-Tf0pcLHwI9a0gtIrlu9_oQZNJPXEqZQZy-C_bPHZ_E3DG6ZfIraCEyfKOAZv1SVsHQ4O4lSF-WKGa34gTZ9k9FaJtzUWi3ScC-k27pT4xjpmvK8-SdkfmWcfflvGOMIFfGghrQwRP-M85DPnzN7rfQWTnr_fqOWxLspHLnjGR-OtJSQF952qLjt3Li1vI6OsM&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=8069258177115416000&adk=2857193498&idt=185&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
76536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 21:03:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame D29F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aimarl6hKciiKGF9y_5D0yulb_aau0NB8KZJhEKmdUth4HjBm-WADI9Mu6l40xwPTQh3PkMMpdxN5ERcJ-oM-iGbz1mtDsUYpFA4UaKXfEumEJpQfDMKtxiCXZR5oFsbAamcOp7Cz2e4pJDCHeFxgpnjq5J6z4NbtjhgFVgGOGBIK7QA8&dbm_d=AKAmf-AkpILMNI-yQpWAEVHDH9Fk4bxj-Tpv9IXBoCH3nSlIFi7eQ8p2FCM0YW8lTXS_aLsV4egGap4IDkYQje9QvWGmk4FK40sycRgSWn1kDqZcM5LUhXBovm9DsSAZ3zeaWXOW4gQbnSkbV3Wlr3n4kV2OsbgFE87oR3eir4LvHUUwfeOKMWg6y6K94v_sD943wdBoQrzCfSLA7Pf8NXcHVe-Cm-N7UH5o8Ne4j_A9hcpuWrONWSeuHw_RVEsvP2wWFfKXsnIc5PRdrpcK_DPykzfhf3q6Xz-r0WiLgtsFarMkiWf--licFKBYk84vDlKf7w65915zi2LmdX5b-8kpgNJqfYVplLDs8kz_ZNnsMmmtRAER0SVWU5p9C-zzgUdu93dDaAPaX3w919nRhKCDTUiLbWnQ_wn-C_5gItgZUPPZqb6vk-UtxAdPJNSTvZp-54lJP0qQPSAcE8tfnPoIrUFSF7whSNMTsgxne6EvsjJzDrsEjf9Mnp1gnVlT8E75K0dZhFvfxlCm-xRTJ7d-jQ9KkpaQ5_p12FzyF9LmWtH_31NnfKe5M7OBQyw2dg4y4kD1ElqbbCgWN2DjC5IQdZFRgnuwf0gNRHaY0sdVY3KSQVonRP6fa4Usxmn-ud77WEaI-I9quqv_M7Zw1X7ZfwdriCP8g1hgUB3OrXAatVNcxcl24GrGrTu6PNibwK8ZzB0fNiqvDVaK7lCPLIjjG8lyZxValLpO9hyWOXMdtNe2U8C2zc4hWqHz-AHWaQ3xCYInZaLBvlT9y5NKfdKgAURTHb1xabN1dRknMENNdqg-9FTUTsLbdyjXmb1IeHmjBB3p89pMJW95-jJPbR1YR6qrnXufjKVypnuZ9qhcQvIN2VMuDz_90P90KIR95ejCUoc0RhLxo1IleNvRdEz9uyysy29j8guUljxz8lzkXyhe5nwVFgQVW2yPLU5UjstwGTc30aulbXHXaooET0H2hTGQ4X2t2Pq7DSk7NgcYUfkPp3Z-wrjf7HWBO3SUZ1DjGgdKTfITDVUUCJwnO-4nytemyuieNgRm1ofZqONH0TRF5xkxl-CeWyJtoNE5IG7F8z944_jY3UDypPf9_IgtvG3Uk1v-ze2bK-tWAj3FAvJhdsiiRuxTAt5ohzrdYI2f-QbPT-v47_Vf0sTzj-oM-xNoO8z0P027XZl836WHqAXUUIRPX4y8en05IJg9_gRbme9wPDJQKOGx8CgkJ0DgimcgYJMKjyCUcASZCYICvBTj9tFHDvgUyuV3J3zC6JCcuHyy5oSTJWMt_9L8Ab9CWi6SlAjeg2e59PPmKKKurr6rmqEJ_RhPtHSpVQzj2q7y_X1ghpUzYdd4e3QamFSx1mnyslY44lM0nepTFNjjv2hKl5VsBbi8vxVrpCEVOgqtQL9dWDYQjIU84jJyk3ZsbAnFFIkuNoiyfIWfX45_8TfNDvuxAie5X1iQvDysXQ_vJTPww1OvznILZPxhVrRuWYCQI1BlQ-g2mMl05nrpIXDJ0_18gSoN5lRjaJHu4erQ8A5SOiFcCrauTmZxWEt79TMeN0oPVC97F9RpvZiv_-evJOj7c-VzSYqySvmPsb-l4MI4qVorDzJjPjM-DEcqCY3ZYjOxR3EFwvCzJ_imc0gp2TX0nl5-GuGb4xByGYVtYZeWCE0K_Ee8oEw-a7lW_Gxtpdocah5zfkx5JXQdNVw0XG7p5Rx_MWDZpO8CNEzcYaMO7ciF8zNGb_cc_pMpMGLElySkIxtUVLbve6MbeBERDTZj9SF9pu_VVWWjhS6-TUdSw2EvtZGetJnGn18ioIXCAxx1nMEgXhhrP08ULDr3QxGnRq0VULuYo0jRtNcS4QFucu_C7K3NEv_LTdeK1O09NPLqZG44jsnyIpYyVTAPHY76WYClkbNzfKsAHBspvLOa9fOLF1jRQDg5CDT71mhc8FvCBpBgjG2Wi9lorpHIyinUNPoIq2yyVlQVPKyF5dpL0l7ay7e0O7rUU-3zEviCJcoe-0IqNjAQVLpWmbttTgC4CbU_shX-cOkMu-EkqmD6UaD0284kmrU2DfipmQGiDiJYOsmvwnVmLQmwW8o2l6HemuTwCIyoONqMtPW6vqEkVRp_3kRDA50gLK7Z98jIK-Eeyt49eZAdz_LU90waTEnOnGXDH1924u5bTQ2jAkj6GV-BMm6RDqWkbTEHIBWa9WgwPj8QVZ-40DTrdbOKu6ivf1uFV2SX4jgyTK9HM82VbgaDlK7R_7I_lCEihUxeM9lRXxlKVp8iOm4iyL3Clvo4_TEohm6v2RVudkS1lXflxM6yLEzy1TIfbGOnpF8HAMC8sON9D8VeUq3orCVNVAp8DJWWlvXmknQN-_M_Wyx4KVDiqzCklpgs-U-BkWfFGOJV4ClrrU41KimqSgn2SfgqYmQ5AkjJuhM8IzTCCccq6VLi26ny_DWUFD26O-nHKjanb436a6GrHwOQQkHGPOJ3Js-6qsm-4UtsJt5S--H7nKXCP-iWc_FRuBzyazM2u6X4xb6NElDP7Is5l8NvpTckhFLw8Py5YzG5pLqocQhSWfAtMMSjuifPTvY_jo_wSkjBISOO3NYhAJ6Ci6NQ96_0ewkCoElLr4mFRjiEnfltuaQEdVxzwd7da_NYcUEEkN03XAWiMlNFDawKvWfE82Abs51KvJa00bZQ4WaFDNgnkpzEzZMtjrA70F-tKYhl9JcHseNpD8dCenwzEXoZBEuTRAcWt_-6JYsK4VtSPJHfTUGy-DmMyIe5MVsQ6Q2XPAcCx8mQsz_Vju3WXFzbfB1MrbcAkQC5Tqv-dZ41GPQuT_77wojoxiKjOUEzr7gFy5eKkve1Pqz3PzZSRs4TPfRrohBJ1Y4EdEEOJqlFfJWThsQH5wo0TKBl6UohXqN4ZPlrk5sMxQIN0_Exw2WW3FBu2iQlsQfQpMVy99uKnKBSLlkfx7n-Zqc7YDn4ZFhyFGWHDg6NsKZLQpqWVEnqO0vTUUwIXSAKKjvkGqpeB0hRhs1K_JtohAtqZjeQhns6gg7r6i3vmJdeTfsqAaNiH7hxO86dgkmvUddxv6ltoewPMpivRpXoH_KsFtEt-5ErTRwc0o36uok-XkE06Kzn9XBapOLqnRufpKQ1LhBxhHvvP3pkBkHs5AUrlbSXCKxzHeecokTYtsMQyd6uGeUYxdDrwiVGbMYWSE710TtKHM7CQGHjDuDVaRIL9FFLahNWql4bmfafpDfQGpbrXcW9Fny7zpLiIdTaONF53l1rY4xuS_j-CrPwTPLbziKw-QPTQqyJdWTLArmF03lYhxbT5w7Q8Ss5aPFHs5lP2EvtNAz20xTzQiWfgpGRfdizXVuewSYB0dq6hSiRZywofreso-QX4yQ-S79K2QNCAsTozA9JrhcJZMfOimrM9fVbEdOnXIpAYLRakqC9-ORg-BRVCs-o10vkaw_1xWu72yWPxwvDS4BcbMdTUqQo1rW1nhARGI40RxJhouxynJA11XHCCJHEEJ5jofHipgdM2pn4Z2mzTm3_5AW3sCCaGRcS58mBirbHzjDuhS-TVQvPpHh234bC5-Tf0pcLHwI9a0gtIrlu9_oQZNJPXEqZQZy-C_bPHZ_E3DG6ZfIraCEyfKOAZv1SVsHQ4O4lSF-WKGa34gTZ9k9FaJtzUWi3ScC-k27pT4xjpmvK8-SdkfmWcfflvGOMIFfGghrQwRP-M85DPnzN7rfQWTnr_fqOWxLspHLnjGR-OtJSQF952qLjt3Li1vI6OsM&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=8069258177115416000&adk=2857193498&idt=185&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 14:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
14644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 14:15:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D29F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssId43jgwWAWu0Z5g2H7MvxJoG3j_XrALnH72RqBoEOR8UW7PKiR1gHUQPWzFg-OFzN59QqbwXEkA1DuQt9SQ1ugYsPPauvFv4h7z50td0it8orKSzrLhVhFGw3Bx0DXab4ol6FvDinIy-x7ik8YJAt_RjsX2_KNBO28cUQpVFb1u9u-dfDEV9o7U2ondv6hRuoXvtUWj5DV7Hl3HzDyLVxHWACE5BJe6Ti3bGrYRjK4VGx2LysCfYkR-1pF0zN3Xwc3CsBmvI-C37-92YlLcur5R51rwIVyPkIc9LExCsyowb3jdXy3bt7m0FdeeUoLoyQ0IyqXbbEWIQP7Ty-1-T2WDi8Mtaq5UOnJCrC6jhLix1gqg8ceFscwUHRfECUt_dh26HSq-F9WBaZrq-RB1sk5bQ7mgiE_39I9_GsdicppaUqP5sPtF-qiaBuHouyJgQJQ1MB-4mqSYJqWcncUpQbHPZHolpUlPaurPwasgmbm2hHUc-rjthE56C9hxgrnzx6_Uwi-IjZSRDisFxifhoGKzrNaQBiOj8Hu4HIcdR5UChDEjoJGJGWzwMqXtNrs7-vt_ep7LI8nAKS_Kj04reqKOsZGtZOHxviihqLaR0Rygj-I0EJQJsSPPohapLZRNaujuthwbXL8pl3C0D3Kob1VuW7OAuC-b1ca8OQ-opT4BbqcdYCdaLmdukHeFYpkeT8RNkgW_5VHtfXcIlPTv0e8ivHiKfFUFXDaBQYZM9S85xRcHvFazR-5WatZCnE_njG-zAzWhIKwxVTc6fywHiUfFv0T78nKd-1Km_WfB6LxRtQJ9H-cdkcCqNCywaZwk2EQNKNAsK1FmXEoQ_ICRHJPssAWkFQTY5zUWlakJzSOGw_nAVEG05xBSPi-Se8Lt3YPsKzLa9NJi6EEMn7qNCZ9I3F5hPRvIH6ugdMjfWEpj4y-efje_2NGEUKOcUpuq9M8lh_eb-P1XtyXzjlhO1gUZdGxltdz1kwbBUkwg0mrIIPpdI6GTT9wGKtUEVerW2HRUv4q3TiDt0VrkpxhPW03i4ffUajxH8u2PPfgkwpN2M9FG7djFgyi_a3FYD_9FbSd8ZrDvZxqNwg6bfUc9pAijbm0WX7ilFdJIbDBXhPCtePbHTgXmrTmIhV6Y0LJoQqSHDTGZm08t5D48xTWCV9cYdEfrZQl44kkqQUGSG_XlDYYigJF6dmxSKqPYC58png_R5ThOrnPc4tp8CkHB4kTCSZU1I5mwMRXJJXjIjtvZgjEd594mBmdQyvz7ldoMOz13yd99d3E0Nsk3u3dBvY&sai=AMfl-YROpklGpT60Jrstb7NFN-YCBCfbUWNievWmfCpEjm_6Buh0hhtYSBZL4ltpIIJXcJ17Fm0b1kkwShkARk_Noec63OazvMsoqmPK0rMsIZKcMqDJ0zbxHyAyScL6vzz1BY6TA-mD3uZgkmkpqzxITLYrwRZasR_gufrtJ1L8hTSPVAsvo7lhFSTtNLzEsUhuv6cq0Vc-49O2q1p4jvF3Dez3q__ZPEiYhgO2sfAKc2QLuV7c2JDgBV9CdDFN7KpQqtCwTs5GETk0pAYWYoveYpa5pxN4pUYro4pg&sig=Cg0ArKJSzOq7yOimII-FEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230531.20578&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aimarl6hKciiKGF9y_5D0yulb_aau0NB8KZJhEKmdUth4HjBm-WADI9Mu6l40xwPTQh3PkMMpdxN5ERcJ-oM-iGbz1mtDsUYpFA4UaKXfEumEJpQfDMKtxiCXZR5oFsbAamcOp7Cz2e4pJDCHeFxgpnjq5J6z4NbtjhgFVgGOGBIK7QA8&dbm_d=AKAmf-AkpILMNI-yQpWAEVHDH9Fk4bxj-Tpv9IXBoCH3nSlIFi7eQ8p2FCM0YW8lTXS_aLsV4egGap4IDkYQje9QvWGmk4FK40sycRgSWn1kDqZcM5LUhXBovm9DsSAZ3zeaWXOW4gQbnSkbV3Wlr3n4kV2OsbgFE87oR3eir4LvHUUwfeOKMWg6y6K94v_sD943wdBoQrzCfSLA7Pf8NXcHVe-Cm-N7UH5o8Ne4j_A9hcpuWrONWSeuHw_RVEsvP2wWFfKXsnIc5PRdrpcK_DPykzfhf3q6Xz-r0WiLgtsFarMkiWf--licFKBYk84vDlKf7w65915zi2LmdX5b-8kpgNJqfYVplLDs8kz_ZNnsMmmtRAER0SVWU5p9C-zzgUdu93dDaAPaX3w919nRhKCDTUiLbWnQ_wn-C_5gItgZUPPZqb6vk-UtxAdPJNSTvZp-54lJP0qQPSAcE8tfnPoIrUFSF7whSNMTsgxne6EvsjJzDrsEjf9Mnp1gnVlT8E75K0dZhFvfxlCm-xRTJ7d-jQ9KkpaQ5_p12FzyF9LmWtH_31NnfKe5M7OBQyw2dg4y4kD1ElqbbCgWN2DjC5IQdZFRgnuwf0gNRHaY0sdVY3KSQVonRP6fa4Usxmn-ud77WEaI-I9quqv_M7Zw1X7ZfwdriCP8g1hgUB3OrXAatVNcxcl24GrGrTu6PNibwK8ZzB0fNiqvDVaK7lCPLIjjG8lyZxValLpO9hyWOXMdtNe2U8C2zc4hWqHz-AHWaQ3xCYInZaLBvlT9y5NKfdKgAURTHb1xabN1dRknMENNdqg-9FTUTsLbdyjXmb1IeHmjBB3p89pMJW95-jJPbR1YR6qrnXufjKVypnuZ9qhcQvIN2VMuDz_90P90KIR95ejCUoc0RhLxo1IleNvRdEz9uyysy29j8guUljxz8lzkXyhe5nwVFgQVW2yPLU5UjstwGTc30aulbXHXaooET0H2hTGQ4X2t2Pq7DSk7NgcYUfkPp3Z-wrjf7HWBO3SUZ1DjGgdKTfITDVUUCJwnO-4nytemyuieNgRm1ofZqONH0TRF5xkxl-CeWyJtoNE5IG7F8z944_jY3UDypPf9_IgtvG3Uk1v-ze2bK-tWAj3FAvJhdsiiRuxTAt5ohzrdYI2f-QbPT-v47_Vf0sTzj-oM-xNoO8z0P027XZl836WHqAXUUIRPX4y8en05IJg9_gRbme9wPDJQKOGx8CgkJ0DgimcgYJMKjyCUcASZCYICvBTj9tFHDvgUyuV3J3zC6JCcuHyy5oSTJWMt_9L8Ab9CWi6SlAjeg2e59PPmKKKurr6rmqEJ_RhPtHSpVQzj2q7y_X1ghpUzYdd4e3QamFSx1mnyslY44lM0nepTFNjjv2hKl5VsBbi8vxVrpCEVOgqtQL9dWDYQjIU84jJyk3ZsbAnFFIkuNoiyfIWfX45_8TfNDvuxAie5X1iQvDysXQ_vJTPww1OvznILZPxhVrRuWYCQI1BlQ-g2mMl05nrpIXDJ0_18gSoN5lRjaJHu4erQ8A5SOiFcCrauTmZxWEt79TMeN0oPVC97F9RpvZiv_-evJOj7c-VzSYqySvmPsb-l4MI4qVorDzJjPjM-DEcqCY3ZYjOxR3EFwvCzJ_imc0gp2TX0nl5-GuGb4xByGYVtYZeWCE0K_Ee8oEw-a7lW_Gxtpdocah5zfkx5JXQdNVw0XG7p5Rx_MWDZpO8CNEzcYaMO7ciF8zNGb_cc_pMpMGLElySkIxtUVLbve6MbeBERDTZj9SF9pu_VVWWjhS6-TUdSw2EvtZGetJnGn18ioIXCAxx1nMEgXhhrP08ULDr3QxGnRq0VULuYo0jRtNcS4QFucu_C7K3NEv_LTdeK1O09NPLqZG44jsnyIpYyVTAPHY76WYClkbNzfKsAHBspvLOa9fOLF1jRQDg5CDT71mhc8FvCBpBgjG2Wi9lorpHIyinUNPoIq2yyVlQVPKyF5dpL0l7ay7e0O7rUU-3zEviCJcoe-0IqNjAQVLpWmbttTgC4CbU_shX-cOkMu-EkqmD6UaD0284kmrU2DfipmQGiDiJYOsmvwnVmLQmwW8o2l6HemuTwCIyoONqMtPW6vqEkVRp_3kRDA50gLK7Z98jIK-Eeyt49eZAdz_LU90waTEnOnGXDH1924u5bTQ2jAkj6GV-BMm6RDqWkbTEHIBWa9WgwPj8QVZ-40DTrdbOKu6ivf1uFV2SX4jgyTK9HM82VbgaDlK7R_7I_lCEihUxeM9lRXxlKVp8iOm4iyL3Clvo4_TEohm6v2RVudkS1lXflxM6yLEzy1TIfbGOnpF8HAMC8sON9D8VeUq3orCVNVAp8DJWWlvXmknQN-_M_Wyx4KVDiqzCklpgs-U-BkWfFGOJV4ClrrU41KimqSgn2SfgqYmQ5AkjJuhM8IzTCCccq6VLi26ny_DWUFD26O-nHKjanb436a6GrHwOQQkHGPOJ3Js-6qsm-4UtsJt5S--H7nKXCP-iWc_FRuBzyazM2u6X4xb6NElDP7Is5l8NvpTckhFLw8Py5YzG5pLqocQhSWfAtMMSjuifPTvY_jo_wSkjBISOO3NYhAJ6Ci6NQ96_0ewkCoElLr4mFRjiEnfltuaQEdVxzwd7da_NYcUEEkN03XAWiMlNFDawKvWfE82Abs51KvJa00bZQ4WaFDNgnkpzEzZMtjrA70F-tKYhl9JcHseNpD8dCenwzEXoZBEuTRAcWt_-6JYsK4VtSPJHfTUGy-DmMyIe5MVsQ6Q2XPAcCx8mQsz_Vju3WXFzbfB1MrbcAkQC5Tqv-dZ41GPQuT_77wojoxiKjOUEzr7gFy5eKkve1Pqz3PzZSRs4TPfRrohBJ1Y4EdEEOJqlFfJWThsQH5wo0TKBl6UohXqN4ZPlrk5sMxQIN0_Exw2WW3FBu2iQlsQfQpMVy99uKnKBSLlkfx7n-Zqc7YDn4ZFhyFGWHDg6NsKZLQpqWVEnqO0vTUUwIXSAKKjvkGqpeB0hRhs1K_JtohAtqZjeQhns6gg7r6i3vmJdeTfsqAaNiH7hxO86dgkmvUddxv6ltoewPMpivRpXoH_KsFtEt-5ErTRwc0o36uok-XkE06Kzn9XBapOLqnRufpKQ1LhBxhHvvP3pkBkHs5AUrlbSXCKxzHeecokTYtsMQyd6uGeUYxdDrwiVGbMYWSE710TtKHM7CQGHjDuDVaRIL9FFLahNWql4bmfafpDfQGpbrXcW9Fny7zpLiIdTaONF53l1rY4xuS_j-CrPwTPLbziKw-QPTQqyJdWTLArmF03lYhxbT5w7Q8Ss5aPFHs5lP2EvtNAz20xTzQiWfgpGRfdizXVuewSYB0dq6hSiRZywofreso-QX4yQ-S79K2QNCAsTozA9JrhcJZMfOimrM9fVbEdOnXIpAYLRakqC9-ORg-BRVCs-o10vkaw_1xWu72yWPxwvDS4BcbMdTUqQo1rW1nhARGI40RxJhouxynJA11XHCCJHEEJ5jofHipgdM2pn4Z2mzTm3_5AW3sCCaGRcS58mBirbHzjDuhS-TVQvPpHh234bC5-Tf0pcLHwI9a0gtIrlu9_oQZNJPXEqZQZy-C_bPHZ_E3DG6ZfIraCEyfKOAZv1SVsHQ4O4lSF-WKGa34gTZ9k9FaJtzUWi3ScC-k27pT4xjpmvK8-SdkfmWcfflvGOMIFfGghrQwRP-M85DPnzN7rfQWTnr_fqOWxLspHLnjGR-OtJSQF952qLjt3Li1vI6OsM&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=8069258177115416000&adk=2857193498&idt=185&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:15 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D29F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aimarl6hKciiKGF9y_5D0yulb_aau0NB8KZJhEKmdUth4HjBm-WADI9Mu6l40xwPTQh3PkMMpdxN5ERcJ-oM-iGbz1mtDsUYpFA4UaKXfEumEJpQfDMKtxiCXZR5oFsbAamcOp7Cz2e4pJDCHeFxgpnjq5J6z4NbtjhgFVgGOGBIK7QA8&dbm_d=AKAmf-AkpILMNI-yQpWAEVHDH9Fk4bxj-Tpv9IXBoCH3nSlIFi7eQ8p2FCM0YW8lTXS_aLsV4egGap4IDkYQje9QvWGmk4FK40sycRgSWn1kDqZcM5LUhXBovm9DsSAZ3zeaWXOW4gQbnSkbV3Wlr3n4kV2OsbgFE87oR3eir4LvHUUwfeOKMWg6y6K94v_sD943wdBoQrzCfSLA7Pf8NXcHVe-Cm-N7UH5o8Ne4j_A9hcpuWrONWSeuHw_RVEsvP2wWFfKXsnIc5PRdrpcK_DPykzfhf3q6Xz-r0WiLgtsFarMkiWf--licFKBYk84vDlKf7w65915zi2LmdX5b-8kpgNJqfYVplLDs8kz_ZNnsMmmtRAER0SVWU5p9C-zzgUdu93dDaAPaX3w919nRhKCDTUiLbWnQ_wn-C_5gItgZUPPZqb6vk-UtxAdPJNSTvZp-54lJP0qQPSAcE8tfnPoIrUFSF7whSNMTsgxne6EvsjJzDrsEjf9Mnp1gnVlT8E75K0dZhFvfxlCm-xRTJ7d-jQ9KkpaQ5_p12FzyF9LmWtH_31NnfKe5M7OBQyw2dg4y4kD1ElqbbCgWN2DjC5IQdZFRgnuwf0gNRHaY0sdVY3KSQVonRP6fa4Usxmn-ud77WEaI-I9quqv_M7Zw1X7ZfwdriCP8g1hgUB3OrXAatVNcxcl24GrGrTu6PNibwK8ZzB0fNiqvDVaK7lCPLIjjG8lyZxValLpO9hyWOXMdtNe2U8C2zc4hWqHz-AHWaQ3xCYInZaLBvlT9y5NKfdKgAURTHb1xabN1dRknMENNdqg-9FTUTsLbdyjXmb1IeHmjBB3p89pMJW95-jJPbR1YR6qrnXufjKVypnuZ9qhcQvIN2VMuDz_90P90KIR95ejCUoc0RhLxo1IleNvRdEz9uyysy29j8guUljxz8lzkXyhe5nwVFgQVW2yPLU5UjstwGTc30aulbXHXaooET0H2hTGQ4X2t2Pq7DSk7NgcYUfkPp3Z-wrjf7HWBO3SUZ1DjGgdKTfITDVUUCJwnO-4nytemyuieNgRm1ofZqONH0TRF5xkxl-CeWyJtoNE5IG7F8z944_jY3UDypPf9_IgtvG3Uk1v-ze2bK-tWAj3FAvJhdsiiRuxTAt5ohzrdYI2f-QbPT-v47_Vf0sTzj-oM-xNoO8z0P027XZl836WHqAXUUIRPX4y8en05IJg9_gRbme9wPDJQKOGx8CgkJ0DgimcgYJMKjyCUcASZCYICvBTj9tFHDvgUyuV3J3zC6JCcuHyy5oSTJWMt_9L8Ab9CWi6SlAjeg2e59PPmKKKurr6rmqEJ_RhPtHSpVQzj2q7y_X1ghpUzYdd4e3QamFSx1mnyslY44lM0nepTFNjjv2hKl5VsBbi8vxVrpCEVOgqtQL9dWDYQjIU84jJyk3ZsbAnFFIkuNoiyfIWfX45_8TfNDvuxAie5X1iQvDysXQ_vJTPww1OvznILZPxhVrRuWYCQI1BlQ-g2mMl05nrpIXDJ0_18gSoN5lRjaJHu4erQ8A5SOiFcCrauTmZxWEt79TMeN0oPVC97F9RpvZiv_-evJOj7c-VzSYqySvmPsb-l4MI4qVorDzJjPjM-DEcqCY3ZYjOxR3EFwvCzJ_imc0gp2TX0nl5-GuGb4xByGYVtYZeWCE0K_Ee8oEw-a7lW_Gxtpdocah5zfkx5JXQdNVw0XG7p5Rx_MWDZpO8CNEzcYaMO7ciF8zNGb_cc_pMpMGLElySkIxtUVLbve6MbeBERDTZj9SF9pu_VVWWjhS6-TUdSw2EvtZGetJnGn18ioIXCAxx1nMEgXhhrP08ULDr3QxGnRq0VULuYo0jRtNcS4QFucu_C7K3NEv_LTdeK1O09NPLqZG44jsnyIpYyVTAPHY76WYClkbNzfKsAHBspvLOa9fOLF1jRQDg5CDT71mhc8FvCBpBgjG2Wi9lorpHIyinUNPoIq2yyVlQVPKyF5dpL0l7ay7e0O7rUU-3zEviCJcoe-0IqNjAQVLpWmbttTgC4CbU_shX-cOkMu-EkqmD6UaD0284kmrU2DfipmQGiDiJYOsmvwnVmLQmwW8o2l6HemuTwCIyoONqMtPW6vqEkVRp_3kRDA50gLK7Z98jIK-Eeyt49eZAdz_LU90waTEnOnGXDH1924u5bTQ2jAkj6GV-BMm6RDqWkbTEHIBWa9WgwPj8QVZ-40DTrdbOKu6ivf1uFV2SX4jgyTK9HM82VbgaDlK7R_7I_lCEihUxeM9lRXxlKVp8iOm4iyL3Clvo4_TEohm6v2RVudkS1lXflxM6yLEzy1TIfbGOnpF8HAMC8sON9D8VeUq3orCVNVAp8DJWWlvXmknQN-_M_Wyx4KVDiqzCklpgs-U-BkWfFGOJV4ClrrU41KimqSgn2SfgqYmQ5AkjJuhM8IzTCCccq6VLi26ny_DWUFD26O-nHKjanb436a6GrHwOQQkHGPOJ3Js-6qsm-4UtsJt5S--H7nKXCP-iWc_FRuBzyazM2u6X4xb6NElDP7Is5l8NvpTckhFLw8Py5YzG5pLqocQhSWfAtMMSjuifPTvY_jo_wSkjBISOO3NYhAJ6Ci6NQ96_0ewkCoElLr4mFRjiEnfltuaQEdVxzwd7da_NYcUEEkN03XAWiMlNFDawKvWfE82Abs51KvJa00bZQ4WaFDNgnkpzEzZMtjrA70F-tKYhl9JcHseNpD8dCenwzEXoZBEuTRAcWt_-6JYsK4VtSPJHfTUGy-DmMyIe5MVsQ6Q2XPAcCx8mQsz_Vju3WXFzbfB1MrbcAkQC5Tqv-dZ41GPQuT_77wojoxiKjOUEzr7gFy5eKkve1Pqz3PzZSRs4TPfRrohBJ1Y4EdEEOJqlFfJWThsQH5wo0TKBl6UohXqN4ZPlrk5sMxQIN0_Exw2WW3FBu2iQlsQfQpMVy99uKnKBSLlkfx7n-Zqc7YDn4ZFhyFGWHDg6NsKZLQpqWVEnqO0vTUUwIXSAKKjvkGqpeB0hRhs1K_JtohAtqZjeQhns6gg7r6i3vmJdeTfsqAaNiH7hxO86dgkmvUddxv6ltoewPMpivRpXoH_KsFtEt-5ErTRwc0o36uok-XkE06Kzn9XBapOLqnRufpKQ1LhBxhHvvP3pkBkHs5AUrlbSXCKxzHeecokTYtsMQyd6uGeUYxdDrwiVGbMYWSE710TtKHM7CQGHjDuDVaRIL9FFLahNWql4bmfafpDfQGpbrXcW9Fny7zpLiIdTaONF53l1rY4xuS_j-CrPwTPLbziKw-QPTQqyJdWTLArmF03lYhxbT5w7Q8Ss5aPFHs5lP2EvtNAz20xTzQiWfgpGRfdizXVuewSYB0dq6hSiRZywofreso-QX4yQ-S79K2QNCAsTozA9JrhcJZMfOimrM9fVbEdOnXIpAYLRakqC9-ORg-BRVCs-o10vkaw_1xWu72yWPxwvDS4BcbMdTUqQo1rW1nhARGI40RxJhouxynJA11XHCCJHEEJ5jofHipgdM2pn4Z2mzTm3_5AW3sCCaGRcS58mBirbHzjDuhS-TVQvPpHh234bC5-Tf0pcLHwI9a0gtIrlu9_oQZNJPXEqZQZy-C_bPHZ_E3DG6ZfIraCEyfKOAZv1SVsHQ4O4lSF-WKGa34gTZ9k9FaJtzUWi3ScC-k27pT4xjpmvK8-SdkfmWcfflvGOMIFfGghrQwRP-M85DPnzN7rfQWTnr_fqOWxLspHLnjGR-OtJSQF952qLjt3Li1vI6OsM&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=8069258177115416000&adk=2857193498&idt=185&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 18:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Jun 2024 18:25:16 GMT
575851448298816101
s0.2mdn.net/simgad/ Frame D29F 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/575851448298816101
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9d8c1cc89758c3e3f9ff67a420255ed2aee18f612696c97a15b8e1bf371c7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 15:08:22 GMT
x-content-type-options
nosniff
age
357053
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30038
x-xss-protection
0
last-modified
Thu, 25 May 2023 21:36:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jun 2024 15:08:22 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1475223/71249284/ Frame F36C 		244 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1475223/71249284/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-8017808889715710&ias_chanId=1&ias_placementId=20111329642&bidurl=https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i_rSfLJMZM8PuvVFuKgmZR
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.211.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-211-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f9dd15aa25e7a61402fce87411f4071eee7124cca7b5b5b99b04c8e1d0b0dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F36C 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Origin
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 20:07:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame F36C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A14JgO4EM_3tRKw3jzcVqMqQOGh86S2wv-9t328oRUKvRRyRA3lAvt3jHCw_npTMjEKUiC_mbyPir7e8W6TJ7rrWGZ8WqfOr9YEvJ6ISaYgO-gUOOYCsPnqlG9niVTR0sFC2bNy5S6EhFPqtbCnV6kHe__oWBMZRftL_TFd5PgH2SM6Hs&dbm_d=AKAmf-B2yHR791WgiRlOXT6QsMm7uw-tKlXGV6FylDAsXX0ONNbR0Oe9iH0W4jEbP4XWdJBDADIo6Ytzeolh1oKkEsfGHwN6oCbxg7VrOhb4DwEO4RCYgmaU73tvBGKy_-5A86Wqz5L-O5ac7KU4oattWMLYtFdZCtrdMohkrj7WNPIsyMQDdSuChKhBc6_9Ox8NSoZ565rEolxySdLUEJO2O9JoUtS_2jhkifB9YJsSmjO4t0YYf2pOtqbBID1457a7zqHbO1bAos7Io_QZQDAOdA6tAN8TPUvzrBKNUiq7DCKT-oRPi-fu2fTjGFde6epv_i1FjZJ_kQDGt6nN4GqvlEF5VSA1RzhEXAcIiC076_9B3FmJHcTMLaEp7-Fmob2x2ou_hNeqgk5s0EUGKkzf5rqa4A46xUORQXFTG9CPIN2Gk1Wth7Z7L0NbeowZQxXiMpmes9cy5qDAA4uuyblPpXz7pzBd0DFkmwBQYx3xbqG3zSciixilxSwREc4dolkEaHkM_Aw1HYoMkP1aRn0ceHhmOsZEjrHiQ6M8c-THKGIY2f1qMPlAlo8Zx5DgPkaw8UXxkrG6PKWotWBPRDJfAw6bHytqBl50VuMVCch_LP4gamtXi9ksjCOIQkO5iNfT9QPSjDTH_j0knfIa9PoIHxB6ulHrBu8fAh-fURmSsvMf6DyWuHDzpJHFWfYD1rP7Vc6PG0ZTERh7YNsBtD0JUQCsjBfjSGdMhDvZZHJRh8ySarTyK9f1gZHmeBt7aSPYLqK9Kr7XmU-moMRzfmZ4MRCDb-66e2LLR79KpBhQwma6h9vo3oECex4yuTrPaQS5QAk4r_bKggvXXLrR7cC17q8OJ8TXdwKeAK8bwWQHjvJmxRJHRF27XxdtvU-vxlZ5fcIo1as2rXY_2Rs1IcgoABplAG1SSuM2DkDau1zF703wgaNQq-h5QTxrv79WQRIbVxfC05E01beuN6p_UCMFVcZlpidbgCqe_20-o_Mjv9YPaJw0k-7tO8-5WqXNMx-opYb976q1M7jMOdFtbWv1tASAeyfRdc2nL9ohNSpskuTcKHHfVckFY_mPP0cPROPwy1YB4ILNTDVH5dpVFu-K5jr9SgAZItDydDdOSCFTeO8X_rTgQcX_KR7gK15H6Y2q1osc5qF6_8N88v4N6YBKOmwBzG5ylWvdjXq1GJmOPOURFoeuDG2EMEbj66Nt8OmjzOACRSAXOP_4AbElEBmQFmI8xh13wFS5ERhEY3Ec4cWGRSjnR9VF-HPUPuGsxFp0poWPTyVADYw3qpN226C-QIDTYHlBvogwlBADnYqFVcBjimEtvvG79pSWYE8cJUOJFJ1hLv-E_IfJ6C-FH1uXmsffGWosJXpaqVQpHs3YdFnuL_hI86y5CHbtyEjzbH6pJHKKhVEvOTtwrNGRy_zj93KBFi72PH4Deptv1rxrNOWV8NoGHZW_Ou1DVPJaxz_Ir82LV9PSl8vJKDtZmxqJCEbNvZiznCksNH3jiP5Ken9n79U2xlC2gCSbG4n7dH5HEsjUyG-9JwIjxNlHGZSHKWIr4ITdpCeVatJFRcWeO2yXYrGsPXjE-Om55HPJnvh4XBYo45m_WWpTNlmnl3EW2Xnv4cfqY3V2AlYY4OjG9rZfnXWg7-mdzLKiFullSB-vLgjhu0pQdP0fquRkgHLVCf8wjYH-FOE-zMG2CWbFSU9MdMZ3z0oIaqllD_5CW2n88VQUiy0ImfW26Dly55xZl9qiOSmqgMwGp9iCRC2F2xWtehF9OT2L99-Kw6T9Pz0dZWVS3890j9q83Ax0QxzesF7vnpS_V9SNl2u4FVYBeZ_IQk-b4SZy7dzjjKOjjr34QtW0mU76nqR0KS1kRXc9bYba-ArPrVJNcyaECtfEEgm9-t23YjGnRFkNYDFDFyHTTJtT9flwvL-PkxaIK4C8l47vlJ6dLhBtqCmRbq9lVGp3OMppCTlqfjT28Q8NOaXYZcGT6c3OHD20C_3dmwtvT03uDG6Gdm8bsSJXcl1YmGQ1gqq8FZIGXp3U5JnzfD6hXU12k0WqN2t_sHpfuA2fEug93blgVP32I1n7IEWDn6derGmEfdzXi3_UiF_x25zw2xU4PjhyyzShmOf5a9oE1tqW6ijkJte4QEc130qOzmwtJSc6ylK91v3m6SJqvxASMJFmFLsJ8_Z-VWF3BxaAhMvFgfGzxz9vStzTYXB987TCaP5RP6NFHgthNIY4KAXfWtCLlKWJW38siT652XpMcG_6-mhoLZpT1aaU4iTZ4hgG81B2FTU8Wlo7neZwwD8Z5QUonnyFXZ2M08mEGxXJO2l6xhq5P0a3HpDHOL-YgQVC1fXxkCfYPoSjhcGkFVJcu_Tl9IipLmMxZRVz8DilsbDDwvOvQAvak3psegsiQ56rIa9XVVmBE8gIMIreqbphMVhqn_akiPm6SawGDqtRjcmmqYheGYTULz0xlCGI4GQjWZYQo2pWn5Q7AnpM51flQbASmotXVhWcL7prpKIHpInvoQ_85XNYQhgKYHZYdbhLarRqK6BMP7mfQc5FH69esEr-jyeJDvdHuDt5Cw69Wg6mn_k-NrznHpntyP4U8LYrINWNHc19uaxjdTsyooTywNab2gvOCaRd7z3pFcqefn3uXDBAslcojWTv5QcgFDj01S3g1I5G1qZeVbm45H4poze5nRugFPLvYYlAUbHsnWEwxmjYR52NC3FhjSC2vi-dQJcSzeydTrz0nOk9IX3-wQrSayW8hh_KmjkicU8RToFoowBmSAxRyfViU2gffDjR23wLH1pTp5q23bVK6To4VTSfrC27TnlIDRKxzq4uO74kmbzdaIeD0RdN5naEykO6jp8Eg1p_O5tvGYN92h_geqPvtu59ghioDOTzx47yJDkFf4yWt0a6XAYPp1OOjj9dMPVNw6JbqX19wbygbGCn6uucMt9vsT-6eMtFJ0PDJXdxU0WPXyYEOZsQp9EJPX9wVNSSVjlb5hRsejVPu7YWystd98qNwf_F4195Tzyb2TQCRChU-yQL-UOiF62MuXXU-hrlAy5J8fIo4ySdx4w0zOq_G6O_sVo_lGuAbU1bW8lAcJIpik83MWkL2Rq3X0EzA9PoCzIYN_voqxe45OHbWc9O1dQt1hJEFk6wYEmmdJDBSfuADr7G3z1oel_E5xb4wFUrdvc0VOJm586mv5OnLa3p2HwoLV4mVLULbK41mBfYe9mzatPxCbidstOT5bgMTcnRRtzgoF_FqqIZrdAHMQIQyD9Qkwszfh2aFTusVh6CMlJ8lkdLFk8c40QQQZaBWvvxWBvWTpMInxMzCBENsw4wCbwv4RtU_le36L4c2bN9phXwNIIJrYknM6UJjJQri5cd5A_A0RXhyb2ibjP1-kaNgIWJ7PPnRIg-TGEEzAbaGn6XDN-cKD4dn_iiU9YLohPrmc3sECFjndgylOALvvyMI7ZnoX4iFAbZrYknw1IrANZLXdZrhUwF2zgpySXyvLVSS0GCxOoCoE1GN9fHA_2oxbcgRiq8MFrc1OLleYjJ2gfHSTKK4P6dv450iTZQmRXG1aSpMeDCVr0XgrAX6EpeNrD2ogVR312Sg4wDGM3nVghB-nIa7aRqOK6nsUjA6mWkVVIHRiQ_5oC8Pja1bAsoVpIYIr3z3qb0yLghft9zUXVAlQ&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=12909564529962340000&adk=3047537735&idt=192&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 14:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
14644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 14:15:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame F36C 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A14JgO4EM_3tRKw3jzcVqMqQOGh86S2wv-9t328oRUKvRRyRA3lAvt3jHCw_npTMjEKUiC_mbyPir7e8W6TJ7rrWGZ8WqfOr9YEvJ6ISaYgO-gUOOYCsPnqlG9niVTR0sFC2bNy5S6EhFPqtbCnV6kHe__oWBMZRftL_TFd5PgH2SM6Hs&dbm_d=AKAmf-B2yHR791WgiRlOXT6QsMm7uw-tKlXGV6FylDAsXX0ONNbR0Oe9iH0W4jEbP4XWdJBDADIo6Ytzeolh1oKkEsfGHwN6oCbxg7VrOhb4DwEO4RCYgmaU73tvBGKy_-5A86Wqz5L-O5ac7KU4oattWMLYtFdZCtrdMohkrj7WNPIsyMQDdSuChKhBc6_9Ox8NSoZ565rEolxySdLUEJO2O9JoUtS_2jhkifB9YJsSmjO4t0YYf2pOtqbBID1457a7zqHbO1bAos7Io_QZQDAOdA6tAN8TPUvzrBKNUiq7DCKT-oRPi-fu2fTjGFde6epv_i1FjZJ_kQDGt6nN4GqvlEF5VSA1RzhEXAcIiC076_9B3FmJHcTMLaEp7-Fmob2x2ou_hNeqgk5s0EUGKkzf5rqa4A46xUORQXFTG9CPIN2Gk1Wth7Z7L0NbeowZQxXiMpmes9cy5qDAA4uuyblPpXz7pzBd0DFkmwBQYx3xbqG3zSciixilxSwREc4dolkEaHkM_Aw1HYoMkP1aRn0ceHhmOsZEjrHiQ6M8c-THKGIY2f1qMPlAlo8Zx5DgPkaw8UXxkrG6PKWotWBPRDJfAw6bHytqBl50VuMVCch_LP4gamtXi9ksjCOIQkO5iNfT9QPSjDTH_j0knfIa9PoIHxB6ulHrBu8fAh-fURmSsvMf6DyWuHDzpJHFWfYD1rP7Vc6PG0ZTERh7YNsBtD0JUQCsjBfjSGdMhDvZZHJRh8ySarTyK9f1gZHmeBt7aSPYLqK9Kr7XmU-moMRzfmZ4MRCDb-66e2LLR79KpBhQwma6h9vo3oECex4yuTrPaQS5QAk4r_bKggvXXLrR7cC17q8OJ8TXdwKeAK8bwWQHjvJmxRJHRF27XxdtvU-vxlZ5fcIo1as2rXY_2Rs1IcgoABplAG1SSuM2DkDau1zF703wgaNQq-h5QTxrv79WQRIbVxfC05E01beuN6p_UCMFVcZlpidbgCqe_20-o_Mjv9YPaJw0k-7tO8-5WqXNMx-opYb976q1M7jMOdFtbWv1tASAeyfRdc2nL9ohNSpskuTcKHHfVckFY_mPP0cPROPwy1YB4ILNTDVH5dpVFu-K5jr9SgAZItDydDdOSCFTeO8X_rTgQcX_KR7gK15H6Y2q1osc5qF6_8N88v4N6YBKOmwBzG5ylWvdjXq1GJmOPOURFoeuDG2EMEbj66Nt8OmjzOACRSAXOP_4AbElEBmQFmI8xh13wFS5ERhEY3Ec4cWGRSjnR9VF-HPUPuGsxFp0poWPTyVADYw3qpN226C-QIDTYHlBvogwlBADnYqFVcBjimEtvvG79pSWYE8cJUOJFJ1hLv-E_IfJ6C-FH1uXmsffGWosJXpaqVQpHs3YdFnuL_hI86y5CHbtyEjzbH6pJHKKhVEvOTtwrNGRy_zj93KBFi72PH4Deptv1rxrNOWV8NoGHZW_Ou1DVPJaxz_Ir82LV9PSl8vJKDtZmxqJCEbNvZiznCksNH3jiP5Ken9n79U2xlC2gCSbG4n7dH5HEsjUyG-9JwIjxNlHGZSHKWIr4ITdpCeVatJFRcWeO2yXYrGsPXjE-Om55HPJnvh4XBYo45m_WWpTNlmnl3EW2Xnv4cfqY3V2AlYY4OjG9rZfnXWg7-mdzLKiFullSB-vLgjhu0pQdP0fquRkgHLVCf8wjYH-FOE-zMG2CWbFSU9MdMZ3z0oIaqllD_5CW2n88VQUiy0ImfW26Dly55xZl9qiOSmqgMwGp9iCRC2F2xWtehF9OT2L99-Kw6T9Pz0dZWVS3890j9q83Ax0QxzesF7vnpS_V9SNl2u4FVYBeZ_IQk-b4SZy7dzjjKOjjr34QtW0mU76nqR0KS1kRXc9bYba-ArPrVJNcyaECtfEEgm9-t23YjGnRFkNYDFDFyHTTJtT9flwvL-PkxaIK4C8l47vlJ6dLhBtqCmRbq9lVGp3OMppCTlqfjT28Q8NOaXYZcGT6c3OHD20C_3dmwtvT03uDG6Gdm8bsSJXcl1YmGQ1gqq8FZIGXp3U5JnzfD6hXU12k0WqN2t_sHpfuA2fEug93blgVP32I1n7IEWDn6derGmEfdzXi3_UiF_x25zw2xU4PjhyyzShmOf5a9oE1tqW6ijkJte4QEc130qOzmwtJSc6ylK91v3m6SJqvxASMJFmFLsJ8_Z-VWF3BxaAhMvFgfGzxz9vStzTYXB987TCaP5RP6NFHgthNIY4KAXfWtCLlKWJW38siT652XpMcG_6-mhoLZpT1aaU4iTZ4hgG81B2FTU8Wlo7neZwwD8Z5QUonnyFXZ2M08mEGxXJO2l6xhq5P0a3HpDHOL-YgQVC1fXxkCfYPoSjhcGkFVJcu_Tl9IipLmMxZRVz8DilsbDDwvOvQAvak3psegsiQ56rIa9XVVmBE8gIMIreqbphMVhqn_akiPm6SawGDqtRjcmmqYheGYTULz0xlCGI4GQjWZYQo2pWn5Q7AnpM51flQbASmotXVhWcL7prpKIHpInvoQ_85XNYQhgKYHZYdbhLarRqK6BMP7mfQc5FH69esEr-jyeJDvdHuDt5Cw69Wg6mn_k-NrznHpntyP4U8LYrINWNHc19uaxjdTsyooTywNab2gvOCaRd7z3pFcqefn3uXDBAslcojWTv5QcgFDj01S3g1I5G1qZeVbm45H4poze5nRugFPLvYYlAUbHsnWEwxmjYR52NC3FhjSC2vi-dQJcSzeydTrz0nOk9IX3-wQrSayW8hh_KmjkicU8RToFoowBmSAxRyfViU2gffDjR23wLH1pTp5q23bVK6To4VTSfrC27TnlIDRKxzq4uO74kmbzdaIeD0RdN5naEykO6jp8Eg1p_O5tvGYN92h_geqPvtu59ghioDOTzx47yJDkFf4yWt0a6XAYPp1OOjj9dMPVNw6JbqX19wbygbGCn6uucMt9vsT-6eMtFJ0PDJXdxU0WPXyYEOZsQp9EJPX9wVNSSVjlb5hRsejVPu7YWystd98qNwf_F4195Tzyb2TQCRChU-yQL-UOiF62MuXXU-hrlAy5J8fIo4ySdx4w0zOq_G6O_sVo_lGuAbU1bW8lAcJIpik83MWkL2Rq3X0EzA9PoCzIYN_voqxe45OHbWc9O1dQt1hJEFk6wYEmmdJDBSfuADr7G3z1oel_E5xb4wFUrdvc0VOJm586mv5OnLa3p2HwoLV4mVLULbK41mBfYe9mzatPxCbidstOT5bgMTcnRRtzgoF_FqqIZrdAHMQIQyD9Qkwszfh2aFTusVh6CMlJ8lkdLFk8c40QQQZaBWvvxWBvWTpMInxMzCBENsw4wCbwv4RtU_le36L4c2bN9phXwNIIJrYknM6UJjJQri5cd5A_A0RXhyb2ibjP1-kaNgIWJ7PPnRIg-TGEEzAbaGn6XDN-cKD4dn_iiU9YLohPrmc3sECFjndgylOALvvyMI7ZnoX4iFAbZrYknw1IrANZLXdZrhUwF2zgpySXyvLVSS0GCxOoCoE1GN9fHA_2oxbcgRiq8MFrc1OLleYjJ2gfHSTKK4P6dv450iTZQmRXG1aSpMeDCVr0XgrAX6EpeNrD2ogVR312Sg4wDGM3nVghB-nIa7aRqOK6nsUjA6mWkVVIHRiQ_5oC8Pja1bAsoVpIYIr3z3qb0yLghft9zUXVAlQ&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=12909564529962340000&adk=3047537735&idt=192&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
76536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 21:03:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F36C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 18:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Jun 2024 18:25:16 GMT
truncated
/ Frame C288 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84df6c71474cd4b232d43a05d1878267a5fd7eef3f10d75ab359f64f467fa757

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
cw_svtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_svtr.php?wid=522&hid=95d6bbfdac29b315a266d82d4f09c043
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
c20839e2aef73875e74205e178380170.png
cdn.pixfuture.com/content_widget/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/c20839e2aef73875e74205e178380170.png
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b77e1be6e53c41a16c16c16c65641f1c683a3e1ebb1d12a035dc6016c67652

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
89117
content-length
44630
last-modified
Fri, 09 Sep 2022 09:11:42 GMT
server
cloudflare
etag
"631b034e-ae56"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKDnd5XfYw7VJtj%2FNT6PlB3wlJ812iKg%2BLDxE0dqZnG4VPKETUIehibUdsdwu%2BSfowDVsL0RO2hAZwoMlH33IKdhBQLSsgEPwk1sRCs611RvgLZprXRraeM1UsWNd1BXtpXfPryP6%2B9NdGeXWAfP"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7d32a9a04aa00418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 06 Jun 2023 19:53:55 GMT
f0826e73fd65aaa7dc41e04be756bbfe.png
cdn.pixfuture.com/content_widget/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/f0826e73fd65aaa7dc41e04be756bbfe.png
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
209a8689017a87ce9d7245a5ec27319c435d1f5db4940f6e4a829b4bd8dff122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19612
content-length
47085
last-modified
Fri, 09 Sep 2022 09:11:13 GMT
server
cloudflare
etag
"631b0331-b7ed"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69Y7gjme3Sz9aAi0DGJjWk%2BzEoPiluXEKK6CLkBd8oWLXHfhLQxYZOhG5A1tDAPtJH2xa1eC621wStQSGnloj44qkHOhitwU7p3O7F2%2FC%2BGpItgtvkn8qqDBn8nWP5jf9H4CJ0xQEEytdWnDD7ZX"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7d32a9a04aa20418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 07 Jun 2023 15:23:54 GMT
f4aba32e1b7de025b9e844f59f0aeea5.png
cdn.pixfuture.com/content_widget/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/f4aba32e1b7de025b9e844f59f0aeea5.png
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae6635350774bd3a01b56056ae406f23926f879b29e5682663982111621681a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
89117
content-length
23068
last-modified
Fri, 09 Sep 2022 09:10:48 GMT
server
cloudflare
etag
"631b0318-5a1c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMemQdtvX2wulOLx18e8dIfdKJvAmEG6XvyI7pkgZp%2FFZ6ODSL%2BlKb13P566U09YbfDyOD3Cfx6jukyy8yy55tMtBEqENcSiT98%2BI%2FRR059s9UkWz1loBhiQ2bXGR%2BnjNn5cmGj8ziMBqUx9Mvzq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7d32a9a04aa50418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 06 Jun 2023 02:49:34 GMT
baaf56827a16c01028d9e3c786e559a1.png
cdn.pixfuture.com/content_widget/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/baaf56827a16c01028d9e3c786e559a1.png
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1872a0305644f10e3b26f34f97dcf88c4fde5bd51a7ecbc3cef5e4e29bf2465c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
89117
content-length
10620
last-modified
Fri, 09 Sep 2022 09:10:20 GMT
server
cloudflare
etag
"631b02fc-297c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S4noJtFGd9zl0XhQpzhd4mO4VX4zq%2F1NPpQBHFWfaTIgYVR34Hkm67wR0V7ZVYB6YGpI0CCeDntMh9eq7vzy66%2FMc4ED7uJYUXzkHjN%2BIhEvMttPDW%2B8L3%2FDivBu6%2FgqrqeVMySpYrjyvRKcj82"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7d32a9a04aaa0418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 07 Jun 2023 15:23:54 GMT
truncated
/ Frame F36C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cd211100531509c666dc8294533663b7ed90fcf2b70bab25d8a057e8194f263

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
jquery.min.js
cdn.pixfuture.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/jquery.min.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137241
last-modified
Wed, 12 Aug 2020 19:49:59 GMT
server
cloudflare
etag
W/"5f3447e7-1538f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voAo8j%2Bq%2BKJI4hH75042pcbctcXJhyJHnDNwKd6ZXyas4uPCLrKBGSahUbr7Dsg8dUp82zmoqMP6xeqXKRzlRFwF8kDTa589BWL%2BhfoCeB1pRmLfQiCSL5RKSa7JXw7OA1dlWK90jzjxUswMqb74"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7d32a9a09b000418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 05 Jun 2023 22:29:17 GMT
pixf_sync.html
cdn.pixfuture.com/ Frame A668 		933 B
937 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pixf_sync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2088b3c4c6de326a6a4fdff15f374d7a1beb7be687edb87e3f83a8911b8ffd0

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7d32a9a11be50418-FRA
content-encoding
br
content-type
text/html
date
Tue, 06 Jun 2023 18:19:16 GMT
last-modified
Wed, 07 Dec 2022 20:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8Aa9XASXACVYzkTXT6mO6yc63BE%2BC0AoOSZyJpavvAWPuR2psOHE6FUpAiLVvRv8s6fvrrsIPsS9VG5GpyBqjmtb8hM8PbrtZY9Sk5bwGZxguzmjr%2F27H07ReVRxHOAHt%2BGTcMsTTB%2FFOI85LKN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
r.js
aa.agkn.com/adscores/ 		0
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.133.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-133-3.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:19 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
truncated
/ Frame D29F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96a707d2e08cbf484c312dbdaee4c0b2c5eebc2aa90c1749633018cb4457810d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame D29F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssId43jgwWAWu0Z5g2H7MvxJoG3j_XrALnH72RqBoEOR8UW7PKiR1gHUQPWzFg-OFzN59QqbwXEkA1DuQt9SQ1ugYsPPauvFv4h7z50td0it8orKSzrLhVhFGw3Bx0DXab4ol6FvDinIy-x7ik8YJAt_RjsX2_KNBO28cUQpVFb1u9u-dfDEV9o7U2ondv6hRuoXvtUWj5DV7Hl3HzDyLVxHWACE5BJe6Ti3bGrYRjK4VGx2LysCfYkR-1pF0zN3Xwc3CsBmvI-C37-92YlLcur5R51rwIVyPkIc9LExCsyowb3jdXy3bt7m0FdeeUoLoyQ0IyqXbbEWIQP7Ty-1-T2WDi8Mtaq5UOnJCrC6jhLix1gqg8ceFscwUHRfECUt_dh26HSq-F9WBaZrq-RB1sk5bQ7mgiE_39I9_GsdicppaUqP5sPtF-qiaBuHouyJgQJQ1MB-4mqSYJqWcncUpQbHPZHolpUlPaurPwasgmbm2hHUc-rjthE56C9hxgrnzx6_Uwi-IjZSRDisFxifhoGKzrNaQBiOj8Hu4HIcdR5UChDEjoJGJGWzwMqXtNrs7-vt_ep7LI8nAKS_Kj04reqKOsZGtZOHxviihqLaR0Rygj-I0EJQJsSPPohapLZRNaujuthwbXL8pl3C0D3Kob1VuW7OAuC-b1ca8OQ-opT4BbqcdYCdaLmdukHeFYpkeT8RNkgW_5VHtfXcIlPTv0e8ivHiKfFUFXDaBQYZM9S85xRcHvFazR-5WatZCnE_njG-zAzWhIKwxVTc6fywHiUfFv0T78nKd-1Km_WfB6LxRtQJ9H-cdkcCqNCywaZwk2EQNKNAsK1FmXEoQ_ICRHJPssAWkFQTY5zUWlakJzSOGw_nAVEG05xBSPi-Se8Lt3YPsKzLa9NJi6EEMn7qNCZ9I3F5hPRvIH6ugdMjfWEpj4y-efje_2NGEUKOcUpuq9M8lh_eb-P1XtyXzjlhO1gUZdGxltdz1kwbBUkwg0mrIIPpdI6GTT9wGKtUEVerW2HRUv4q3TiDt0VrkpxhPW03i4ffUajxH8u2PPfgkwpN2M9FG7djFgyi_a3FYD_9FbSd8ZrDvZxqNwg6bfUc9pAijbm0WX7ilFdJIbDBXhPCtePbHTgXmrTmIhV6Y0LJoQqSHDTGZm08t5D48xTWCV9cYdEfrZQl44kkqQUGSG_XlDYYigJF6dmxSKqPYC58png_R5ThOrnPc4tp8CkHB4kTCSZU1I5mwMRXJJXjIjtvZgjEd594mBmdQyvz7ldoMOz13yd99d3E0Nsk3u3dBvY&sai=AMfl-YROpklGpT60Jrstb7NFN-YCBCfbUWNievWmfCpEjm_6Buh0hhtYSBZL4ltpIIJXcJ17Fm0b1kkwShkARk_Noec63OazvMsoqmPK0rMsIZKcMqDJ0zbxHyAyScL6vzz1BY6TA-mD3uZgkmkpqzxITLYrwRZasR_gufrtJ1L8hTSPVAsvo7lhFSTtNLzEsUhuv6cq0Vc-49O2q1p4jvF3Dez3q__ZPEiYhgO2sfAKc2QLuV7c2JDgBV9CdDFN7KpQqtCwTs5GETk0pAYWYoveYpa5pxN4pUYro4pg&sig=Cg0ArKJSzOq7yOimII-FEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=110&vt=11&dtpt=109&dett=2&cstd=0&cisv=r20230531.20578&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aimarl6hKciiKGF9y_5D0yulb_aau0NB8KZJhEKmdUth4HjBm-WADI9Mu6l40xwPTQh3PkMMpdxN5ERcJ-oM-iGbz1mtDsUYpFA4UaKXfEumEJpQfDMKtxiCXZR5oFsbAamcOp7Cz2e4pJDCHeFxgpnjq5J6z4NbtjhgFVgGOGBIK7QA8&dbm_d=AKAmf-AkpILMNI-yQpWAEVHDH9Fk4bxj-Tpv9IXBoCH3nSlIFi7eQ8p2FCM0YW8lTXS_aLsV4egGap4IDkYQje9QvWGmk4FK40sycRgSWn1kDqZcM5LUhXBovm9DsSAZ3zeaWXOW4gQbnSkbV3Wlr3n4kV2OsbgFE87oR3eir4LvHUUwfeOKMWg6y6K94v_sD943wdBoQrzCfSLA7Pf8NXcHVe-Cm-N7UH5o8Ne4j_A9hcpuWrONWSeuHw_RVEsvP2wWFfKXsnIc5PRdrpcK_DPykzfhf3q6Xz-r0WiLgtsFarMkiWf--licFKBYk84vDlKf7w65915zi2LmdX5b-8kpgNJqfYVplLDs8kz_ZNnsMmmtRAER0SVWU5p9C-zzgUdu93dDaAPaX3w919nRhKCDTUiLbWnQ_wn-C_5gItgZUPPZqb6vk-UtxAdPJNSTvZp-54lJP0qQPSAcE8tfnPoIrUFSF7whSNMTsgxne6EvsjJzDrsEjf9Mnp1gnVlT8E75K0dZhFvfxlCm-xRTJ7d-jQ9KkpaQ5_p12FzyF9LmWtH_31NnfKe5M7OBQyw2dg4y4kD1ElqbbCgWN2DjC5IQdZFRgnuwf0gNRHaY0sdVY3KSQVonRP6fa4Usxmn-ud77WEaI-I9quqv_M7Zw1X7ZfwdriCP8g1hgUB3OrXAatVNcxcl24GrGrTu6PNibwK8ZzB0fNiqvDVaK7lCPLIjjG8lyZxValLpO9hyWOXMdtNe2U8C2zc4hWqHz-AHWaQ3xCYInZaLBvlT9y5NKfdKgAURTHb1xabN1dRknMENNdqg-9FTUTsLbdyjXmb1IeHmjBB3p89pMJW95-jJPbR1YR6qrnXufjKVypnuZ9qhcQvIN2VMuDz_90P90KIR95ejCUoc0RhLxo1IleNvRdEz9uyysy29j8guUljxz8lzkXyhe5nwVFgQVW2yPLU5UjstwGTc30aulbXHXaooET0H2hTGQ4X2t2Pq7DSk7NgcYUfkPp3Z-wrjf7HWBO3SUZ1DjGgdKTfITDVUUCJwnO-4nytemyuieNgRm1ofZqONH0TRF5xkxl-CeWyJtoNE5IG7F8z944_jY3UDypPf9_IgtvG3Uk1v-ze2bK-tWAj3FAvJhdsiiRuxTAt5ohzrdYI2f-QbPT-v47_Vf0sTzj-oM-xNoO8z0P027XZl836WHqAXUUIRPX4y8en05IJg9_gRbme9wPDJQKOGx8CgkJ0DgimcgYJMKjyCUcASZCYICvBTj9tFHDvgUyuV3J3zC6JCcuHyy5oSTJWMt_9L8Ab9CWi6SlAjeg2e59PPmKKKurr6rmqEJ_RhPtHSpVQzj2q7y_X1ghpUzYdd4e3QamFSx1mnyslY44lM0nepTFNjjv2hKl5VsBbi8vxVrpCEVOgqtQL9dWDYQjIU84jJyk3ZsbAnFFIkuNoiyfIWfX45_8TfNDvuxAie5X1iQvDysXQ_vJTPww1OvznILZPxhVrRuWYCQI1BlQ-g2mMl05nrpIXDJ0_18gSoN5lRjaJHu4erQ8A5SOiFcCrauTmZxWEt79TMeN0oPVC97F9RpvZiv_-evJOj7c-VzSYqySvmPsb-l4MI4qVorDzJjPjM-DEcqCY3ZYjOxR3EFwvCzJ_imc0gp2TX0nl5-GuGb4xByGYVtYZeWCE0K_Ee8oEw-a7lW_Gxtpdocah5zfkx5JXQdNVw0XG7p5Rx_MWDZpO8CNEzcYaMO7ciF8zNGb_cc_pMpMGLElySkIxtUVLbve6MbeBERDTZj9SF9pu_VVWWjhS6-TUdSw2EvtZGetJnGn18ioIXCAxx1nMEgXhhrP08ULDr3QxGnRq0VULuYo0jRtNcS4QFucu_C7K3NEv_LTdeK1O09NPLqZG44jsnyIpYyVTAPHY76WYClkbNzfKsAHBspvLOa9fOLF1jRQDg5CDT71mhc8FvCBpBgjG2Wi9lorpHIyinUNPoIq2yyVlQVPKyF5dpL0l7ay7e0O7rUU-3zEviCJcoe-0IqNjAQVLpWmbttTgC4CbU_shX-cOkMu-EkqmD6UaD0284kmrU2DfipmQGiDiJYOsmvwnVmLQmwW8o2l6HemuTwCIyoONqMtPW6vqEkVRp_3kRDA50gLK7Z98jIK-Eeyt49eZAdz_LU90waTEnOnGXDH1924u5bTQ2jAkj6GV-BMm6RDqWkbTEHIBWa9WgwPj8QVZ-40DTrdbOKu6ivf1uFV2SX4jgyTK9HM82VbgaDlK7R_7I_lCEihUxeM9lRXxlKVp8iOm4iyL3Clvo4_TEohm6v2RVudkS1lXflxM6yLEzy1TIfbGOnpF8HAMC8sON9D8VeUq3orCVNVAp8DJWWlvXmknQN-_M_Wyx4KVDiqzCklpgs-U-BkWfFGOJV4ClrrU41KimqSgn2SfgqYmQ5AkjJuhM8IzTCCccq6VLi26ny_DWUFD26O-nHKjanb436a6GrHwOQQkHGPOJ3Js-6qsm-4UtsJt5S--H7nKXCP-iWc_FRuBzyazM2u6X4xb6NElDP7Is5l8NvpTckhFLw8Py5YzG5pLqocQhSWfAtMMSjuifPTvY_jo_wSkjBISOO3NYhAJ6Ci6NQ96_0ewkCoElLr4mFRjiEnfltuaQEdVxzwd7da_NYcUEEkN03XAWiMlNFDawKvWfE82Abs51KvJa00bZQ4WaFDNgnkpzEzZMtjrA70F-tKYhl9JcHseNpD8dCenwzEXoZBEuTRAcWt_-6JYsK4VtSPJHfTUGy-DmMyIe5MVsQ6Q2XPAcCx8mQsz_Vju3WXFzbfB1MrbcAkQC5Tqv-dZ41GPQuT_77wojoxiKjOUEzr7gFy5eKkve1Pqz3PzZSRs4TPfRrohBJ1Y4EdEEOJqlFfJWThsQH5wo0TKBl6UohXqN4ZPlrk5sMxQIN0_Exw2WW3FBu2iQlsQfQpMVy99uKnKBSLlkfx7n-Zqc7YDn4ZFhyFGWHDg6NsKZLQpqWVEnqO0vTUUwIXSAKKjvkGqpeB0hRhs1K_JtohAtqZjeQhns6gg7r6i3vmJdeTfsqAaNiH7hxO86dgkmvUddxv6ltoewPMpivRpXoH_KsFtEt-5ErTRwc0o36uok-XkE06Kzn9XBapOLqnRufpKQ1LhBxhHvvP3pkBkHs5AUrlbSXCKxzHeecokTYtsMQyd6uGeUYxdDrwiVGbMYWSE710TtKHM7CQGHjDuDVaRIL9FFLahNWql4bmfafpDfQGpbrXcW9Fny7zpLiIdTaONF53l1rY4xuS_j-CrPwTPLbziKw-QPTQqyJdWTLArmF03lYhxbT5w7Q8Ss5aPFHs5lP2EvtNAz20xTzQiWfgpGRfdizXVuewSYB0dq6hSiRZywofreso-QX4yQ-S79K2QNCAsTozA9JrhcJZMfOimrM9fVbEdOnXIpAYLRakqC9-ORg-BRVCs-o10vkaw_1xWu72yWPxwvDS4BcbMdTUqQo1rW1nhARGI40RxJhouxynJA11XHCCJHEEJ5jofHipgdM2pn4Z2mzTm3_5AW3sCCaGRcS58mBirbHzjDuhS-TVQvPpHh234bC5-Tf0pcLHwI9a0gtIrlu9_oQZNJPXEqZQZy-C_bPHZ_E3DG6ZfIraCEyfKOAZv1SVsHQ4O4lSF-WKGa34gTZ9k9FaJtzUWi3ScC-k27pT4xjpmvK8-SdkfmWcfflvGOMIFfGghrQwRP-M85DPnzN7rfQWTnr_fqOWxLspHLnjGR-OtJSQF952qLjt3Li1vI6OsM&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2F&ds=l&xdt=1&iif=1&cor=8069258177115416000&adk=2857193498&idt=185&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 18:19:15 GMT
index.html
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 029E 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2269
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:16 GMT
expires
Wed, 05 Jun 2024 18:19:16 GMT
last-modified
Thu, 16 Feb 2023 16:32:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C288 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstzqzWIf7NEyS0cRRIbwxOLsqZNl0Wmpl0ZJyl2unFRp4wVkbHSNDdNTyRRAwZUoEdPoRyAkQkWlEtKUmEXWTe5OHdfhASS4dZtW5aAGbdkDALHAHyOyZRVW5MbX2KGTI4rOvn6f5RohkTP5QkPNtRK9FxzKi2istLu7JlUsBt6hPK7N8O4x_knNz7VQY9L-Je1O0e0DAqN6ir87MnAXowQ6Y-6NEmhSfEk9m7sqpbnrOlAl8vOi10KI9qNxRszzUheCP30vnCSpQ-T91KdahqHOc0MkdFcU5Rbv46gWRj-oBbzqdhc2-EXGf03kUq7cBzQeebmEK3ujwHOblNfzpXNikZnJc6MdNceyMXHl7J-9uRC9iF-S84jI_xs8JBmsOw0oWWIBJXyeSoqDPcl3HnsV9iAqtpWhaFfYJA6xXBgKoKolWlrRxXcoOOnS41Zp_1x05YL-RqO4LwRmZ4VKR3i11fPYEJDbMF8q9ZxS20-fOD0xpt0TCAU6QL6FGjaKBpxocwtaSr4mksvWlt83UTRRkIaOMCoP_rpCVNBt2AyyVuDMI5C5QRfvVtHFtzYE8V0r_Idb56LfEssFYl7GvC2p-kxriJ7Or-bviAiAwFkHAL3xIYfCswwMJKpasWd2Wi1Ft8yR8k4iSGEyTcLr1AcIwjqqJ-BkcJ783V-Sgo3KPwapbYLxPtxqn6vriVzswAlD9lPqsW75zl1j_5mma8EsyQ_153G_FoF8n4xlETFd9CjIpjHJACfZ1ZxEZJTjqd8hpqBOP0XvoXkzlNfXPm232zLx3inptQiJAFASuy57tGouZF27AAuBnpZXaK2jPF6IavFVt5BuFwxmyun8m-n9m6s_NMye9v8oUMBVIWdOtspyGM1-qnmJqT6VZo1HadpoeM1cjq9slhIwmrRSeEjFYBUWNMbcHlPyLEls5HnUEfv6BaEmbeFGO4kb2sn7RzgTBQG1b6oV0Fkt-mNi1QkgSfRQBXv1HPOkv-Ddl-Q7osefUK4U_AnwXs0AsvStCtJk5lQiRZm9vw8zMzxRMXsKlo0N-nlKltMvjf5OJS3WFwSuv_ET8Ym6LtnbssqcvW8xTq8ICvApygh_xatJNxzPJ6lWJO4W5d8vxIS8YJ55rpVVLUZvfW4uiAdF8Qxw0SFeEODf3-CT1QPq-5Y0Ial0v7kJjzolIkrnCbGzW1LXCPol0GXZDvIzApjzeqYkI_wcYZBMJf_XQTuNdVgb8B05F_igEDnl2Up5wGMtK04LV-0lRvAR04pHFvnhDH44EiIthvQE8JMvNR-1heyPMyH3tdmGX8VEQNPimMuksZcZ8jkHqhTJTiRRlSyr72fAR7VhNI&sai=AMfl-YQSHkNvr2xj7_dc6bbD1_ed2i81hpZpX3zJMmlBvp1kpSgXohoPpdri44xEEiI_0rf7ZfUYYhOJXv1r0s8dl3JALmEoxYqCwl0miEFrKQeTOu0_qmhkVRAY_r9PLO25agxiJQkTaFQ-t1X3N0ZM5j0pxfarYvVp4yTJT5K4cLU7GY8b2e6a05K761qdGeP818OuyopRqVq6JrFuKDkTcQLSLLrSCIPoR6wVvxX_ReJHkZtFU2UAo3vumB6jXRhYurkrBDNkJOwoXGbMBH3k1p25PqnRyUltEarX&sig=Cg0ArKJSzImGLRUTuVNIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=162&cbvp=1&cstd=152&cisv=r20230531.43432&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Jun 2023 18:19:16 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:16 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 22F8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
297754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Jun 2023 07:36:42 GMT
expires
Sun, 02 Jun 2024 07:36:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C6E5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
297754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Jun 2023 07:36:42 GMT
expires
Sun, 02 Jun 2024 07:36:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DB0E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
297754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Jun 2023 07:36:42 GMT
expires
Sun, 02 Jun 2024 07:36:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/9191181530477769020/ Frame 5C74 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9191181530477769020/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb96d71fb7cd250e9c7eb9c3156d8768a7f9cf146dd65d7056b535b097b3452a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
251186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2214
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Jun 2023 20:32:50 GMT
expires
Sun, 02 Jun 2024 20:32:50 GMT
last-modified
Tue, 09 May 2023 14:23:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F36C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMmH4nNYHFWFJemgJFNn9YoHAWOZcSQcMa4BQTvQwOC-6QDZqWWV-O_GsS8qLneLUDN7PJMVWyIBlIjPFImV4IpmmNk43Fw88248AP3dxHfkTj6w5bZ1HQQZlZNg5LqcDRPxsXAZYWn_62vDjCUSvZhfvkD8vUfHLVGqGm8i88oCQ2t2H94mNZmYfZvAUDOuDanq79K5B3rGfI7W9ahvWyBHwRcrkX43NO5n5DsggGGLfBrIgSmqFIXF0yvn6vV3hgEWdvgYznV6zK-Vq0KrvxM9n4rFLfQjcvrli7Qz7dLl8KrXZX9mlxgMO_s6FxuYYj8ePO7rx6X5TtOVyjs26vOOFI1ADriFizO-HB0v3fbatazHum9_aRQZTtB42dkEaWM6eepwYFHw6XLI8t1xD24ajS9gO1uiX23iMXNXnTJgKGZccu9czHGj-t0zOFo-IHffrP_hlGquZ6k2yB16YXfGa6KSpgE3GfYOMj0rhDxNju__bSzyjPVcqHints2uMfHqblwmbbfYE6kOJHJzxgVNCG_GexxwiVp9z_upymqO6qK9Ncht055UeyDgwHWfyP-eqYBNzGT43kbUInTqhnGiYS2XHULE4lalVrjFHESUXOEjNr75k-n9dxNsLN6yvuHhob9oAbvIkyhkvjWs2vJGDkXVMo4wwROekF8t2t05qtsl2G8SkFCvNkBh2-HqMIMe-kBucLww5-ZhAWi68kJua84KeUJrfYjl-qGc7d1JQdShNoELpT1GUNh9jrt2qNZLcC61_6bk67Om5u0QAkWH2YnKPI4FCGityaXv5BLbC-ACE4s-D6NbCGBQwGPWcKOYS7EWjKBWqIEtJ_YKTMOD62y0lQOCDZ2MuX5KZ6yshCGwx3SHUhVj2JBZDhyNxZl8z-vyoGEB01F9YZ31CCIOOhYJhzU5jpR4EulzbfU_ZoKDQXHR69k44Rwt45pMCFhDJFweouqb6Cnq9Dm5pEbJ8skDTn3uXkcQNAhFTLxYiJhtK7lg_ccCAEo9T2xjw5hgeqmX3kn9XN4AjhBQkrnTISETRaZoEO_nb3jBHu3zEprSP1XZ0_5faVyD8GXd3VlojBx1K0c7mhhmmT1wH4MId38Ljvt2iKpqek_FXeu7BXcdVKseE703QZJK1ap1NU_6B9LCEtKF6jH0wTQLYfwRiIQYjOdiNqIzdlT8gntDfQiedYPtHP5T7IMqs6CwaAsmKjBpw9v9tP2PpxklWnNsxmpJ918k8sqsV8P-gsPYUIzsyfKC3D5s7FS7qA2vlXKd2lNVU3h5VIBIJB2uyTAV2Ws7Fz5Q&sai=AMfl-YSkdCnMXZk0ngLb3q5ugaG4gJY-4QHtk7OLHaI4cjOh7ludjh0n5T-zNtGfecn-zaNmMCeffxBY5nnIYQRZ1mwcfXSlUnd8KgT8RfBBD7co-Q31Knl9JgphMP1Xhp22mg2V-zT5z1Qcg6qJapL4WthbqnUyC_kXvFMn7AEIlcVEK9gtJgKnfCrMhnLIu9pj8gUV6af04a6i3CXpab2Zr3o3qjJTWOApxm4wnVzyKaEJP3p28pjix-LLvcaQc24tNBzgnt5EMfG5yg8zIx1w4pv1ova_K2NAY3Ku&sig=Cg0ArKJSzAC_kqcQET_nEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cstd=151&cisv=r20230531.77702&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Jun 2023 18:19:16 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:16 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5C74 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9191181530477769020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9191181530477769020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 18:19:16 GMT
index.js
s0.2mdn.net/sadbundle/9191181530477769020/ Frame 5C74 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9191181530477769020/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9191181530477769020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc332d3f60c6d2e080be60f71daa1aa8aacb6b437ea96f1678f2453347ccb2fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9191181530477769020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122964
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24372
x-xss-protection
0
last-modified
Tue, 09 May 2023 14:23:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jun 2024 08:09:52 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160d1864783c67f39eb03bef232d860b57aba8f26003317974a774a3d5146345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123219
x-xss-protection
0
expires
Tue, 06 Jun 2023 18:19:19 GMT
EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
pagead2.googlesyndication.com/bg/ Frame 22F8 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 13:09:55 GMT
1676550659977.css
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 029E 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 17:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261587
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2325
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 17:39:32 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 029E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Jun 2023 10:36:21 GMT
1676550659977.js
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 029E 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 17:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 17:45:19 GMT
EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
pagead2.googlesyndication.com/bg/ Frame C6E5 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 13:09:55 GMT
EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
pagead2.googlesyndication.com/bg/ Frame DB0E 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 13:09:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A3D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJjBfD2aSp4l2f2yHnIHvYkp5-UVzrDzvdgI_KtK78390Y08A4Fb-b1FYNpuqg5rtQdZlWpFWL4fqnz2I1SZFojdP_2idDKOJSyWcqluQ9K8_bpLiM&sig=Cg0ArKJSzA9YNtnNJenGEAE&id=lidar2&mcvt=1000&p=566,1080,816,1380&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1952367145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686075555434&rpt=267&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C288 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHWiHzEidq9ewClgQPuSo7qVBFWToZHzJeFoQ1F8RroaZgyXM3mnsw7yZIY5QtgGB-9JYAep9bAokiLS8fmLNs_RmcUhRkMfWHVTkQ7W5YfwpQydghRyRRfO5bOwu-GEtsNrhVKg&sai=AMfl-YRLXzpKk8igV1LSE1AOw2Hg4uA4AX-vw4P9UdeWVoiLF4Apu_J6MfTYI6SyBlStKug0y46c51tSgMrQcAlSr7IhZN2eArKWrDWh2VxKeqCohAh5bymI4WLzmMB5qpODgmNFjbHsH0iggO4UKw&sig=Cg0ArKJSzNCJxqWjR5D8EAE&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&id=lidar2&mcvt=1000&p=58,315,308,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1391017988&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686075555414&rpt=457&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F36C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkpLck7Ct961VVQeOkixmiJl2NMWD2FwScJEMBbPmVPxixt4QBcW9_72VvYq0ONqVdpAdoxX_cr2Gkb4uhXdXxHbxqANkhzQy78FESP0zVfFUTJthjznQmRhuzqusXiXPRrxSlKQ&sai=AMfl-YSKx3ix8gfB04COLdwo2xIwI8u9pQ7iwV0o_xqLX5vBrihivyk0F0btjB8vRih-OcyQ3TvDA_DZnYUQhpTfztK_yAa2qjhRw13yrdghUEXWUeUV03psycU1te0a0WM09oiWsMC1Z4d1UE5NDQ&sig=Cg0ArKJSzI70LcxDgyqWEAE&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&id=lidar2&mcvt=1000&p=856,1080,1106,1380&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3713715544&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686075555453&rpt=471&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D29F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_eX_jXbghyJgJbZyMJZwym--6NHlTp_a-qtlgRmmLoy59OO-i7fcvgG4cwhlpZpeI-HU7RbRMqPDTH2CtfT__YlxclmAKSFC35uGjsqyCRFhv5N1EM7GicMA2O2TkifkMaVm2fQ&sai=AMfl-YSJj8dUYEqwF0Zk_UT8ubGCyP3w1ri084YRyJ4bGFZtOUdr9D8P7T8Z6oUx5gh9HelyU7OuRQIYt22fTDN3VnEvAca_Z5sxDmwqyH8tCMT1MLLd0wtDMLFBuljoVdVK4_Jt0iKu3IHrLnxSdw&sig=Cg0ArKJSzBaS8toaSAmHEAE&cid=CAQSTABygQiD8ZPQsUHeCDe9f0HL5Q5b7KjzbCM9-_E-SnzlgpOo8ZleHbiZJ_SnFoCUd8z2iBsrVx9YM9s3N9bUkifqRt5BBzDcq8l_ndAYAQ&id=lidar2&mcvt=1000&p=1060,436,1150,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=228627258&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686075555461&rpt=482&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ Frame A668 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pixf_sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://cdn.pixfuture.com/
Origin
https://cdn.pixfuture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:19 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7d32a9b7cd98918c-FRA
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Thu, 06 Jul 2023 18:19:19 GMT
date
Tue, 06 Jun 2023 18:19:19 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=0d3186c83c323d97c0496337a886a7ba_204831_1686075555415&tm=4797&eT=0&widgetWidth=1160&widgetHeight=40&widgetX=220&widgetY=5232&wRV=2010321&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=4588&oo=true&lo=2052&obreq=1695&mvreq=2278&mvres=6866&cet=4g&to=1686075552756.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 18:19:19 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
581fdeaffbb2283be4f99880c0c25764
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
reel.js
widgets.outbrain.com/nanoWidget/2010321/module/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010321/module/reel.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
73360e766ced0fdba06526c83b984ad4c1ed9531e54c88a32e3012bbbf65986f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Tue, 06 Jun 2023 18:19:19 GMT
content-encoding
gzip
content-length
8618
last-modified
Tue, 30 May 2023 14:06:45 GMT
server
AkamaiNetStorage
etag
"c13c29d67bd1860167a5edd5a29e095b:1685462116.651163"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Tue, 13 Jun 2023 18:19:19 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=061d1a3db2cf4c15bb6268da223a56c2_204831_1686075555575&tm=4805&eT=0&widgetWidth=1154&widgetHeight=771&widgetX=223&widgetY=5284&wRV=2010321&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=2052&obreq=1695&mvreq=2278&mvres=6866&re=6878&cet=4g&cs=4&to=1686075552756.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 18:19:19 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
7de21aa166f6735f2ad82975ce29225a
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:5e00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:40:56 GMT
content-encoding
gzip
via
1.1 16934b1ff62f4dfd4c6c8cdc8f2ace40.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
CDG50-P4
age
27503
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
OncQPN0hdxTJ2by0EsVfEcRB0O3CsrsVrbmM-Ccdj1ERRrVGoB1dmw==
expires
Tue, 06 Jun 2023 22:40:56 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=84a0c6e26c1a8dc636e8de28b3283599_204831_1686075555691&tm=4812&eT=0&widgetWidth=1154&widgetHeight=325&widgetX=223&widgetY=6091&wRV=2010321&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=2052&obreq=1695&mvreq=2278&mvres=6866&re=6886&cet=4g&cs=4&to=1686075552756.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 18:19:19 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
18c737d67262720c59e857fac7c7775b
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=c7c44ec7af42bef69be2b403ab6a0d40_204831_1686075556206&tm=4816&eT=0&widgetWidth=1154&widgetHeight=413&widgetX=223&widgetY=6440&wRV=2010321&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=2052&obreq=1695&mvreq=2278&mvres=6866&re=6890&cet=4g&cs=4&to=1686075552756.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 18:19:19 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
e90c9d44606c40dc314ab32b18ae2327
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=48d938556a55d4be276c39a3498995d6_204831_1686075556331&tm=4820&eT=0&widgetWidth=1154&widgetHeight=826&widgetX=223&widgetY=6877&wRV=2010321&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=2052&obreq=1695&mvreq=2278&mvres=6866&re=6893&cet=4g&cs=4&to=1686075552756.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 18:19:19 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
d61d5a0113d06b7e3c0929299d2ad7f9
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Thu, 06 Jul 2023 18:19:19 GMT
date
Tue, 06 Jun 2023 18:19:19 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"b79638966e0374c455e78107aee59bf4:1673369411.171576"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7647
access-control-request-headers
X-OB-STG,X-OB-PRD
4.js
static.adsafeprotected.com/ Frame D29F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1302878/68126404/4.js?ias_dspID=3&ias_campId=1010093102&ias_pubId=pub-8017808889715710&ias_chanId=1&ias_placementId=19421203336&bidurl=https://www.minitool.com...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2450:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 15:26:31 GMT
x-amz-version-id
kRvzd7CjRoOo3q_aZsSszrsG3sJgteIV
content-encoding
gzip
via
1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
442369
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 01 Jun 2023 15:26:29 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
L1rYH9TV-7NleS3Z-UkN_lTbTr8PWaRDcscUyl53BbCgtQ1OV5zI4Q==

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:19 GMT
server
nginx
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame E93F 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
22300983
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
G34n1lx5LbjhzzMtZa2no36rabBzjEYhv6aOd9QLb8hTNoNq2YNUqQ==
index_atlas_P_.png
s0.2mdn.net/sadbundle/9191181530477769020/images/ Frame 5C74 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9191181530477769020/images/index_atlas_P_.png
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b545ff35ef181d922c75fe8953d94d70d9e104b556ef52f278791f2a9e309c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9191181530477769020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 11:37:09 GMT
x-content-type-options
nosniff
age
369730
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6261
x-xss-protection
0
last-modified
Tue, 09 May 2023 14:23:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jun 2024 11:37:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F36C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMmH4nNYHFWFJemgJFNn9YoHAWOZcSQcMa4BQTvQwOC-6QDZqWWV-O_GsS8qLneLUDN7PJMVWyIBlIjPFImV4IpmmNk43Fw88248AP3dxHfkTj6w5bZ1HQQZlZNg5LqcDRPxsXAZYWn_62vDjCUSvZhfvkD8vUfHLVGqGm8i88oCQ2t2H94mNZmYfZvAUDOuDanq79K5B3rGfI7W9ahvWyBHwRcrkX43NO5n5DsggGGLfBrIgSmqFIXF0yvn6vV3hgEWdvgYznV6zK-Vq0KrvxM9n4rFLfQjcvrli7Qz7dLl8KrXZX9mlxgMO_s6FxuYYj8ePO7rx6X5TtOVyjs26vOOFI1ADriFizO-HB0v3fbatazHum9_aRQZTtB42dkEaWM6eepwYFHw6XLI8t1xD24ajS9gO1uiX23iMXNXnTJgKGZccu9czHGj-t0zOFo-IHffrP_hlGquZ6k2yB16YXfGa6KSpgE3GfYOMj0rhDxNju__bSzyjPVcqHints2uMfHqblwmbbfYE6kOJHJzxgVNCG_GexxwiVp9z_upymqO6qK9Ncht055UeyDgwHWfyP-eqYBNzGT43kbUInTqhnGiYS2XHULE4lalVrjFHESUXOEjNr75k-n9dxNsLN6yvuHhob9oAbvIkyhkvjWs2vJGDkXVMo4wwROekF8t2t05qtsl2G8SkFCvNkBh2-HqMIMe-kBucLww5-ZhAWi68kJua84KeUJrfYjl-qGc7d1JQdShNoELpT1GUNh9jrt2qNZLcC61_6bk67Om5u0QAkWH2YnKPI4FCGityaXv5BLbC-ACE4s-D6NbCGBQwGPWcKOYS7EWjKBWqIEtJ_YKTMOD62y0lQOCDZ2MuX5KZ6yshCGwx3SHUhVj2JBZDhyNxZl8z-vyoGEB01F9YZ31CCIOOhYJhzU5jpR4EulzbfU_ZoKDQXHR69k44Rwt45pMCFhDJFweouqb6Cnq9Dm5pEbJ8skDTn3uXkcQNAhFTLxYiJhtK7lg_ccCAEo9T2xjw5hgeqmX3kn9XN4AjhBQkrnTISETRaZoEO_nb3jBHu3zEprSP1XZ0_5faVyD8GXd3VlojBx1K0c7mhhmmT1wH4MId38Ljvt2iKpqek_FXeu7BXcdVKseE703QZJK1ap1NU_6B9LCEtKF6jH0wTQLYfwRiIQYjOdiNqIzdlT8gntDfQiedYPtHP5T7IMqs6CwaAsmKjBpw9v9tP2PpxklWnNsxmpJ918k8sqsV8P-gsPYUIzsyfKC3D5s7FS7qA2vlXKd2lNVU3h5VIBIJB2uyTAV2Ws7Fz5Q&sai=AMfl-YSkdCnMXZk0ngLb3q5ugaG4gJY-4QHtk7OLHaI4cjOh7ludjh0n5T-zNtGfecn-zaNmMCeffxBY5nnIYQRZ1mwcfXSlUnd8KgT8RfBBD7co-Q31Knl9JgphMP1Xhp22mg2V-zT5z1Qcg6qJapL4WthbqnUyC_kXvFMn7AEIlcVEK9gtJgKnfCrMhnLIu9pj8gUV6af04a6i3CXpab2Zr3o3qjJTWOApxm4wnVzyKaEJP3p28pjix-LLvcaQc24tNBzgnt5EMfG5yg8zIx1w4pv1ova_K2NAY3Ku&sig=Cg0ArKJSzAC_kqcQET_nEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3994&vt=11&dtpt=3840&dett=3&cstd=151&cisv=r20230531.77702&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 18:19:19 GMT
4.js
static.adsafeprotected.com/ Frame F36C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1475223/71249284/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-8017808889715710&ias_chanId=1&ias_placementId=20111329642&bidurl=https://www.minitool.com...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2450:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 15:26:31 GMT
x-amz-version-id
kRvzd7CjRoOo3q_aZsSszrsG3sJgteIV
content-encoding
gzip
via
1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
442369
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 01 Jun 2023 15:26:29 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
Vhxr4qK0oNbfbHHMrryqbdbZrqiETEMfVrs6JiZu-zine3SyG31e3Q==

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:19 GMT
server
nginx
x-server-name
app12.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame B33A 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
22300983
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
LUC_kQWUV9nbdsihymJpfKm2L9U11UK2BA7wunsZkLTzhYW6whaZvg==
logo.svg
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 029E 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5358810056708269933/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 17:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3532
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:32:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jun 2024 17:20:27 GMT
dt
dt.adsafeprotected.com/ Frame D29F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1302878&asId=96a0233b-2c75-6e03-b750-05f65aa930a4&tv=%7Bc:eMCKJB,pingTime:-3,time:92,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:19%7D,%7Bpiv:0,vs:o,r:l,t:91%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:92,n:91,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1,0~0%5D,as:%5B85~728.90%5D%7D%7D,%7Bsl:o,t:91,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C171%7C1721%7C173%7C18*.1302878-68126404%7C181%7C1821%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:20%7D&br=c
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame D29F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1302878&asId=96a0233b-2c75-6e03-b750-05f65aa930a4&tv=%7Bc:eMCKJC,pingTime:-6,time:93,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:93,n:91,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1,0~0%5D,as:%5B85~728.90%5D%7D%7D,%7Bsl:o,t:91,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C171%7C1721%7C173%7C18*.1302878-68126404%7C181%7C1821%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:20%7D&tpiLookup=ao:www.minitool.com*&br=c
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
nginx
x-server-name
dt27.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame F36C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=e61ed528-ba50-d6b0-334f-5f95a38204a0&tv=%7Bc:eMCKJN,pingTime:-3,time:64,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17*.1475223-71249284%7C171%7C1721%7C173%7C18.1302878-68126404%7C181%7C1821%7C183%7C19,idMap:17*,rmeas:1,rend:0,renddet:na,siq:15%7D&br=c
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame F36C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=e61ed528-ba50-d6b0-334f-5f95a38204a0&tv=%7Bc:eMCKJO,pingTime:-6,time:65,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17*.1475223-71249284%7C171%7C1721%7C173%7C18.1302878-68126404%7C181%7C1821%7C183%7C19,idMap:17*,rmeas:1,rend:0,renddet:na,siq:15%7D&tpiLookup=ao:www.minitool.com*&br=c
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rum
cdn.pixfuture.com/cdn-cgi/ Frame A668 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.pixfuture.com/pixf_sync.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type
application/json

Response headers

date
Tue, 06 Jun 2023 18:19:19 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cdn.pixfuture.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7d32a9b96f0c0418-FRA
view
googleads4.g.doubleclick.net/pcs/ Frame C288 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstzqzWIf7NEyS0cRRIbwxOLsqZNl0Wmpl0ZJyl2unFRp4wVkbHSNDdNTyRRAwZUoEdPoRyAkQkWlEtKUmEXWTe5OHdfhASS4dZtW5aAGbdkDALHAHyOyZRVW5MbX2KGTI4rOvn6f5RohkTP5QkPNtRK9FxzKi2istLu7JlUsBt6hPK7N8O4x_knNz7VQY9L-Je1O0e0DAqN6ir87MnAXowQ6Y-6NEmhSfEk9m7sqpbnrOlAl8vOi10KI9qNxRszzUheCP30vnCSpQ-T91KdahqHOc0MkdFcU5Rbv46gWRj-oBbzqdhc2-EXGf03kUq7cBzQeebmEK3ujwHOblNfzpXNikZnJc6MdNceyMXHl7J-9uRC9iF-S84jI_xs8JBmsOw0oWWIBJXyeSoqDPcl3HnsV9iAqtpWhaFfYJA6xXBgKoKolWlrRxXcoOOnS41Zp_1x05YL-RqO4LwRmZ4VKR3i11fPYEJDbMF8q9ZxS20-fOD0xpt0TCAU6QL6FGjaKBpxocwtaSr4mksvWlt83UTRRkIaOMCoP_rpCVNBt2AyyVuDMI5C5QRfvVtHFtzYE8V0r_Idb56LfEssFYl7GvC2p-kxriJ7Or-bviAiAwFkHAL3xIYfCswwMJKpasWd2Wi1Ft8yR8k4iSGEyTcLr1AcIwjqqJ-BkcJ783V-Sgo3KPwapbYLxPtxqn6vriVzswAlD9lPqsW75zl1j_5mma8EsyQ_153G_FoF8n4xlETFd9CjIpjHJACfZ1ZxEZJTjqd8hpqBOP0XvoXkzlNfXPm232zLx3inptQiJAFASuy57tGouZF27AAuBnpZXaK2jPF6IavFVt5BuFwxmyun8m-n9m6s_NMye9v8oUMBVIWdOtspyGM1-qnmJqT6VZo1HadpoeM1cjq9slhIwmrRSeEjFYBUWNMbcHlPyLEls5HnUEfv6BaEmbeFGO4kb2sn7RzgTBQG1b6oV0Fkt-mNi1QkgSfRQBXv1HPOkv-Ddl-Q7osefUK4U_AnwXs0AsvStCtJk5lQiRZm9vw8zMzxRMXsKlo0N-nlKltMvjf5OJS3WFwSuv_ET8Ym6LtnbssqcvW8xTq8ICvApygh_xatJNxzPJ6lWJO4W5d8vxIS8YJ55rpVVLUZvfW4uiAdF8Qxw0SFeEODf3-CT1QPq-5Y0Ial0v7kJjzolIkrnCbGzW1LXCPol0GXZDvIzApjzeqYkI_wcYZBMJf_XQTuNdVgb8B05F_igEDnl2Up5wGMtK04LV-0lRvAR04pHFvnhDH44EiIthvQE8JMvNR-1heyPMyH3tdmGX8VEQNPimMuksZcZ8jkHqhTJTiRRlSyr72fAR7VhNI&sai=AMfl-YQSHkNvr2xj7_dc6bbD1_ed2i81hpZpX3zJMmlBvp1kpSgXohoPpdri44xEEiI_0rf7ZfUYYhOJXv1r0s8dl3JALmEoxYqCwl0miEFrKQeTOu0_qmhkVRAY_r9PLO25agxiJQkTaFQ-t1X3N0ZM5j0pxfarYvVp4yTJT5K4cLU7GY8b2e6a05K761qdGeP818OuyopRqVq6JrFuKDkTcQLSLLrSCIPoR6wVvxX_ReJHkZtFU2UAo3vumB6jXRhYurkrBDNkJOwoXGbMBH3k1p25PqnRyUltEarX&sig=Cg0ArKJSzImGLRUTuVNIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4096&vt=11&dtpt=3934&dett=3&cstd=152&cisv=r20230531.43432&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 18:19:19 GMT
pbixcw.js
cdn.pixfuture.com/ 		396 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbixcw.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be5607ec152b24f0880e3c280b9cb477d607287b2ec3b74c6235ffafb432416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:19 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99021
last-modified
Thu, 09 Feb 2023 19:58:28 GMT
server
cloudflare
etag
W/"63e55064-62fa8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pe0s6dihPSYcprHWi8v7YqJ8JtBDTsQbty1Lo2hCSeUxor90f9vbjE3V5IaWEIV6O%2FgYcHXLhrEV6I38OiVFH35p9ajk8GW2naa2ol7hsQRAUwFv1FWydHLdn0GbgkFZOA1u035K1UIH4lXeqLv2"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7d32a9b98f2d0418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 05 Jun 2023 15:10:54 GMT
dt
dt.adsafeprotected.com/ Frame D29F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1302878&asId=96a0233b-2c75-6e03-b750-05f65aa930a4&tv=%7Bc:eMCKKk,pingTime:-2,time:137,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:4339,beZ:4340,mfA:4342,cmA:4343,inA:4344,inZ:4347,prA:4348,prZ:4354,si:4358,poA:4359,poZ:4375,cmZ:4375,mfZ:4375,loA:4432,loZ:4434,ltA:4476,ltZ:4476%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:19%7D,%7Bpiv:0,vs:o,r:l,t:91%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:137,n:91,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1,0~0%5D,as:%5B85~728.90%5D%7D%7D,%7Bsl:o,t:91,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17.1475223-71249284%7C171%7C1721%7C173%7C18*.1302878-68126404%7C181%7C1821%7C19,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:20,sinceFw:117,readyFired:true%7D&br=c
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index_atlas_NP_.jpg
s0.2mdn.net/sadbundle/9191181530477769020/images/ Frame 5C74 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9191181530477769020/images/index_atlas_NP_.jpg
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ca965b531f63821c74167d41f0cae2a19bd87e74ecb09d61a893c2f3864fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9191181530477769020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 07:39:54 GMT
x-content-type-options
nosniff
age
38365
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76202
x-xss-protection
0
last-modified
Tue, 09 May 2023 14:23:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jun 2024 07:39:54 GMT
dt
dt.adsafeprotected.com/ Frame F36C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=e61ed528-ba50-d6b0-334f-5f95a38204a0&tv=%7Bc:eMCKKm,pingTime:-2,time:99,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:4386,beZ:4387,mfA:4389,cmA:4390,inA:4390,inZ:4393,prA:4393,prZ:4397,si:4401,poA:4402,poZ:4419,cmZ:4419,mfZ:4419,loA:4451,loZ:4453,ltA:4485,ltZ:4485%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:99,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B94~0%5D,as:%5B94~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17*.1475223-71249284%7C171%7C1721%7C173%7C18.1302878-68126404%7C181%7C1821%7C183%7C19,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:15,sinceFw:83,readyFired:true%7D&br=c
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
show_pla
flint.defybrick.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=64881916628058298222222671970122539729300905286409078061022883809256&nc=0&tsf=0&tsfmi=&pv=0&cb=1686075560077&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2930245922&at=&bid=e30%3D&di=W1siZWYiLDM0M10sWzEyLCJ7XCJjdHhcIjpcIndlYmdsMlwiLFwidlwiOlwiaW50ZWwgaW5jLlwi%0D%0ALFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wg%0D%0AZXMgMy4wMCAob3BlbmdsIGVzIGdsc2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2Vi%0D%0AZ2wgMi4wIChvcGVuZ2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJi%0D%0AZW5cIjoxMyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEyODQz%0D%0AMTg1MjEsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjYsZWNYR1gxOW5ucnZWTzJKZGxOaHhCS1FrTHZTRmRBUUJDbGgx%0D%0ANFZVVkZBbEY3K0NBSXFYUkJGQ0UxNkZZa29WVXBBV2hBU0lEMmtaNU50VSs2OWIvMSs1ODdjeldS%0D%0ASkFQbEdsOSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcImtleXdvcmRzXCIsXCJkZXNjcmlwdGlvblwiLFwib2c6%0D%0AdGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCIsXCJ0d2l0%0D%0AdGVyOnRpdGxlXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDgx%0D%0AOTY3MjEzMTE0NzU0MDl9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAs%0D%0AMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAs%0D%0AMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTMz%0D%0AMjQwOTE2My4xNjg2MDc1NTU1Il0sWy0yMSwiQ04wd3dmcXkiXSxbLTIyLCJbXCJuXCIsXCJuXCJd%0D%0AIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjo2ODAwMDAw%0D%0AMCxcInVqaHNcIjo0NDcwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuOCww%0D%0ALFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAs%0D%0AMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJm%0D%0AYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjg2MDc1NTYwMDY0%0D%0ALDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4%0D%0ALCJpLC0xLC0xLDAsMCwxLDAsMjAsNTc5LDk3Miw1MSwwLDE2NTEsMTY1MSw3MzA5LDczMDkiXSxb%0D%0ALTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixu%0D%0AdWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQy%0D%0ALCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIw%0D%0ALDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRu%0D%0ALGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw2NV1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A220%2C%22y%22%3A5232%2C%22w%22%3A1160%2C%22h%22%3A2538%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=UPK8m3MosK&sdd=%7B%7D&pto=7323
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e1d44d22d51304844910cf555e3820d777e90b33d2a5505954d8453ed9ceb846

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1550
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 029E 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 13:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jun 2024 13:54:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 029E 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a272b9f8468d5a619c21709a4fc702db301e25032f20ea4a034d3abe6fba7e79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5852
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 029E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 18:19:20 GMT
cwc.php
served-by.pixfuture.com/www/delivery/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/cwc.php?d=4992x522&keywords=check,windows,registry,malware,remove,it&refUrl=https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html&refresh=false&innerWidth=1600&w=300&h=222
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8b82265e5bb3ff65fbb3cd5e5fb32c0fc86e3f7cf1008768a7c72d1bd5f502f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
transfer-encoding
chunked
content-type
application/json
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 029E 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:11:39 GMT
x-content-type-options
nosniff
age
461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 18:26:39 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 029E 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:08:58 GMT
x-content-type-options
nosniff
age
622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 18:23:58 GMT
EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
pagead2.googlesyndication.com/bg/ Frame DA9F 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 13:09:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22F8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6bwSo3h_ZLP5Kdflx_APge63kAgAAAAAOAHgBAI&bg=!CwilCFzNAAY9J7QfHSc7ADkAdvg8WsyfxMyCgVXCOfksVbLFPCkR3FP4RkEjFr-vb1gvyLCSjOZRINiWhPQ_0Wz9Ea2bBnxMrTkCAAACn1IAAAACaAEHmQNHDu-D9vZ-wooCMy0deeoso6cKxWVfkA8rczWICw6rT1zG0w0ZgDa1LedsXFeVMue_J0x3B1f5Y7ePXvISKAtiyoZ2-T8CLYfpCIFN2pY6lKDpSaGdcmN5nq4wcTE87mFZ8-Dt_oWOMHR3jqF3Od0r6jIPz79Ky6zSYeNI4Cs8sx0CSk4u7UreKdr4M9LYgNHXlIpCnzVbNmUAtstXvYipTHQpR2LSa77PdvJ9dDSiwAdQtzmYRjXvY_I8IlQkNz5tA7iEq0LHYQexA3_xjIIKd7jja5xTjcs2r9aZPpOR2VtiksEk8-vkVdpGnASySunp7_RM5AZC4YQy8F0pZeWCUagNBh_0SB9GJS76oZOrKsr5CZMuezYnTmJX2Fma17-qApfLQtuPz59_3OZpmW4X4Aal5-SNwGN9kHCBQ1RHJo1CUSh1eI5k4EhGBMODeDmRcKSHvRZwNfObePdxS9UU40ZQ-xArZur_iRrPONEOP6LW1QBF8H6eRBwjCHFkVIqSxd4ANgkEAW0UvXuJ-jIPMq7PZJuux_ixAyllgd3JlED5std8RrtBy8yTLUKm7RFjT_iuIgQLJQwG-GW_1Re7v9jybJRzsfV62fWmeDWf1D58hOrOhH2QpwwXfAQ-JWouSUo5SCpIOELF_eBwdl6zuy9UzDK8t_tBXO8-o-fCDrc5D9q4QSEGgdD1TLCqOYlWl6Lytzjn_n6s3WgDHc79yVOz59wan_ITMA0iEFM4beVyXESDvdFguNieXMyiNqiAKDtl53YSlDKl6kxL_0TpItkG-zd2pcy-3VNDH0s-ISZQQ-s1q0-NP0eP61xmdEWUfOJubM4rodRCxeb_Mgzvh245DyQpZLVqQr5gXcui8fIAzKa1jjSRiS3psNpOyQu3sTM24J3J3HYpRnvnxvAGjdliwyutziL636DzAOmdAUI6PnHYjxBvgvgfil5KpLkjZtFVc3ogFbCINC9jYmeuSR4Ligh7r2b-_efF8c1ZHzDWZOlt3qVogybaoVrnbA4ezkyyNYqm5ejy7BPc-BG6lWHHxZaHG0ZNL6-IvoAyMyYJu7o8JRyb3REfsuati19hZSlOsxLRRRN7JZVtsaB3hbJqj4eDpVE
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 029E 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:18:10 GMT
x-content-type-options
nosniff
age
79270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51681
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 20:18:10 GMT
03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame 029E 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 03:31:11 GMT
x-content-type-options
nosniff
age
53289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91120
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Jun 2023 03:31:11 GMT
dt
dt.adsafeprotected.com/ Frame D29F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1302878&asId=96a0233b-2c75-6e03-b750-05f65aa930a4&tv=%7Bc:eMCKSP,pingTime:-10,time:664,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS45MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1686075560463%7C%7Cd6bfa266c90785cf49173580a19b6af6%7C%7Ce2cb1dcbe7da8721e3ae9a3fd2b4449b%7C%7Ca27b02d2e5014360e8196d9fbafca95e%7C%7C05bdeea82cc274176f7c22269a2f2695%7C%7C416db64ea81eb48539dd6f01820f9a2a%7C%7C6257585b99d30e6e72afeafe050e6d6c%7C%7C0a7074c45d850914622ae0d1ea008982%7C%7C1663701684%7D
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame C6E5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqYzQo3h_ZNjMLeCPjuwPk62S8AQAAAAAOAHgBAI&bg=!goGlgdXNAAY9J7QfHSc7ADkAdvg8WgcrJDUq26Knab-UssbcwDmjVrSqOQlCxTwR5hWTkyMFQOYQgzKq6hNuA5kwhBHI_TlKSxUCAAACtlIAAAAEaAEHCgA0nK6gjdtAWiv0DB25Jnd8ODLglMhXrYLHD_k6AC97EfwULdr1yRu48jNL6baK3d0WR0vHt5kDKR0va05GnzkiC4sICVXnZxXikcGTzGTqu8nEUMVLfF6BA-nXr5TtPRBsbY4FCKmgdH_q9xDgZTKwdMQoh7gFdLX1-_NvN-aujW1ZkQfr63xAwPy6t2BXwcOKtBAifj6B70thYPCSOjQG2jGL6zp5Qp6tlK4Ti7j3X6fPJ9Pvnue0BQtnptEcfPnuLtV2aWfVvEOeY0Vdbdeilo6iv87PidyNvIWBBRoXARn93CIvxN40kP3GWzmKgxiZNFXFd673ptPiN83L9mjMl7xcVUznobqv29EPe4LIOUGxXUQu7Uq_e68IkpLN_rxZJlEoPjuy_j6efIzsfljvp0cuJa2DVfK_6dmxcYsOykyd8EJOIheWzP3hoBgu9e8H6J77zH7_99elJCQOro7KJRFPriwqtOprl5KnehC3uUnHQnAszKuAJaxAUtS6Opl_Q6DwMfut97Ir9gY7VE4G7LluNjvCz-eEtqTmxxen5q9MxwTtvzDh4p1wGGzNV0cTVhx-yVvbSd354LnsHjibg7DjECz_EUZc1YkNnbPXMmq5VQFQJBdsH5sKt0w8zrKgssKzx6GF4X0Ld9aRSX7_nfKCexa7u0LgghFJUJ8eNICBpP0SPMphG7GKmP7GHvci5b7CgKbQ4FV-QJ8LuVGejngQAPwzM9pUkaV67fBNn_amFtMlQ5B7gjTPyt-cBl7pqpN4_U6NGGP86VXaW8sw5LVfQv7ZOs_vIGgQdcbefe8pvoQ0pLaX1iPwrrj2AfeX46Se9mV1VqcgXLAJ4MdwP93Go5-1Tp-n9EL2usfv_JXrVOmc1aGgmrrBfNqWlzS1O9LsBDO02AWhv7_GvsLKYn9aLGHI69T6Hmwjb47vOpzKaDtAUQX8nNVTMySvmgfE7ybuuKO9a1twCfbxXuPqZylblTlLC2uT08dQmDYWZpubeuDLow9FxCOktYP8NQ5jaGA33QwoLVXhydRwc5lG-onj5x49Fvcvzf6Hq_roVzhzZA9wNiiBQOwzjgE2CKARZfXnX9zjbn9b3Efk_dr3pD2pr_w8rC88QYXNYg93m3wYNIiiaL4hGOlC4Byksjd2
Requested by
Host: bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
URL: https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.minitool.com%2F&domain=www.minitool.com&bundle=uBoVw19uY1NDbGRPUkFlUEJweWxOSlJlUjVUeUdxT1Z3OVRpWlZUQjFPc0xoeDZYc3JnTEdWRjBoeVhEN2JzYk9WbTlUY3NDRXdYaXlQJTJCJTJGTElhTENOWVA2OUF1aiUyRmlORTQ3RXJGeVM1MXVScm9hY2NtR1k4cEx3QzklMkY1Z0hRa25uJTJCV3ZwOGNpOWxtN1ZoOEk3QlFqM1dZdUZnJTNEJTNE&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.minitool.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Jun 2023 18:19:20 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
314319
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
r.js
aa.agkn.com/adscores/ 		0
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.133.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-133-3.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
json
gum.criteo.com/sid/ 		2 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.minitool.com%2F&domain=www.minitool.com&bundle=uBoVw19uY1NDbGRPUkFlUEJweWxOSlJlUjVUeUdxT1Z3OVRpWlZUQjFPc0xoeDZYc3JnTEdWRjBoeVhEN2JzYk9WbTlUY3NDRXdYaXlQJTJCJTJGTElhTENOWVA2OUF1aiUyRmlORTQ3RXJGeVM1MXVScm9hY2NtR1k4cEx3QzklMkY1Z0hRa25uJTJCV3ZwOGNpOWxtN1ZoOEk3QlFqM1dZdUZnJTNEJTNE&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
292878
expires
0
f
fid.agkn.com/ 		0
0
529.json
id5-sync.com/g/v2/ 		241 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
44fafeff740e6b0780b0a318d6f05a9e81ea4d62435440bfe989a3e25dcaaf7f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
date
Tue, 06 Jun 2023 18:19:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
959d7b8ed1f86daa8e06e3293e7b01c803ded8b9325c6040d3b2f67bdb352b5d

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.minitool.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 06 Jul 2023 18:19:20 GMT
imp.gif
flint.defybrick.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001362e8c732ef428c9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60635f578afe6d3b2474fbd498fbd39e821da61c45085052aae2d05f91e46042ccf5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82d1c08f77f6aaf93117ae7d8eb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f82dbe0a089eeb14b7bf526bee9fb7b0435bbd160c1b240e7104402d00b0983d382888fbc9227c32c90c6f5ae53df5f5b1aa35e64cfc0911d71d7ee28ab5ab1c74d9523a82e154d509935ee5b8b91fc7be287639c5ca9cfcbcb69ce010478e84b585c754575d1a16eba09d5c18869a99970ecdd2dd085e8f7329fb7e254776898f21140d6a7465501faf9e124f127cbb408f2a27bef23e664880a900a8fec619b083bf6fac774353e7c11685e0d54f5bf9e66d11ea50712512393b753c2991a0be2bbddbca06fc1e4f8e180f8aeed56493cff5b9bb55f6a9f5e661dd77f40776cf416b3644ad0e1d317ff72cb37d9b926cca41fdc2a1d2b241e6e50c982a28e7e080adf4601cc8d8ea9ba8e1140cbacaf3ed6dd797b95&cb=1686075560495&cri=UPK8m3MosK
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB0E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmIano3h_ZJTvLdaSjuwPucOxqAUAAAAAOAHgBAI&bg=!vL-lv-vNAAY9J7QfHSc7ADkAdvg8WuOtb2NibvSaZwsoRPT9yZ3SGmU7qOAhivbv5owDvcatP8Wwlf7FtjzVL5ISTT8CZQ-hcdgCAAACwVIAAAADaAEHmQMj_gdEV4V6cDmmFUQTBrzT40gEB7CyXeD280FCYenftswoMYMAH5eJloawPN5yt4eeSBohdEcJSyiYORhPSTgFdWIVOAjnUX_TIO2ngIZCEUlFWWVlqpn1bDF87rOq1VbVwZKLC24yT2KYiIqQ2ARsCLsS6C5QhHa0RrolB5A8tQGjkRDKeXJvbDPKF00gZ4NNs60oBoH0angEqIxhyEkKenX3BLlrwUW9CtgiQvjseCESrpMa8_APMHIfri6PAPxtxef8gdJQ2YAgefPHmutCtpbEczDBJm4fWs-7YTpP6TadmJS0-lury6uZRn7eJvDURqw-WC62ujShYJko2cM4d2MUhE1gXT-R37ro1jpop-5Pc5Q0soLTiA1vHyUHBEbwp_eCfcwNZI9jTyCYgD1FoI-2Zq7uwQhhlBi97tv06SKn4e6XYa2OSvvNuBouFMuyUugPSUIJTg6dCIdQK8blAT7kGjK9yxTS4l57N61BuG6Xyb9HydXlLiRgUmu6fJzvO45V6HJp3GUdIdGyYpdYY_Qhq7a9SqPGzruoV3bq18jIGZNdJBDlrC4MT_nNTbcwlr9bYLX4wxLCU464KuKTKoAoEDiflOblJjipZpT4YTEIdNgmTLiqDJLAmszZ8nbi6rscn5_fokI4wtfCTF6JvZoo5S7SWfvjwudU7Zo273kvKMO2S-Qcol4XSGCwyfQBStXYrgFTCSQkMEfY9xTpXJF92rWFJ8-lr9GVmO-cq_EYixTHDqZ1cE2wE5rsBeyzVeJn_db5_YQ-CaYvz4vcvB1x_RwD5_G9yMiPOcK0X-hRiBqlMjzAa3mOxNTt8LV7iR-dJRd1y31CqYhCE89r2CIENK0ItHwibfDIEoCJu_iYr9grkoxFsqrMTqnf3CRgEL14zl3pRrm8xLaXEni-yfBSoWmkO755VUOqPZKujHAMlNIQqxWgz17XG3d62OWJwD-UE2_-eSZoQN701KcvZgmCR7qk6kREYWURFV1uV_iH4M3lcIkk_H0X9SUFuWWrRsaW19hvC7Vcxv9uxYRMDCf1YopahJXgHP6E_nqKTMLYQig
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 029E 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:18:10 GMT
x-content-type-options
nosniff
age
79270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51681
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 20:18:10 GMT
dt
dt.adsafeprotected.com/ Frame F36C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=e61ed528-ba50-d6b0-334f-5f95a38204a0&tv=%7Bc:eMCKUF,time:738,type:e,im:%7Bpci:%7Btdr:624%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:738,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B733~0%5D,as:%5B733~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:568,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17*.1475223-71249284%7C171%7C1721%7C173%7C18.1302878-68126404%7C181%7C1821%7C183%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:482%7D&br=c
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cookie_sync
prebidserver.pixfuture.com/ 		1018 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/cookie_sync
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
87707bc27af8e87d69bcd9cde37b97e42b6ae5369f34d66506e977e4f817f4b5

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1018
expires
0
auction
prebidserver.pixfuture.com/openrtb2/ 		298 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
082dc35ea6501f8b38354dfb9fda252a61a276c7a7dd7de5050563a990a24ab1

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
298
expires
0
trinity.json
apex.go.sonobi.com/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211ca2b5904d8bcf%22%3A%224e0678e42ba7153d83b4%7C%22%7D&ref=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&s=25709d74-23c2-4fbd-89cf-05b571e7eaa9&pv=05583386-f15b-4a89-b064-a498870010d3&vp=desktop&lib_name=prebid&lib_v=6.25.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22content%22%3A%7B%22id%22%3A%224992x522%22%2C%22url%22%3A%22https%3A%2F%2Fcdn.pixfuture.com%2Fcontent_widget_video%2Fvideo_4992_522.mp4%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224992%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%2265322ba2-983f-475b-aa79-bc449baa6279%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2265322ba2-983f-475b-aa79-bc449baa6279%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=check%2Cwindows%2Cregistry%2Cmalware%2Cremove%2Cit&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
a7fe9c713a5fc73d735e503ffdc06c84cca7cc284512209dee4fe715f8204d8d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-16
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.minitool.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
607
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f941e707-8c3e-4a69-8270-b12eb20385d9%2Cf941e707-8c3e-4a69-8270-b12eb20385d9&nocache=1686075560588&id5id=0&pubcid=65322ba2-983f-475b-aa79-bc449baa6279&schain=1.0%2C1!pixfuture.com%2C4992%2C1%2C%2C%2C&aus=300x250%2C320x50%2C336x280%2C320x320%2C640x360%2C640x480%7C300x250%2C320x50%2C336x280%2C320x320%2C640x360%2C640x480&divids=4992x522%2C4992x522&aucs=%2C&auid=545696754%2C545696704&tps=bXlrZXl3b3JkPWNoZWNrLHdpbmRvd3MscmVnaXN0cnksbWFsd2FyZSxyZW1vdmUsaXQmbXlvdGhlcmtleXdvcmQ9Y2hlY2ssd2luZG93cyxyZWdpc3RyeSxtYWx3YXJlLHJlbW92ZSxpdA%3D%3D%2CbXlrZXl3b3JkPWNoZWNrLHdpbmRvd3MscmVnaXN0cnksbWFsd2FyZSxyZW1vdmUsaXQmbXlvdGhlcmtleXdvcmQ9Y2hlY2ssd2luZG93cyxyZWdpc3RyeSxtYWx3YXJlLHJlbW92ZSxpdA%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e292b789c91fe98f5abd1a39a3d316803d895068f301dff4606691bc26771e8e

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.minitool.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.80.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-80-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0454c0105375438f1194ab5402d36e3256899428c95f9637c73e6215cb21033f

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
content-encoding
gzip
x-prebid
pbs-java/1.119.0
content-type
application/json
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=469176&zone_id=2769832&size_id=15&alt_size_ids=16%2C43%2C65%2C72%2C198&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4992,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=65322ba2-983f-475b-aa79-bc449baa6279%5E1&rf=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&tk_flint=pbjs_lite_v6.25.0-pre&x_source.tid=f941e707-8c3e-4a69-8270-b12eb20385d9&l_pb_bid_id=189875d474df4b1&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.30989860453471607
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cd44862d0f8bd3eefe381c544f1980e1debcc57e278c58bbbde323316dfe8ae7

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.minitool.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
686b2c777d4877c47051008108a4edca8c7b1d21f8b43d053b3708ee9e35fc7e

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.minitool.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Jun 2023 18:19:20 GMT
v1
btlr.sharethrough.com/universal/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.223.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-223-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
/
ghb.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
88e591c50bd89d0c289afb20067364a41a78b25d810ce16223e582753c976798

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 18:19:20 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.minitool.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
792
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/js/main.min.js?v=20220628144628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-102.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 01:46:28 GMT
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
59572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6676
x-xss-protection
1; mode=block
last-modified
Wed, 03 May 2023 13:48:29 GMT
server
AmazonS3
etag
"befec09eb386fc68a0869c8d1b529dd6"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
NKjvMfgq5u50YcoDTyUFyApzi-hZ86YhmLovsp0O4XnsBscUiK_yRg==
default
embed.tawk.to/5ba07739c666d426648ada8d/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5ba07739c666d426648ada8d/default
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/js/main.min.js?v=20220628144628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edbe2e5100da426a1053c0c03dd457e4243545631d67fdd5bb6af0f577d7cad8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
server
cloudflare
age
4283
etag
W/"stable-v4-64795e77f7f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
7d32a9bfca2a363c-FRA
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
555c93f2c5c27d2d998b2faf691b060e08eb08b793a38d5da3d5d7fd8b48165a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11133
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=412363214&t=timing&_s=2&dl=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&ul=en-us&de=UTF-8&dt=How%20to%20Check%20the%20Windows%20Registry%20for%20Malware%20and%20Remove%20it%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=7878&pdt=208&dns=20&rrt=0&srt=764&tcp=579&dit=1623&clt=1631&_gst=2043&_gbt=2105&_u=YDhAAEABAAAAACAAI~&jid=&gjid=&cid=1332409163.1686075555&tid=UA-686301-28&_gid=1080659650.1686075555&gtm=45He35v0n81PPJRVD9&cd1=Stella&cd2=2023-01&cd3=2020-10&z=84552523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 01:53:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59154
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame F36C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=e61ed528-ba50-d6b0-334f-5f95a38204a0&tv=%7Bc:eMCKWG,pingTime:-10,time:863,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS45MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1686075560463%7C%7Cd6bfa266c90785cf49173580a19b6af6%7C%7Ce2cb1dcbe7da8721e3ae9a3fd2b4449b%7C%7Ca27b02d2e5014360e8196d9fbafca95e%7C%7C05bdeea82cc274176f7c22269a2f2695%7C%7C416db64ea81eb48539dd6f01820f9a2a%7C%7C6257585b99d30e6e72afeafe050e6d6c%7C%7C0a7074c45d850914622ae0d1ea008982%7C%7C1663701684,sca:%7Bspg:96a0233b-2c75-6e03-b750-05f65aa930a4%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js?cb=31075093
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 18:19:20 GMT
cw_svtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_svtr.php?wid=522&hid=c20839e2aef73875e74205e178380170
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E701 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 17:03:32 GMT
expires
Wed, 05 Jun 2024 17:03:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4FD7 		783 B
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
84fc78949bdbd100c2a97198d87ab82815c5d3380a3b1394b30f1c9874e26ba4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QpUe9hrxqPUoLxVGhxnBFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-QpUe9hrxqPUoLxVGhxnBFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:20 GMT
expires
Tue, 06 Jun 2023 18:19:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.html
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 381C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-102.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51668
cache-control
max-age=86400
content-encoding
gzip
content-length
1930
content-type
text/html
date
Tue, 06 Jun 2023 04:13:57 GMT
etag
"1b1a56d9c9fcf8acab07f238231461df"
last-modified
Mon, 08 May 2023 11:42:34 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-cf-id
Lj_rWzDPixvncqzaudotPC_Pn9AWeaL02Cc-OdSq5C3Xp_5xxt3bog==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame C288 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4972998184467&version=m202301230201&ct=76&x=1&cor=18239272352981494000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 381C 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-102.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 12:06:27 GMT
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
22374
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15571
x-xss-protection
1; mode=block
last-modified
Mon, 08 May 2023 11:42:56 GMT
server
AmazonS3
etag
"f90daf8c8f47c6afab7d4e27466118b5"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
bjZWzZX_-IXVJSEYUvkNIDHybB5c0CRns2aedrwIRX6aWRndZE59yg==
dt
dt.adsafeprotected.com/ Frame D29F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1302878&asId=96a0233b-2c75-6e03-b750-05f65aa930a4&tv=%7Bc:eMCL0J,pingTime:1,time:1154,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:19%7D,%7Bpiv:0,vs:o,r:l,t:91%7D,%7Bpiv:100,vs:i,r:,t:144%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1010,o:144,n:91,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1,0~0%5D,as:%5B85~728.90%5D%7D%7D,%7Bsl:o,t:91,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D,%7Bsl:i,t:144,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:170,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17.1475223-71249284%7C171%7C1721%7C173%7C18*.1302878-68126404%7C181%7C1821%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:20,sis:490%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame D29F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1302878&asId=96a0233b-2c75-6e03-b750-05f65aa930a4&tv=%7Bc:eMCL0J,pingTime:1,time:1154,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:19%7D,%7Bpiv:0,vs:o,r:l,t:91%7D,%7Bpiv:100,vs:i,r:,t:144%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1010,o:144,n:91,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1,0~0%5D,as:%5B85~728.90%5D%7D%7D,%7Bsl:o,t:91,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D,%7Bsl:i,t:144,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:170,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17.1475223-71249284%7C171%7C1721%7C173%7C18*.1302878-68126404%7C181%7C1821%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:20,sis:490%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ Frame 4FD7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306050101&jk=2557905677746147&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
pagead2.googlesyndication.com/bg/ Frame E701 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 13:09:55 GMT
twk-main.js
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 		121 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.minitool.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
379126
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Jun 2023 03:15:39 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7d32a9c01e259966-FRA
twk-vendor.js
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.minitool.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
379126
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Jun 2023 03:15:39 GMT
server
cloudflare
etag
W/"ce3014b09c6dfbd6f92bc585fd840580"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7d32a9c01e249966-FRA
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 		210 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6b969806080e1a761470b1f28859f3ff7d1bf3b6b41a2392ef6143af5b0d13
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.minitool.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
379126
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Jun 2023 03:15:39 GMT
server
cloudflare
etag
W/"01b31f3e100a09c2fbb450c0599a9d8e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7d32a9c01e1f9966-FRA
twk-chunk-common.js
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 		205 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e3acc3ea33954ac74406b8bbd9489bba42631dda3b1ebfa20bb8874226a95a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.minitool.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
379126
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Jun 2023 03:15:39 GMT
server
cloudflare
etag
W/"00aa43670bf94cf802dd5797a4416a00"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7d32a9c01e229966-FRA
twk-runtime.js
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed25316f9b1fa338342fa7af622e15a20c0123d200c4bdcbfca53ce5fede3a23
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.minitool.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
379126
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Jun 2023 03:15:39 GMT
server
cloudflare
etag
W/"471fc97e0f884da442b8dc6ac18e204a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7d32a9c01e219966-FRA
twk-app.js
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 		151 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5ba07739c666d426648ada8d/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.minitool.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:20 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
379126
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Jun 2023 03:15:39 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7d32a9c01e209966-FRA
setuid
prebidserver.pixfuture.com/ Frame 818C
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 06 Jun 2023 18:19:21 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

cache-control
no-store
content-length
0
location
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security
max-age=15552000
53aa8807dec7e10d38f59f32
widget.trustpilot.com/trustbox-data/ Frame 381C 		914 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=548e932b00006400057c2827&locale=en-US
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-102.muc50.r.cloudfront.net
Software
Kestrel /
Resource Hash
d74fc278673af1800365cd5d23856b818ea523d7b6cee0cb5ab961bf5d8332c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
MUC50-P1
age
7
etag
"b74a94224093e0a4f4c78751462cd86e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
cache-control
public,max-age=1800
x-amz-cf-id
32YEi4z2NmX3QFH9xKoPhs9i3My0N0nhrxgVAUfNYXJ1Llrhraeejw==
x-xss-protection
1; mode=block
TrustboxImpression
widget.trustpilot.com/stats/ Frame 381C 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.90%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=548e932b00006400057c2827&widgetId=53aa8807dec7e10d38f59f32
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-102.muc50.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=548e932b00006400057c2827
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
b7pZ8QA6o6UnnA1qqnwGBUhf8GWsjkzGqnluqCTSf7T-rvnely96jA==
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame E701 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?L304TQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5ba07739c666d426648ada8d&widgetId=default&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e37e7fe19544adee2096b300794eb4fc3b8f566b1349e6c2b4c1daf283eb89
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1277
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-mbg0
server
cloudflare
etag
W/"2-65-0"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
7d32a9c37aa49c04-FRA
access-control-allow-headers
content-type,x-tawk-token
gen_204
pagead2.googlesyndication.com/pagead/ Frame F36C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4834981466052&version=m202301230201&ct=76&x=1&cor=12909564529962340000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.minitool.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.minitool.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d32a9c37aa79c04-FRA
date
Tue, 06 Jun 2023 18:19:21 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-4p03
start
va.tawk.to/v1/session/ 		64 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3fc453f0e76225200b6a26d7cd832a18df0c2f00a9e8b0ff8337e7ea60a095
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.minitool.com
access-control-allow-credentials
true
cf-ray
7d32a9c46d351965-FRA
access-control-allow-headers
content-type,x-tawk-token
content-length
64
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-j684
/
ads.us.e-planning.net/uspd/1/ Frame A46B
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e20ef05650217e61bd0c642bc53f71f878f1250d879fad4bc4c20212d9e647d3

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 18:19:21 GMT
expires
Tue, 06 Jun 2023 18:19:21 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 06 Jun 2023 18:19:21 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
en.js
embed.tawk.to/_s/v4/app/64795e77f7f/languages/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/64795e77f7f/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
396785
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Jun 2023 03:15:39 GMT
server
cloudflare
etag
W/"585ba00b2c167b90c210161454f843b5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7d32a9c3b888363c-FRA
pixelSync
pixel.sitescout.com/dmp/ Frame A46B 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dc873439cfa8a0b72
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-ams03.e-planning.net/ Frame A46B
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Dc873439cfa8a0b72%26uid%3D%5BUID%5D
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=c873439cfa8a0b72&uid=90ed9ff3-14d1-4244-acef-26223b453a6f
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=c873439cfa8a0b72&uid=90ed9ff3-14d1-4244-acef-26223b453a6f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:21 GMT
content-type
image/gif

Redirect headers

Location
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=c873439cfa8a0b72&uid=90ed9ff3-14d1-4244-acef-26223b453a6f
Date
Tue, 06 Jun 2023 18:19:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame A46B 		676 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 04 Jun 2028 18:19:21 GMT
um
u-ams03.e-planning.net/ Frame A46B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc873439cfa8a0b72%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=c873439cfa8a0b72&uid=7081950935233263137
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=c873439cfa8a0b72&uid=7081950935233263137
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:21 GMT
content-type
image/gif

Redirect headers

Date
Tue, 06 Jun 2023 18:19:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
54c25de5-b4be-43e8-be74-f5a98d045dac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=c873439cfa8a0b72&uid=7081950935233263137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame A46B
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dc873439cfa8a0b72%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=c873439cfa8a0b72&uid=ua-731bb5b0-ce77-3b68-bb54-6d8159e958d3
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=c873439cfa8a0b72&uid=ua-731bb5b0-ce77-3b68-bb54-6d8159e958d3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:21 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=c873439cfa8a0b72&uid=ua-731bb5b0-ce77-3b68-bb54-6d8159e958d3
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
no-store
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame A46B 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dc873439cfa8a0b72%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:21 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-46
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame A46B 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dc873439cfa8a0b72%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame A46B
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c873439cfa8a0b72
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c873439cfa8a0b72
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c873439cfa8a0b72
date
Tue, 06 Jun 2023 18:19:21 GMT
server
fasthttp
content-length
0
usync.html
eus.rubiconproject.com/ Frame FF5F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 18:19:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Jun 2023 18:19:21 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame D86C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
1ac72a6fe240a598c8dabaf9778f216ac05830176276d1434c5199ec2ad58c75

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1829
Content-Type
text/html
Date
Tue, 06 Jun 2023 18:19:21 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D824 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Tue, 06 Jun 2023 18:19:21 GMT
etag
W/"61ddbb71-5f5"
expires
Thu, 02 Mar 2028 17:17:56 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
7e630f9a2b2e8a300fe7cde63fba093a
x-cf-tsc
1677950277
x-cf1
29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 627A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 6F79 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
713b3cd2c9c0381e20aa0f85b65c1c28dca19ef5761c17e4a3812891f0df3103
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7d32a9c46bae5b9e-FRA
content-encoding
br
content-type
text/html
date
Tue, 06 Jun 2023 18:19:21 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
gen_204
pagead2.googlesyndication.com/pagead/ Frame D29F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2133544335074&version=m202301230201&ct=76&x=1&cor=8069258177115416000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame 6F79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 6F79 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=5ea144a6-d5c4-44ed-a341-bb599495d9b7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5ea144a6-d5c4-44ed-a341-bb599495d9b7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c5cc9b5b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=5ea144a6-d5c4-44ed-a341-bb599495d9b7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 6F79 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 6F79 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 6F79 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1686075562.774156,VS0,VE9
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-fra-eddf8230032-FRA
u
dmp.v.fwmrm.net/ad/ Frame 6F79 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f00:c809:e236:12ac:7ef7 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6F79 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 06 Jun 2023 18:19:20 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 6F79 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b002:87fa:f3e4:ea80:83b3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a7b7b304-8b60-40d3-7492-3944620c0ed2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a7b7b304-8b60-40d3-7492-3944620c0ed2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=59036700125370289730573378542898266694&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=59036700125370289730573378542898266694&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c62ce35b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v048-0336a4b02.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4ZM2XODERNo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=59036700125370289730573378542898266694&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 6F79 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=a7b7b304-8b60-40d3-7492-3944620c0ed2&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023060620-99927-0.816453001686075561-90f772e525c33ba5bdffe39d091a3671&zdid=533&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023060620-99927-0.816453001686075561-90f772e525c33ba5bdffe39d091a3671&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c5ac8b5b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023060620-99927-0.816453001686075561-90f772e525c33ba5bdffe39d091a3671&zdid=533&env=mWeb
Date
Tue, 06 Jun 2023 18:19:21 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7241639393108555921&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7241639393108555921&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c59c795b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7241639393108555921&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Date
Tue, 06 Jun 2023 18:19:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 6F79
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a7b7b304-8b60-40d3-7492-3944620c0ed2
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a7b7b304-8b60-40d3-7492-3944620c0ed2
95 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a7b7b304-8b60-40d3-7492-3944620c0ed2
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a7b7b304-8b60-40d3-7492-3944620c0ed2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a7b7b304-8b60-40d3-7492-3944620c0ed2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a7b7b304-8b60-40d3-7492-3944620c0ed2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=HF1GOIwZlxmvBO/3xGEbau&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-49...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=HF1GOIwZlxmvBO/3xGEbau&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c5dca05b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
last-modified
Tue, 06 Jun 2023 18:19:21 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=HF1GOIwZlxmvBO/3xGEbau&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 6F79 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a7b7b304-8b60-40d3-7492-3944620c0ed2&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a7b7b304-8b60-40d3-7492-3944620c0ed2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c53c455b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
cache-control
no-cache
x-server
10.45.11.86
content-length
0
expires
0
cms
ups.analytics.yahoo.com/ups/58697/ Frame 6F79
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
content-type
text/html
cache-control
no-store
content-length
343
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=IJCWLtvYHBEq2K6F92l4WpVNAgiXtuo9%2BS41iYitP1U%3D
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=IJCWLtvYHBEq2K6F92l4WpVNAgiXtuo9%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c53c475b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=IJCWLtvYHBEq2K6F92l4WpVNAgiXtuo9%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 6F79 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=a7b7b304-8b60-40d3-7492-3944620c0ed2&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 6F79 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.71.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-71-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
beacon-n001-dub-prod.krxd.net
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1686075561
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 6F79 		95 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a7b7b304-8b60-40d3-7492-3944620c0ed2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/png
date
Tue, 06 Jun 2023 18:17:14 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame 6F79
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
85 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361&_test=ZH94qgAPwpd7ywAp
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230128-FRA
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2845
x-timer
S1686075562.099791,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
13579

Redirect headers

x-served-by
cache-fra-eddf8230128-FRA
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1686075562.978152,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b7b304-8b60-40d3-7492-3944620c0ed2%26reqId%3Ddf69d3aa-932d-4975-71d1-e110acc7a590%26zdid%3D1361&_test=ZH94qgAPwpd7ywAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=4d39647f-78a9-4e00-9b2f-b4c7572445c0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3a...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=4d39647f-78a9-4e00-9b2f-b4c7572445c0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c67d165b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Tue, 06 Jun 2023 18:19:21 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x14 config_version:"1856"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://mwzeom.zeotap.com/mw?cid=4d39647f-78a9-4e00-9b2f-b4c7572445c0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Tue, 06 Jun 2023 18:19:20 GMT
usermatch.gif
beacon.krxd.net/ Frame 6F79
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
52.31.71.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-71-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
beacon-n017-dub-prod.krxd.net
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1686075562
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
date
Tue, 06 Jun 2023 18:19:22 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a006-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6F79
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7b7b304-8b60-40d3-7492-3944620c0ed2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-749...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7b7b304-8b60-40d3-7492-3944620c0ed2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-749...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7b7b304-8b60-40d3-7492-3944620c0ed2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8M63MPGY9CMCQ6N0BTPG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X05VZY84GKN0KV8AXM7D
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7b7b304-8b60-40d3-7492-3944620c0ed2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 6F79 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=a7b7b304-8b60-40d3-7492-3944620c0ed2&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361&puid=a913...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361&puid=a913b2b0-0496-11ee-83b7-23cb6a422402
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c8dee55b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361&puid=a913b2b0-0496-11ee-83b7-23cb6a422402
date
Tue, 06 Jun 2023 18:19:22 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=a7b7b304-8b60-40d3-7492-3944620c0ed2&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c...
  • https://mwzeom.zeotap.com/mw?cid=LIKLUTNU-T-3VK9&env=mWeb&zpartnerid=1770&gdpr=1
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LIKLUTNU-T-3VK9&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c70d965b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LIKLUTNU-T-3VK9&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 6F79
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=a7b7b304-8b60-40d3-7492-3944620c0ed2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=a7b7b304-8b60-40d3-7492-3944620c0ed2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%2...
  • https://mwzeom.zeotap.com/mw?cid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b6...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c8ff035b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame 6F79 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c6ad3c5b9e-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 6F79 		557 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abdf4d9b58a8a51f10b9c7ae1693b9f70eeabd53b34026dce0281beac6244e9d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9c4dbfa5b9e-FRA
access-control-allow-headers
*
casale
match.adsrvr.org/track/cmf/ Frame D86C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame D86C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BXPJW9CVQFRKPAP4RNHK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MJWGWE0X74J8ZR7D3AXD
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D86C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAQTJVV7iZWJOAFbSrJ5KK8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAQTJVV7iZWJOAFbSrJ5KK8&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAQTJVV7iZWJOAFbSrJ5KK8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D86C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7081950935233263137
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7081950935233263137
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 06 Jun 2023 18:19:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
15d21c39-0c51-4cc5-a1e6-334332d5e422
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7081950935233263137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame D86C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZH94o2wrGx9DZKclpu7LNwAA%261178?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZH94o2wrGx9DZKclpu7LNwAA%261178
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZH94o2wrGx9DZKclpu7LNwAA%261178
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
34.250.200.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-200-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0fe440efe.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9JJ/hC6+TXc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v048-0370685eb.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
LCE74zUOQ4w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZH94o2wrGx9DZKclpu7LNwAA%261178
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame D86C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7081950935233263137
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7081950935233263137
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 06 Jun 2023 18:19:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1c1d5014-45ea-4f62-aace-22dc8bc29d4c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7081950935233263137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D86C
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=08b34c65-9369-467f-b260-f661bec49816&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=08b34c65-9369-467f-b260-f661bec49816&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:21 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=08b34c65-9369-467f-b260-f661bec49816&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Tue, 06 Jun 2023 18:19:21 GMT
server
_
content-length
0
ix
ad4m.at/ad/sim/ Frame D86C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
um
u-ams03.e-planning.net/ Frame D86C 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=c873439cfa8a0b72&uid=ZH94o2wrGx9DZKclpu7LNwAA%261178
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:21 GMT
content-type
image/gif
15581
rtb.gumgum.com/usync/ Frame E43D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.148.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-148-186.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b7738faf2de54da7a16ae6d889bf5f59c04f80d898dc2a4931087864475069f3

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 06 Jun 2023 18:19:21 GMT
etag
W/"0e24b5fc3eaa3030af0469e67964c8056"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 1864 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 06 Jun 2023 18:19:21 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C321 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35363
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 18:19:21 GMT
expires
Wed, 07 Jun 2023 04:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
prebidserver.pixfuture.com/ Frame DAC9 		0
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AE-6BVEg%2fYH6CFbO
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 06 Jun 2023 18:19:21 GMT
expires
0
pragma
no-cache
vary
Origin
usync.js
eus.rubiconproject.com/ Frame FF5F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 16:53:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81305
Connection
keep-alive
Content-Length
10112
Expires
Wed, 07 Jun 2023 16:54:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306050101&jk=2557905677746147&bg=!zs2lzZnNAAY9J7QfHSc7ADkAdvg8Wqt2fhN-IdNMnPrivkaw945WxxJ1xSJCkDcKA0N8zcImjr6xVkkBeobdEsBvZkkwffZa4eICAAAA5FIAAAAHaAEHCgB5fcSaoNIc912Lhl2hAu35TL-W57CnWogt4ajfVughEM3M5tAs7JpcG4LPUnnaR1iU2Slzd7tt6Z2jW7bWfyFV-kBjKsY1nIzr9I4fS0NpmeHhdsR8wn1NXS7oCzML7WdSkl2UlCfqIY_nuvGHGs-_0iNt3lNxaCicR5kC5ZwCbvXXJDO6yUDFGG2v3AVYgd3bZRsXIys5ZWu8dAvq-yW6Nh4fCH5Fn5Tr2HVBYFioSgymIbmZsbLwE50bb_io_E-9icjdNjoI3lgyTQvRxbvQHjDABAGai-JEz2Vynfbx9Brnzi6FZnhfZ65vj08P0ctDFD_k1ydsUimjOLCS2Yh1d2vNtuWlOQYXE9-vzTwZ2TYQdUTLYicJuaZl1qsMlrlHkoM4B45urZsgXQWEkxq_5ykrKzANI-7zIvMqMDpU8WbHaNlp9VUN_6zd20KmUq00Bi_SBfhtVxZ8QffHBsSUJAb5SaqY0es8Gak2KrrZ1-rLxfQUO4oRS9hh2WGPdPLZ-kJt8MdKUTE1MM5hHLZK8ZKq9QBBQ3hCcsUxTCn6bJF74vEAhUGotfexi6yD5gv346OG_3Fu5EQPt5ZJAJnQcdJIou8F2KB0JetDeoVdnGkBSic45wqDYiPBY6hCaDGZ7a7tVBFomKYdfRvm0ZU58u3e6fm6DLQCNUElhX51dULKMJ-Hk79Tpg-hm6G2jMHKwz3jD-NJjQuFkeY6NGM8kfVbBWzIXI-9puVrkQK_kvrQI0ZzwwGwvaEshtV6R9UqXAqpZtWFEJccb89d6bLBw27ubxeFDA-zv5REXqKpxxSHgAWqdsXrFNNTRn2NAPFjLndjNlP8_nruW7dyQiTAiHqfmlEvgXybWm2s63TyTaYm7ru_Of2qxolTkY2Z-K4ndADluTGoIy_aFemDHtGwHXbYZke78EZVABwZgStyEMGoGlyZI-Cm21t1IQYzlQ8C8l1VhU9cUHofCdK680tZPprUyDFjT_HFtwZyfRLTiLDgohXI3ziXZjgku3d2_QMJRlMsUQfVnWRdlR0PbzIHC1_alcfVfTaMk6nWkJgOYSLxvGSzctg9yF3OWFeWg_rvvi2DLRSBqtZaRhE4iqQuzd2qGHt5n6jxPQQF1hQRiXXX8U1b6rt-5WjM2lidAZin_A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame FF5F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=LIKLUTNU-T-3VK9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame C321 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11979081&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5c96dc2794ce0c6659a428f206899e12a3aa29a75cc5d8c3e09ce2b480297dbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 18:19:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 2EA1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0f53647f-78a9-4f00-aa63-6b113f87aaed&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0f53647f-78a9-4f00-aa63-6b113f87aaed&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:21 GMT
Expires
Tue, 06 Jun 2023 18:19:20 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x12 config_version:"1856"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0f53647f-78a9-4f00-aa63-6b113f87aaed&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 3475
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3372652571521370752
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3372652571521370752
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3372652571521370752
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 3071
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:21 GMT
expires
Tue, 06 Jun 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
876620
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 9FB9
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828226987759
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828226987759
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 06 Jun 2023 18:19:21 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433828226987759
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7E44
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N8FAKBB9VWT1EYNAAG6D

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Jun 2023 18:19:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MW9VT7RQ2K3B9NBKHKA8
Pug
image2.pubmatic.com/AdServer/ Frame F928
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ayzOa2ogmDRwfZw1ayjUaDkhnDtwe81paS37EZpw
42 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ayzOa2ogmDRwfZw1ayjUaDkhnDtwe81paS37EZpw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 06 Jun 2023 18:19:21 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ayzOa2ogmDRwfZw1ayjUaDkhnDtwe81paS37EZpw
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5E22
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081950935233263137&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081950935233263137&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
bab05b8d-12c6-42a1-9601-2d26a0d62c64
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Jun 2023 18:19:21 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081950935233263137&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5147
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241639393108555921&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241639393108555921&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 06 Jun 2023 18:19:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241639393108555921&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
image2.pubmatic.com/AdServer/ Frame 8F6F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdllVN0lfdkVBQUNKWEx1aHk1dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABvYU7I_vEAACJXLuhy5w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABvYU7I_vEAACJXLuhy5w&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABvYU7I_vEAACJXLuhy5w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2590308365955943298&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABvYU7I_vEAACJXLuhy5w&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABvYU7I_vEAACJXLuhy5w&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABvYU7I_vEAACJXLuhy5w&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame C763
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZH94qgACl4XR6wBR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 06 Jun 2023 18:19:22 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230128-FRA
x-timer
S1686075562.095621,VS0,VE90

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 06 Jun 2023 18:19:22 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZH94qgACl4XR6wBR
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230128-FRA
x-timer
S1686075562.977907,VS0,VE95
Pug
simage2.pubmatic.com/AdServer/ Frame 423E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D3GEDFRxXaFfOglBLK1ZkVD_Cs0&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D3GEDFRxXaFfOglBLK1ZkVD_Cs0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Jun 2023 18:19:22 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D3GEDFRxXaFfOglBLK1ZkVD_Cs0&gdpr=0&gdpr_consent=
bridge
cm.adgrx.com/ Frame 936A 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 06 Jun 2023 18:19:22 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-3
Pug
image2.pubmatic.com/AdServer/ Frame 22C5
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1puxks5jee0l
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1puxks5jee0l
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Tue, 06 Jun 2023 18:19:22 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1puxks5jee0l
lws
222
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
cm
ipac.ctnsnet.com/int/ Frame D94E 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 06 Jun 2023 18:19:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame 4C23 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-54a9032a2013@version_1.552
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame CB0C
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=26f4ed78aeb22edb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXUMWnQTSgnhXXnQh&gdpr=0&gdpr_consent=
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXUMWnQTSgnhXXnQh&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXUMWnQTSgnhXXnQh&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame CC33
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 18:19:22 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
s.tribalfusion.com/z/ Frame 2D51
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7d32a9c9095dbb97-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7d32a9c65c7abb97-FRA
content-type
text/html
date
Tue, 06 Jun 2023 18:19:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
123
um
u-ams03.e-planning.net/ Frame 6F47 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=c873439cfa8a0b72&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Tue, 06 Jun 2023 18:19:21 GMT
server
openresty
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C321
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MfNbDo5US2OgavLFhWvunw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=35363
accept-ranges
bytes
content-length
5554
expires
Wed, 07 Jun 2023 04:08:44 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C321 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.172.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-172-99.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.22.203
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame C321
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
via
1.1 google
last-modified
Tue, 06 Jun 2023 18:19:22 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
date
Tue, 06 Jun 2023 18:19:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame C321
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZW0yTEdZd1VuYm1SOVNabGU1THZlYUNZdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2556422807963527101&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
18.214.236.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-236-190.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame C321
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzFGMzVCMEUtOEU1NC00QjYzLUEwNkEtRjJDNTg1NkJFRTlG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C321
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJq5SBg9UI9JUOaWmAwXIZ4&google_cver=1
42 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJq5SBg9UI9JUOaWmAwXIZ4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJq5SBg9UI9JUOaWmAwXIZ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C321 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 05 Jun 2023 18:19:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C321
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2556422807963527101
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2556422807963527101
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2556422807963527101
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C321 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame C321
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lVsoKtBE2uX055BFbHqIKLhxxdoa9e0-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lVsoKtBE2uX055BFbHqIKLhxxdoa9e0-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lVsoKtBE2uX055BFbHqIKLhxxdoa9e0-~A&gdpr=0
date
Tue, 06 Jun 2023 18:19:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C321 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/31F35B0E-8E54-4B63-A06A-F2C5856BEE9F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6b04:f2d6:9b64:eb08 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame C321
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=7a86a7b6-84fd-449e-bc27-087750661b82&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame C321 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C321 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C321
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3845378058995340535&gdpr=0&gdpr_consent=&us_privacy=
1 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3845378058995340535&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3845378058995340535&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C321
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:85df1338-e83e-4a18-9e51-0c419766503f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:85df1338-e83e-4a18-9e51-0c419766503f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:85df1338-e83e-4a18-9e51-0c419766503f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
usersync
usersync.gumgum.com/ Frame E43D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7081950935233263137
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7081950935233263137
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Tue, 06 Jun 2023 18:19:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6c02fab1-efd3-4ff7-b9ff-c2720945c39c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=7081950935233263137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame E43D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
18.194.57.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-57-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame E43D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0f71840c-5471-5da1-5f3a-09412cad5991$ip$80.255.10.205
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-0f71840c-5471-5da1-5f3a-09412cad5991$ip$80.255.10.205
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-0f71840c-5471-5da1-5f3a-09412cad5991$ip$80.255.10.205
Date
Tue, 06 Jun 2023 18:19:22 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E43D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E43D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=8u7ueEZeQ34y&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=8u7ueEZeQ34y&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=8u7ueEZeQ34y&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-9cdgk
expires
-1
syncPlatform
sync.outbrain.com/ Frame E43D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&obuid=ENC(BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
no-cache
X-TraceId
1a3579e42168fb6ed96afeca082a531c
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Tue, 06 Jun 2023 18:19:22 GMT
X-TraceId
8a15624a76302a4ee7271684c3063c84
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame E43D 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame E43D 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6b04:f2d6:9b64:eb08 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0
usersync
usersync.gumgum.com/ Frame E43D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=a48a0a6e-c06a-4b72-8b5f-8e3e0837e31b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=a48a0a6e-c06a-4b72-8b5f-8e3e0837e31b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=a48a0a6e-c06a-4b72-8b5f-8e3e0837e31b
Date
Tue, 06 Jun 2023 18:19:22 GMT
Connection
keep-alive
X-CI-RTID
83f83071-c883-4fdd-886f-22fd11b5f75c
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E43D
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 06 Jun 2023 18:19:22 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
315336536
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame E43D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame E43D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=143c3ee1-0d02-4cb8-847e-01e80745e860
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=143c3ee1-0d02-4cb8-847e-01e80745e860
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=143c3ee1-0d02-4cb8-847e-01e80745e860
access-control-allow-origin
*
date
Tue, 06 Jun 2023 18:19:22 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame E43D 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
content-length
0
um
sync.e-planning.net/ Frame E43D 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=c873439cfa8a0b72&uid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:22 GMT
content-type
image/gif
user-sync
sync.adkernel.com/ Frame B916 		22 B
192 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
22
Date
Tue, 06 Jun 2023 18:19:22 GMT
Pragma
no-cache
Server
nginx
e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame 0DEB 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 06 Jun 2023 18:19:26 GMT
Server
nginx
Transfer-Encoding
chunked
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D08C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35363
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 18:19:21 GMT
expires
Wed, 07 Jun 2023 04:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 5E8E 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 06 Jun 2023 18:19:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 1C5C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:21 GMT
Expires
Tue, 06 Jun 2023 18:19:20 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x28 config_version:"1856"
location
https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 4326
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZH94qgAP0z2gkABa
85 B
171 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZH94qgAP0z2gkABa
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2845
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 06 Jun 2023 18:19:22 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
13578
x-served-by
cache-fra-eddf8230128-FRA
x-timer
S1686075562.094695,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 06 Jun 2023 18:19:22 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZH94qgAP0z2gkABa
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230128-FRA
x-timer
S1686075562.978160,VS0,VE90
pixel
cm.g.doubleclick.net/ Frame D8AB 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82OGMxN2UyOS03NTBkLTQ3MWMtYjBlNS1kOGJhMWZmMDgwZWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 9977
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZH94qsCo8YUAAL1sksUAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZH94qsCo8YUAAL1sksUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Jun 2023 18:19:22 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZH94qsCo8YUAAL1sksUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1010.dc4p.scaleout.jp
X-SO-IP
80.255.10.205
X-SO-Key
ZH94qsCo8YUAAL1sksUAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZH94qsCo8YUAAL1sksUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad1010"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad1010
gumgum
cs.admanmedia.com/sync/ Frame FF59 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
nginx
Transfer-Encoding
chunked
usermatchredir
ssum-sec.casalemedia.com/ Frame 0A4B 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:21 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
pxft_iel.js
cdn.pixfuture.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pxft_iel.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77558
cf-bgj
minify
last-modified
Fri, 09 Dec 2022 15:37:52 GMT
server
cloudflare
etag
W/"63935650-139c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swo6Z5SYVnqq%2BO6CnZpP4156iE%2FkEvOcMeQn%2Fii8YCN4icniQBIZoCZjLJnNdoGpp%2BtpYYa6aaOAQ6EX1tpRlCt65WpVeebFc2%2FhKo5LxxhOQ%2BIAIiIp0sTssHtD34kmEfxKNZwRPp74GlnegsgP"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7d32a9c6494d0418-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 07 Jun 2023 16:23:36 GMT
tag.min.js
get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
0Wki3095rBiC8xDP56.qUYf2JNRTRIn7
content-encoding
gzip
via
1.1 2551fa016e0e39646c40c584001d7b4e.cloudfront.net (CloudFront)
date
Tue, 06 Jun 2023 04:39:40 GMT
last-modified
Mon, 07 Nov 2022 19:46:30 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
49187
etag
W/"34bbd675e8b425becff971d5a4756c10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
bJUvm3rRvXVNzQMf2oJtK9QQlUW4Xw8vOEAd_mIT_tqUU1BqXuWp_w==
usersync
usersync.gumgum.com/ Frame 7C0C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 06 Jun 2023 18:19:22 GMT Tue, 06 Jun 2023 18:19:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame BE44
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 18:19:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Jun 2023 18:19:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
setuid
px.ads.linkedin.com/ Frame FF5F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIKLUTNU-T-3VK9
0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIKLUTNU-T-3VK9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A178D929C6BF428AB7D95C6C058AC15E Ref B: FRAEDGE2019 Ref C: 2023-06-06T18:19:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9eg8AmUdsyUdk/0Zlow==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIKLUTNU-T-3VK9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame FF5F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5m8l_g2hRki-iEYe2-Y3nQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5m8l_g2hRki-iEYe2-Y3nQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5m8l_g2hRki-iEYe2-Y3nQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EQAV57FSD5HQPJV21QQC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5m8l_g2hRki-iEYe2-Y3nQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FF5F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/w8IE6bof6VbC1UBrbmHGRg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-yJdxKK1E2oKFDYMm1_bzlNsG7iLM0aVFjlCGNA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-yJdxKK1E2oKFDYMm1_bzlNsG7iLM0aVFjlCGNA--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 06 Jun 2023 18:19:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-yJdxKK1E2oKFDYMm1_bzlNsG7iLM0aVFjlCGNA--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame FF5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIlm4izX5ia8UfNi4DFHSBM&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIlm4izX5ia8UfNi4DFHSBM&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIlm4izX5ia8UfNi4DFHSBM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF5F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA4ZDZiOGU1NGE0MDNkMmU5Y2Q0OWIwZmJmZTM3MDg2ODJmOGY4Mw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA4ZDZiOGU1NGE0MDNkMmU5Y2Q0OWIwZmJmZTM3MDg2ODJmOGY4Mw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA4ZDZiOGU1NGE0MDNkMmU5Y2Q0OWIwZmJmZTM3MDg2ODJmOGY4Mw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame FF5F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FF5F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElLTFVUTlUtVC0zVks5
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDGWTekSRIHR0HDPee1qTq0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElLTFVUTlUtVC0zVks5&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElLTFVUTlUtVC0zVks5&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElLTFVUTlUtVC0zVks5&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FF5F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9kDH8KrtQUu2nq8NpqKlDw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9kDH8KrtQUu2nq8NpqKlDw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9kDH8KrtQUu2nq8NpqKlDw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W5FNRA5XW08GPYZ211BY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9kDH8KrtQUu2nq8NpqKlDw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dt
dt.adsafeprotected.com/ Frame F36C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=e61ed528-ba50-d6b0-334f-5f95a38204a0&tv=%7Bc:eMCLhb,pingTime:1,time:2134,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D,%7Bpiv:100,vs:i,r:,t:1113%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1021,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1108~0,0~100%5D,as:%5B1108~300.250%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1021~100%5D,as:%5B1021~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:372,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17*.1475223-71249284%7C171%7C1721%7C173%7C18.1302878-68126404%7C181%7C1821%7C183%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:482%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame F36C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=e61ed528-ba50-d6b0-334f-5f95a38204a0&tv=%7Bc:eMCLhc,pingTime:1,time:2135,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D,%7Bpiv:100,vs:i,r:,t:1113%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1022,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1108~0,0~100%5D,as:%5B1108~300.250%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:372,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17*.1475223-71249284%7C171%7C1721%7C173%7C18.1302878-68126404%7C181%7C1821%7C183%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:482%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usync.js
eus.rubiconproject.com/ Frame BE44 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 16:53:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81304
Connection
keep-alive
Content-Length
10112
Expires
Wed, 07 Jun 2023 16:54:26 GMT
/
onetag-geo.s-onetag.com/ 		555 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-121.lhr61.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 06:50:36 GMT
via
1.1 15d5c457bd0c425c79ef879bbad74e42.cloudfront.net (CloudFront), 1.1 85245c859414f0ab9f7df4863076627e.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2, LHR61-P4
age
41326
x-amzn-requestid
9874ec95-4e20-431e-9cc0-0419c362d1b8
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
GFaReH_4CYcFTog=
content-length
555
x-amz-cf-id
UhHrnoNu3wYOXLAFE1njgGY2c8sr46Zu9SL9FGDMWS77q5kutkRVDA==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-121.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding
gzip
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
date
Tue, 06 Jun 2023 02:24:05 GMT
last-modified
Wed, 01 Mar 2023 12:13:37 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
57318
x-amz-server-side-encryption
AES256
etag
W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
BG-ct_BwiYjj3XjXTiHs5W8CcExHW5AZhO5zgTsoQoJ-ljXeZDJePg==
%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html
signal-segments.s-onetag.com/desktop/www.minitool.com/ 		279 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.minitool.com/%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash
76a209437f825765bf546f6d9fbc3b8832e02da6455785a8b7f8831c53ea6e6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 12:46:26 GMT
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
19976
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
279
apigw-requestid
GGOZejF0iYcEJKg=
x-amz-cf-id
CxVqzqlit7qK-VCLUmbiqsDAxCnPt6-z0yECq578AGyjsUu3eb-6qw==
www.minitool.com
signal-segments.s-onetag.com/desktop/ 		550 B
853 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.minitool.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-98.muc50.r.cloudfront.net
Software
/
Resource Hash
16e96b6e11b7f7938a3715afff3fb0a8a341f800bbbfb4d6d2569452d6780d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 02:07:35 GMT
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
58307
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
550
apigw-requestid
GEw0SgAOiYcEJFw=
x-amz-cf-id
zhchrfJZgcyixU5eyt0svHLyDioSDXrxo_0Pu0eygKliQZp0rWnnYA==
sync.php
pixel.rubiconproject.com/exchange/ Frame BE44 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIKLUTNU-T-3VK9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-geo.s-onetag.com/ 		555 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-121.lhr61.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 06:50:36 GMT
via
1.1 15d5c457bd0c425c79ef879bbad74e42.cloudfront.net (CloudFront), 1.1 85245c859414f0ab9f7df4863076627e.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2, LHR61-P4
age
41326
x-amzn-requestid
9874ec95-4e20-431e-9cc0-0419c362d1b8
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
GFaReH_4CYcFTog=
content-length
555
x-amz-cf-id
anSXcLjg2GLk-fckx-AA0mn65VgSI3KL59UBWa8mwVXqw6zfZWFyFQ==
cwc.php
served-by.pixfuture.com/www/delivery/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/cwc.php?d=4992x522&keywords=check,windows,registry,malware,remove,it&refUrl=https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html&refresh=true&innerWidth=1600&w=300&h=222
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
506f7af8fc4f495b85ff891159be15e23a02bbdd27b19c5df7c8822f7d4b3bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
transfer-encoding
chunked
content-type
application/json
setuid
prebidserver.pixfuture.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
86 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
Protocol
HTTP/1.1
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
r.js
aa.agkn.com/adscores/ 		0
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.133.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-133-3.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
auction
prebidserver.pixfuture.com/openrtb2/ 		297 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
70826466a8225b670b551df18e2c4815b0203321d7b330726321fd618d97bd3f

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
297
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
861d4a406c4864b6ccc9cc7630a05bb53a92e3353e8213b040b363fd695ffa29

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.minitool.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Jun 2023 18:19:22 GMT
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.223.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-223-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
trinity.json
apex.go.sonobi.com/ 		979 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224949c8697718201%22%3A%224e0678e42ba7153d83b4%7C%22%7D&ref=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&s=bca72156-d2ca-49e1-84b4-c7841013d069&pv=05583386-f15b-4a89-b064-a498870010d3&vp=desktop&lib_name=prebid&lib_v=6.25.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22content%22%3A%7B%22id%22%3A%224992x522%22%2C%22url%22%3A%22https%3A%2F%2Fcdn.pixfuture.com%2Fcontent_widget_video%2Fvideo_4992_522.mp4%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224992%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%2265322ba2-983f-475b-aa79-bc449baa6279%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2265322ba2-983f-475b-aa79-bc449baa6279%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=check%2Cwindows%2Cregistry%2Cmalware%2Cremove%2Cit&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e461962eda1aa52e4157b53410b58306161369b62628766400c8a279a5182e66
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-16
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.minitool.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
565
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b97424350ccb2dfb3b8990518e800445a9e15dfe47a3d6db1a96d8dcfd84646e

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 18:19:21 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.minitool.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
797
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=826d5cf8-cc18-4a49-9fe1-87d15b7ce9a8%2C826d5cf8-cc18-4a49-9fe1-87d15b7ce9a8&nocache=1686075562605&id5id=0&pubcid=65322ba2-983f-475b-aa79-bc449baa6279&schain=1.0%2C1!pixfuture.com%2C4992%2C1%2C%2C%2C&aus=300x250%2C320x50%2C336x280%2C320x320%2C640x360%2C640x480%7C300x250%2C320x50%2C336x280%2C320x320%2C640x360%2C640x480&divids=4992x522%2C4992x522&aucs=%2C&auid=545696704%2C545696754&tps=bXlrZXl3b3JkPWNoZWNrLHdpbmRvd3MscmVnaXN0cnksbWFsd2FyZSxyZW1vdmUsaXQmbXlvdGhlcmtleXdvcmQ9Y2hlY2ssd2luZG93cyxyZWdpc3RyeSxtYWx3YXJlLHJlbW92ZSxpdA%3D%3D%2CbXlrZXl3b3JkPWNoZWNrLHdpbmRvd3MscmVnaXN0cnksbWFsd2FyZSxyZW1vdmUsaXQmbXlvdGhlcmtleXdvcmQ9Y2hlY2ssd2luZG93cyxyZWdpc3RyeSxtYWx3YXJlLHJlbW92ZSxpdA%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
335d1ce1d0cf7a45cdc60106e97766b08c76edfb42b6683833dcde6bfd0508a9

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.minitool.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.80.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-80-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7b2ace3ab16e791d1f02fc9d62bb9ea9bb64a7909a45c91d4cd68dff55a2cdc4

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
content-encoding
gzip
x-prebid
pbs-java/1.119.0
content-type
application/json
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=469176&zone_id=2769832&size_id=15&alt_size_ids=16%2C43%2C65%2C72%2C198&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4992,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=65322ba2-983f-475b-aa79-bc449baa6279%5E1&rf=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&tk_flint=pbjs_lite_v6.25.0-pre&x_source.tid=826d5cf8-cc18-4a49-9fe1-87d15b7ce9a8&l_pb_bid_id=5733041f6f07574&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.567027250762113
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2f5ffbcb98e37a769c888d4fc219d662b8a75973edbbe290c3ab273391972958

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.minitool.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
date
Tue, 06 Jun 2023 18:19:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 18:19:22 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3934 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35362
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 18:19:22 GMT
expires
Wed, 07 Jun 2023 04:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
d
ic.tynt.com/r/ Frame EEF3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Tue, 06 Jun 2023 18:19:23 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
/
onetag-sys.com/usync/ Frame FF2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame 8A19 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 06 Jun 2023 18:19:23 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
ads.us.e-planning.net/uspd/1/ Frame 356A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
246278ddc018fae36c6dc1247855fc348f9c3aa38f2fe7d56620fc36f9b0b5b9

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 18:19:22 GMT
expires
Tue, 06 Jun 2023 18:19:22 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
csync
sync.adtelligent.com/ Frame C86A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7081950935233263137
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7081950935233263137
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Etag
551a676c46f5c8c3
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
64b271ef-3b64-4533-80a2-53a72ecac426
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Jun 2023 18:19:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7081950935233263137
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D31A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35362
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 18:19:22 GMT
expires
Wed, 07 Jun 2023 04:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame AAF7
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2556422807963527101&gdpr=[replace_me]&gdpr_consent=[replace_me]
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2556422807963527101&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Etag
551a676c46f5c8c3
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 06 Jun 2023 18:19:23 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2556422807963527101&gdpr=[replace_me]&gdpr_consent=[replace_me]
server
nginx
csync
sync.adtelligent.com/ Frame D59A 		43 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=743295&extuid=${UID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Etag
551a676c46f5c8c3
Server
Adtelligent
sync.html
s.console.adtarget.com.tr/ Frame 208F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
7dda27a21d2cab5ef52a86f04ce507219dda8ab16bf52f19de0000673f9e5055

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.minitool.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
961
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
Adtelligent
X-Robots-Tag
noindex
checksync.php
contextual.media.net/ Frame FF05 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
24527f35b6e849fcd88f0a97ba8d95baa4f70b362bba9f93ffa5d28aeb10262a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8449
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 18:19:23 GMT
expires
Thu, 08 Jun 2023 18:19:23 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame BE46 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
24527f35b6e849fcd88f0a97ba8d95baa4f70b362bba9f93ffa5d28aeb10262a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8449
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 18:19:23 GMT
expires
Thu, 08 Jun 2023 18:19:23 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 4E08 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 06 Jun 2023 18:19:23 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame B7F6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 18:19:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 146D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35362
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 18:19:22 GMT
expires
Wed, 07 Jun 2023 04:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync.html
s.adtelligent.com/ Frame C1D7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
7e76c98088b3e894f10637cf75b895990311ef9243ddd9804f067b54f72369b9

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.minitool.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
963
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=themediagrid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433828226987759&expires=30&ssp=themediagrid
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433828226987759&expires=30&ssp=themediagrid
Protocol
H2
Server
18.194.57.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-57-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433828226987759&expires=30&ssp=themediagrid
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ 		47 B
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F0V6BP8F7SVPZNZKYBBR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
47
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&google_hm=NmRmYjlhMWMtYWQ3ZC00NjMzLTllOGMtNmQ5YTQ4ODRkMTE4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELnQObOA4vV2uQkYqTqf8XY&google_cver=1&ssp=sonobi&bsw_param=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-46
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
date
Tue, 06 Jun 2023 18:19:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=b44a1d23-dd26-4cb5-ae90-c40987326ac3&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=THVYNEdac29mb1FmcktzY2tGeTBYQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMz8XJf6GlLM_Z6Lv_aGrn4&google_cver=1
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMz8XJf6GlLM_Z6Lv_aGrn4&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-9cdgk
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMz8XJf6GlLM_Z6Lv_aGrn4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433828226987759
49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433828226987759
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-46
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433828226987759
Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YjQ0YTFkMjMtZGQyNi00Y2I1LWFlOTAtYzQwOTg3MzI2YWMz
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESENeZc63NQ-TAP-oxQ2XH3nY&google_cver=1
49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESENeZc63NQ-TAP-oxQ2XH3nY&google_cver=1
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-46
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESENeZc63NQ-TAP-oxQ2XH3nY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8560647f-78a9-4600-b129-0daebddfd485
49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8560647f-78a9-4600-b129-0daebddfd485
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-46
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x28 config_version:"1856"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8560647f-78a9-4600-b129-0daebddfd485
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Jun 2023 18:19:21 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame 356A 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D3436542dc08617db
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-ams03.e-planning.net/ Frame 356A
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D3436542dc08617db%26uid%3D%5BUID%5D
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=3436542dc08617db&uid=90ed9ff3-14d1-4244-acef-26223b453a6f
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=3436542dc08617db&uid=90ed9ff3-14d1-4244-acef-26223b453a6f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:23 GMT
content-type
image/gif

Redirect headers

Location
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=3436542dc08617db&uid=90ed9ff3-14d1-4244-acef-26223b453a6f
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 356A 		676 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 04 Jun 2028 18:19:22 GMT
um
u-ams03.e-planning.net/ Frame 356A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D3436542dc08617db%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=3436542dc08617db&uid=7081950935233263137
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=3436542dc08617db&uid=7081950935233263137
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:23 GMT
content-type
image/gif

Redirect headers

Date
Tue, 06 Jun 2023 18:19:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c4addcd0-81ec-4387-b716-4553dacd80bc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=3436542dc08617db&uid=7081950935233263137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 356A
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D3436542dc08617db%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=3436542dc08617db&uid=ua-731bb5b0-ce77-3b68-bb54-6d8159e958d3
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=3436542dc08617db&uid=ua-731bb5b0-ce77-3b68-bb54-6d8159e958d3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:23 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=3436542dc08617db&uid=ua-731bb5b0-ce77-3b68-bb54-6d8159e958d3
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:23 GMT
cache-control
no-store
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame 356A 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D3436542dc08617db%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-46
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 356A 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D3436542dc08617db%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:23 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 356A
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=csuid_05ea6405-e04a-49c6-adb2-3751fccfc44b&dc=b337141cfdc8cf59&fi=3436542dc08617db
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=csuid_05ea6405-e04a-49c6-adb2-3751fccfc44b&dc=b337141cfdc8cf59&fi=3436542dc08617db
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:23 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=csuid_05ea6405-e04a-49c6-adb2-3751fccfc44b&dc=b337141cfdc8cf59&fi=3436542dc08617db
date
Tue, 06 Jun 2023 18:19:23 GMT
server
fasthttp
content-length
0
usync.js
eus.rubiconproject.com/ Frame B7F6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 16:53:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81303
Connection
keep-alive
Content-Length
10112
Expires
Wed, 07 Jun 2023 16:54:26 GMT
usync.html
eus.rubiconproject.com/ Frame 1B99
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 18:19:23 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Jun 2023 18:19:23 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 667F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
c52bd55899fd2cd04227254552663db97825e1ef60ca31d13133274d3d51c1ed

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1757
Content-Type
text/html
Date
Tue, 06 Jun 2023 18:19:23 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame BB61 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Tue, 06 Jun 2023 18:19:23 GMT
etag
W/"61ddbb71-5f5"
expires
Thu, 02 Mar 2028 17:17:56 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
0b546d0d2120797bc84e2f42094fbe22
x-cf-tsc
1677950277
x-cf1
29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame D5F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 2B18 		760 B
800 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1055b01b91693c4e000fd6957523728b91f43b99382f3856879654317d189a49
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7d32a9cd1a0e5b9e-FRA
content-encoding
br
content-type
text/html
date
Tue, 06 Jun 2023 18:19:23 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 667F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZH94o2wrGx9DZKclpu7LNwAABJoAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6b04:f2d6:9b64:eb08 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ie
match.prod.bidr.io/cookie-sync/ Frame 667F 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.11.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-11-143.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 667F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZH94qgACl4XR6wBR
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZH94qgACl4XR6wBR
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230128-FRA
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1686075563.110975,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZH94qgACl4XR6wBR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 667F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8560647f-78a9-4600-b129-0daebddfd485
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8560647f-78a9-4600-b129-0daebddfd485
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x32 config_version:"1856"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8560647f-78a9-4600-b129-0daebddfd485
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Jun 2023 18:19:22 GMT
rum
dsum-sec.casalemedia.com/ Frame 667F
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=08b34c65-9369-467f-b260-f661bec49816&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=08b34c65-9369-467f-b260-f661bec49816&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=08b34c65-9369-467f-b260-f661bec49816&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Tue, 06 Jun 2023 18:19:23 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 667F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7bJTvbsH1Q6Bh95
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7bJTvbsH1Q6Bh95
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:22 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7bJTvbsH1Q6Bh95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 667F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3845378058995340535
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3845378058995340535
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3845378058995340535
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 667F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2556422807963527101&expiration=1687285161
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2556422807963527101&expiration=1687285161
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2556422807963527101&expiration=1687285161
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
um
u-ams03.e-planning.net/ Frame 667F 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=3436542dc08617db&uid=ZH94o2wrGx9DZKclpu7LNwAA%261178
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3436542dc08617db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:23 GMT
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 1B99 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 16:53:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81303
Connection
keep-alive
Content-Length
10112
Expires
Wed, 07 Jun 2023 16:54:26 GMT
mw
mwzeom.zeotap.com/ Frame 2B18
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7b...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=2970c64c-cf06-44b8-575d-27f693f08540&zdid=1361&puid=a98c...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=2970c64c-cf06-44b8-575d-27f693f08540&zdid=1361&puid=a98c1700-0496-11ee-821a-9b29867dbf7b
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:23 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9cddaac5b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=2970c64c-cf06-44b8-575d-27f693f08540&zdid=1361&puid=a98c1700-0496-11ee-821a-9b29867dbf7b
date
Tue, 06 Jun 2023 18:19:23 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 2B18 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=2970c64c-cf06-44b8-575d-27f693f08540&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:23 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9cd6a545b9e-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 2B18 		557 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=2970c64c-cf06-44b8-575d-27f693f08540&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bdfbc9766bcd10ebae55ac97cd34400ba37b6c478fdc41073d0a892eb51323c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:23 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7d32a9cd7a5e5b9e-FRA
access-control-allow-headers
*
15581
rtb.gumgum.com/usync/ Frame 1406 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.148.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-148-186.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c5386bebc9947e524876c59c694b5e58079747c11337aa6e7115b582f4f68feb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 06 Jun 2023 18:19:23 GMT
etag
W/"077fe649863139ef2e1f8e2144cd03baf"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame D672 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 06 Jun 2023 18:19:23 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C032 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D3436542dc08617db%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35361
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 18:19:23 GMT
expires
Wed, 07 Jun 2023 04:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 19FE 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AE-6BVEg%2fYH6CFbO
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Etag
0da1d4f41ac4e2e9
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0EA6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35361
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 18:19:23 GMT
expires
Wed, 07 Jun 2023 04:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D0C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame ED18
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7081950935233263137&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7081950935233263137&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Etag
f2c526ea5522fa2d
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
a5d20588-55e9-45f3-9893-198b4d766cdc
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Jun 2023 18:19:23 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7081950935233263137&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
csync
sync.adtelligent.com/ Frame C1D7 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
Adtelligent
Etag
551a676c46f5c8c3
Content-Length
43
Content-Type
image/gif
usersync
usersync.gumgum.com/ Frame 1406
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7081950935233263137
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7081950935233263137
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Tue, 06 Jun 2023 18:19:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c600d8db-4031-4c71-9d11-407fdd0c0344
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=7081950935233263137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1406
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy=
  • https://usersync.gumgum.com/usersync?b=bsw&i=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 06 Jun 2023 18:19:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 1406
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0f71840c-5471-5da1-5f3a-09412cad5991$ip$80.255.10.205
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-0f71840c-5471-5da1-5f3a-09412cad5991$ip$80.255.10.205
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-0f71840c-5471-5da1-5f3a-09412cad5991$ip$80.255.10.205
Date
Tue, 06 Jun 2023 18:19:23 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1406
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1406
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Jd9232H2nV4s&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Jd9232H2nV4s&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=Jd9232H2nV4s&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-9cdgk
expires
-1
syncPlatform
sync.outbrain.com/ Frame 1406
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&obuid=ENC(BiqN0TR-QRGFyn4IjDK3Elu6XVA8uPo34HZCl-Sun2ndHEc7KVcl4Eut1Sdws3zK)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:24 GMT
Cache-Control
no-cache
X-TraceId
f8f63389470cd1b7189d452aa32d156a
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Tue, 06 Jun 2023 18:19:23 GMT
X-TraceId
62507c19815805026d6b173161987119
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame 1406 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:23 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1406
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-2JMohW9E2pcXDzdubTRA2bp9P7r8in2LOlRZ~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-2JMohW9E2pcXDzdubTRA2bp9P7r8in2LOlRZ~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 06 Jun 2023 18:19:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-2JMohW9E2pcXDzdubTRA2bp9P7r8in2LOlRZ~A
content-length
0
usersync
usersync.gumgum.com/ Frame 1406
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=a48a0a6e-c06a-4b72-8b5f-8e3e0837e31b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=a48a0a6e-c06a-4b72-8b5f-8e3e0837e31b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=a48a0a6e-c06a-4b72-8b5f-8e3e0837e31b
Date
Tue, 06 Jun 2023 18:19:23 GMT
Connection
keep-alive
X-CI-RTID
bb9fac6d-29a1-4661-a2b7-d237953cff7d
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1406
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 06 Jun 2023 18:19:23 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
317106223
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 1406 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:22 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 1406
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=143c3ee1-0d02-4cb8-847e-01e80745e860
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=143c3ee1-0d02-4cb8-847e-01e80745e860
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=143c3ee1-0d02-4cb8-847e-01e80745e860
access-control-allow-origin
*
date
Tue, 06 Jun 2023 18:19:23 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 1406 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:23 GMT
content-length
0
um
sync.e-planning.net/ Frame 1406 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=3436542dc08617db&uid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

server
openresty
date
Tue, 06 Jun 2023 18:19:23 GMT
content-type
image/gif
csync
sync.console.adtarget.com.tr/ Frame 7DB6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=xQLsnIjCKJftNpspaiXm&pi=admatic
43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=xQLsnIjCKJftNpspaiXm&pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Etag
10b2990ca19c8ea2
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 06 Jun 2023 18:19:23 GMT Tue, 06 Jun 2023 18:19:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=xQLsnIjCKJftNpspaiXm&pi=admatic
pragma
no-cache
csync
sync.console.adtarget.com.tr/ Frame 2908
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2556422807963527101
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2556422807963527101
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Etag
10b2990ca19c8ea2
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 06 Jun 2023 18:19:23 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2556422807963527101
server
nginx
csync
sync.console.adtarget.com.tr/ Frame EBAB
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%...
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=143c3ee1-0d02-4cb8-847e-01e80745e860&gdpr=[replace_me]&gdpr_consent=[replace_me]
43 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=143c3ee1-0d02-4cb8-847e-01e80745e860&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:22 GMT
Etag
10b2990ca19c8ea2
Server
Adtelligent

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Tue, 06 Jun 2023 18:19:23 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=143c3ee1-0d02-4cb8-847e-01e80745e860&gdpr=[replace_me]&gdpr_consent=[replace_me]
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.console.adtarget.com.tr/ Frame 2E25
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=2556422807963527101
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=2556422807963527101
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:23 GMT
Etag
10b2990ca19c8ea2
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 06 Jun 2023 18:19:23 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=2556422807963527101
server
nginx
csync
sync.adtelligent.com/ Frame 208F
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=10b2990ca19c8ea2
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=10b2990ca19c8ea2
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
Adtelligent
Etag
0da1d4f41ac4e2e9
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=10b2990ca19c8ea2
Date
Tue, 06 Jun 2023 18:19:22 GMT
Server
Adtelligent
Etag
10b2990ca19c8ea2
Content-Length
0
user-sync
sync.adkernel.com/ Frame 31A3 		22 B
192 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
22
Date
Tue, 06 Jun 2023 18:19:23 GMT
Pragma
no-cache
Server
nginx
e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame C21B 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 06 Jun 2023 18:19:28 GMT
Server
nginx
Transfer-Encoding
chunked
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A1B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35361
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 18:19:23 GMT
expires
Wed, 07 Jun 2023 04:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 7F2F 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 06 Jun 2023 18:19:23 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame B392
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:23 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:23 GMT
Expires
Tue, 06 Jun 2023 18:19:22 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x30 config_version:"1856"
location
https://usersync.gumgum.com/usersync?b=mmh&i=8560647f-78a9-4600-b129-0daebddfd485&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 48EA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZH94qgACl4XR6wBR&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZH94qgACl4XR6wBR&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:23 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 06 Jun 2023 18:19:23 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZH94qgACl4XR6wBR&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230128-FRA
x-timer
S1686075563.251203,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame D675 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82OGMxN2UyOS03NTBkLTQ3MWMtYjBlNS1kOGJhMWZmMDgwZWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 7B7D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZH94q8Co8YUAAL1skzEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZH94q8Co8YUAAL1skzEAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:23 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Jun 2023 18:19:23 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZH94q8Co8YUAAL1skzEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad252.dc4p.scaleout.jp
X-SO-IP
80.255.10.205
X-SO-Key
ZH94q8Co8YUAAL1skzEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZH94q8Co8YUAAL1skzEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad252"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad252
gumgum
cs.admanmedia.com/sync/ Frame 7664 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 06 Jun 2023 18:19:23 GMT
Server
nginx
Transfer-Encoding
chunked
usermatchredir
ssum-sec.casalemedia.com/ Frame D023 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:23 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 5BFD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:23 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 06 Jun 2023 18:19:23 GMT Tue, 06 Jun 2023 18:19:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=xQLsnIjCKJftNpspaiXm&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 0577
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D3436542dc08617db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 18:19:23 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Jun 2023 18:19:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 0577 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 16:53:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81303
Connection
keep-alive
Content-Length
10112
Expires
Wed, 07 Jun 2023 16:54:26 GMT
03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame 029E 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=jsqqvwF3Sv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 03:31:11 GMT
x-content-type-options
nosniff
age
53292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91120
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Jun 2023 03:31:11 GMT
dc_oe=ChMI89a-9KCv_wIV1_IRCB0B9w2CEAAYACCrvfdKQhMIsMmA9KCv_wIV2IGFCh31XwFS;stragg=1;&timestamp=1686075563518;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C288 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI89a-9KCv_wIV1_IRCB0B9w2CEAAYACCrvfdKQhMIsMmA9KCv_wIV2IGFCh31XwFS;stragg=1;&timestamp=1686075563518;str=Show%20Slide%200;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cwc.php
served-by.pixfuture.com/www/delivery/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/cwc.php?d=4992x522&keywords=check,windows,registry,malware,remove,it&refUrl=https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html&refresh=true&innerWidth=1600&w=300&h=222
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5eeb05aac82ab67f7dc44f0f46856e0e1960a3184491ac74cf39396665a48794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:24 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
transfer-encoding
chunked
content-type
application/json
SPug
simage4.pubmatic.com/AdServer/ Frame C321 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
r.js
aa.agkn.com/adscores/ 		0
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.133.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-133-3.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:24 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
auction
prebidserver.pixfuture.com/openrtb2/ 		298 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
0a142acccdc47c31e172d3b1275428069f4ae87f88cbbe8e2907b567b4fd049d

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:24 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
298
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
67907076724bbf95b9e31039e2480d775aa9cf2ff7ff7446dd81ee52c4fae09f

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:24 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.minitool.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Jun 2023 18:19:24 GMT
trinity.json
apex.go.sonobi.com/ 		979 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2290c9ab195016056%22%3A%224e0678e42ba7153d83b4%7C%22%7D&ref=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&s=b38bf6ed-3b64-4802-b4f5-8007d9abe6e2&pv=05583386-f15b-4a89-b064-a498870010d3&vp=desktop&lib_name=prebid&lib_v=6.25.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22content%22%3A%7B%22id%22%3A%224992x522%22%2C%22url%22%3A%22https%3A%2F%2Fcdn.pixfuture.com%2Fcontent_widget_video%2Fvideo_4992_522.mp4%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224992%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%2265322ba2-983f-475b-aa79-bc449baa6279%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2265322ba2-983f-475b-aa79-bc449baa6279%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=check%2Cwindows%2Cregistry%2Cmalware%2Cremove%2Cit&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
216e71410453fd5f77c0ccfff2e6d99e7255ed0801f9f40d44075d0b2919d983
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:24 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-16
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.minitool.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
565
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.80.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-80-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d0be3feeda733c0c79c8fc5f5235f1e13375424e7c39e33ca9d97ce272ac29c4

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:24 GMT
content-encoding
gzip
x-prebid
pbs-java/1.119.0
content-type
application/json
access-control-allow-origin
https://www.minitool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=469176&zone_id=2769832&size_id=15&alt_size_ids=16%2C43%2C65%2C72%2C198&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4992,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=65322ba2-983f-475b-aa79-bc449baa6279%5E1&rf=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&tk_flint=pbjs_lite_v6.25.0-pre&x_source.tid=05d230fd-1621-4e06-9816-da68628a62d7&l_pb_bid_id=931210eba4b17ca&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31022181816918515
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e173f6d03271af6cb0646ea50f8cf656b6cafc800fe95b69b66f122372220625

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:24 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.minitool.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
date
Tue, 06 Jun 2023 18:19:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.223.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-223-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
date
Tue, 06 Jun 2023 18:19:24 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=05d230fd-1621-4e06-9816-da68628a62d7%2C05d230fd-1621-4e06-9816-da68628a62d7&nocache=1686075564085&id5id=0&pubcid=65322ba2-983f-475b-aa79-bc449baa6279&schain=1.0%2C1!pixfuture.com%2C4992%2C1%2C%2C%2C&aus=300x250%2C320x50%2C336x280%2C320x320%2C640x360%2C640x480%7C300x250%2C320x50%2C336x280%2C320x320%2C640x360%2C640x480&divids=4992x522%2C4992x522&aucs=%2C&auid=545696704%2C545696754&tps=bXlrZXl3b3JkPWNoZWNrLHdpbmRvd3MscmVnaXN0cnksbWFsd2FyZSxyZW1vdmUsaXQmbXlvdGhlcmtleXdvcmQ9Y2hlY2ssd2luZG93cyxyZWdpc3RyeSxtYWx3YXJlLHJlbW92ZSxpdA%3D%3D%2CbXlrZXl3b3JkPWNoZWNrLHdpbmRvd3MscmVnaXN0cnksbWFsd2FyZSxyZW1vdmUsaXQmbXlvdGhlcmtleXdvcmQ9Y2hlY2ssd2luZG93cyxyZWdpc3RyeSxtYWx3YXJlLHJlbW92ZSxpdA%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d99c3ef320f37f5ddf1429816efe0181056ee74a94ef00bc966295e0a215cfa2

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.minitool.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.minitool.com
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
/
ghb2.adtelligent.com/v2/auction/ 		2 KB
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
65120c58ea50104363d7057e3d04517582a7aed059b085a49e23e81ffbbfb85d

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 18:19:24 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.minitool.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
654
dt
dt.adsafeprotected.com/ Frame D29F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1302878&asId=96a0233b-2c75-6e03-b750-05f65aa930a4&tv=%7Bc:eMCM36,pingTime:5,time:5145,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:19%7D,%7Bpiv:0,vs:o,r:l,t:91%7D,%7Bpiv:100,vs:i,r:,t:144%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:144,n:91,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1,0~0%5D,as:%5B85~728.90%5D%7D%7D,%7Bsl:o,t:91,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D,%7Bsl:i,t:144,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:633,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17.1475223-71249284%7C171%7C1721%7C173%7C18*.1302878-68126404%7C181%7C1821%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:20,sis:490%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
server
nginx
x-server-name
dt27.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame D29F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1302878&asId=96a0233b-2c75-6e03-b750-05f65aa930a4&tv=%7Bc:eMCM37,pingTime:5,time:5146,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:19%7D,%7Bpiv:0,vs:o,r:l,t:91%7D,%7Bpiv:100,vs:i,r:,t:144%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:144,n:91,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1,0~0%5D,as:%5B85~728.90%5D%7D%7D,%7Bsl:o,t:91,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D,%7Bsl:i,t:144,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:633,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17.1475223-71249284%7C171%7C1721%7C173%7C18*.1302878-68126404%7C181%7C1821%7C19,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:20,sis:490%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame D08C 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59668818&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
643ea55257c47c01facd1346cc0c9ac302a3fbef13a3f0eb91c638bb156cfba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 06 Jun 2023 18:19:24 GMT
content-length
1532
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame C074 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 06 Jun 2023 18:19:25 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 01B0
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 18:19:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 06 Jun 2023 18:19:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
pub
matching.truffle.bid/sync/ Frame 5C40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 06 Jun 2023 18:19:25 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame B8B4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1686075565060
  • https://ad.turn.com/r/cs?pid=45&rndcb=8645337645
  • https://sync.1rx.io/usersync/turn/3845378058995340535?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 06 Jun 2023 18:19:25 GMT
etag
RX44a870211ccf449190b24fa40efeb76a003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame 3618
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78AF8DD4D24C413680E21FE54DD39F08&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78AF8DD4D24C413680E21FE54DD39F08&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 18:19:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 06 Jun 2023 18:19:25 GMT
expires
Mon, 05 Jun 2023 18:19:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78AF8DD4D24C413680E21FE54DD39F08&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 07AF 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:25 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame D08C 		95 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:25 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7d32a9d96a855b9e-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame D08C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:36 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:36 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame D08C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bfb2bc610b429b26be3042259db04296&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D08C
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7081950935233263137
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7081950935233263137
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc873439cfa8a0b72%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 18:19:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 06 Jun 2023 18:19:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.205; 80.255.10.205; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4fba8189-cb43-49e4-8e12-8cad3b78d741
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7081950935233263137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3B88 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNV0F2XlLhsr9ziKDIEQEiez6nS8CkRWGEKhN8L8oCJx7611q7qLJflrxH7PsEz1_khFPgzmqMxa5B7WTPNEaquVTg7Os_P5tUd4t1mld8su67Daqsb3JCMJ_EIzlfHUhT2bRp9PqzxlLdaFKL2sN24o7sR2tYv3JZKFGmjtI0oWzRyuwQE
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:19:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3996 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3996 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CM3TPc-RRoKXahcBznpSqrN_wwIUNRcsGEENXyfA6TUXHZXE8aylGJh-H8ecbRY9eEJRqZNo9tYL8slRRWMDVYxbyGbLP_xITuyaWkLmUgNhlOsqg
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3996 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17709273515617772541&x=8&ct=76
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e5a11dc3-3cfa-4f8e-86b4-6185446597da
beacon-ams3.rubiconproject.com/beacon/d/ Frame 3996 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/e5a11dc3-3cfa-4f8e-86b4-6185446597da?oo=0&accountId=23564&siteId=469176&zoneId=2769832&sizeId=15&e=6A1E40E384DA563BDE10A6127141C8C8CA866813BAE17C27F272CEE8716E947A66A7A2791746543C3E6B82CF8474ADFBB8B520C6696685698D6D5C8E000298EEB5294A85121B62764A3C38277AB5294F7F564D175977166E15F8B74A1FA55D9CFDF3E6CBB456D41066F4AF9F715D81B227439E61FDB09AD2F3E52355848C119869A8906358651F33D12E47E8ECEA65E5E8674C743FF942C8AEB0904E221A5E81593874744C15C42B42F9D03FDEA81824C965B3BA57724B22E82A954C1004678A
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:24 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
cw_tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
m
ad.yieldlab.net/ Frame 3B88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEMgP2_SaF0sixKcwt8lDDgs&google_cver=1
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEMgP2_SaF0sixKcwt8lDDgs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNV0F2XlLhsr9ziKDIEQEiez6nS8CkRWGEKhN8L8oCJx7611q7qLJflrxH7PsEz1_khFPgzmqMxa5B7WTPNEaquVTg7Os_P5tUd4t1mld8su67Daqsb3JCMJ_EIzlfHUhT2bRp9PqzxlLdaFKL2sN24o7sR2tYv3JZKFGmjtI0oWzRyuwQE
Protocol
HTTP/1.1
Server
23.206.20.27 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-20-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 18:19:25 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 05 Jun 2023 18:19:25 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEMgP2_SaF0sixKcwt8lDDgs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 3B88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIFn3u1O9sksBhFbrXenYqY&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIFn3u1O9sksBhFbrXenYqY&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNV0F2XlLhsr9ziKDIEQEiez6nS8CkRWGEKhN8L8oCJx7611q7qLJflrxH7PsEz1_khFPgzmqMxa5B7WTPNEaquVTg7Os_P5tUd4t1mld8su67Daqsb3JCMJ_EIzlfHUhT2bRp9PqzxlLdaFKL2sN24o7sR2tYv3JZKFGmjtI0oWzRyuwQE
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:25 GMT
last-modified
Fri, 18 Nov 2022 16:49:04 GMT
server
nginx
accept-ranges
bytes
etag
"6377b780-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIFn3u1O9sksBhFbrXenYqY&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3996 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1041342190397&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3996 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1041342190397&version=m202301230201&ct=76&x=8&cor=17709273515617772000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3996 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B09Bc9Jj7SwfNI4JAqcJWekkif1woZ58xJxPoaTnD9uQmqkTw8UBbxZjxyDj-JOaIdh38wuHXuUxathJ226VrM0n7REddrG7qu_h1oYA6tajBmMHGA-waKtXnR60SQkR-EWp_-yEhqkgdZyhnzhiBpmWrXjjrFPzqN77o4jdyKRr8bzMA&dbm_d=AKAmf-DieNdW8Py-ecaHvVdj0HRJy5g7u9o6k99KqIObMHdwN90v6_ik2BvZfa60kewQ0MDbdyOSClOFJnhVssXNngM-s3UqKhhBRjWFLlCbFYyWKJ9jN5YfOxzv8F82sjobY8FA35dw094g5NIUHTJTfRxKQoNIZ5OkzhEuiPijNo0zNHQAXsHfxyOx5hgdWLzCxpBvUCS1f1Dp_CuMBTgE1rD8V-8L-9yw5z5ZZgVn_ufiMuVCsavurlkhBEbSxmdRqheRiJTllBM2qRrtgyFedwYkataEESAUQ5pqNPmEngcZlO7-IJ5FXoVzwsqrRp_6pxOszS69oRmiKq_mIjy_5OFTmalK0WSDcQPa9IyhOFzCoxpqIWWmLpAZfE0XFwUwrewKyW-cmyQkxcSp_2f6hkYzkwMOPyhkJO5okLfmlXEHZJaAAbrSkIwMZcDUzIRmobbzoBQugc3ASm_d-wHlbgrsHSsOqZMcWsB6SQXFY8IUQfjjMsXzWIEpFQRic9AnH0J5A-_4yRByZ7zgcSPJabHtIcAMsqDkNHCs1Jotl3XPDpKKuPIETrB8vXrURqKSRgEn3CN_WugE0Jd4Ky8Pvwnnb772NWZdtgza3qxmdCbNiPr0OeEcT5VuqZrwZsr3Xz1Qk1UX17pDGY-F0tmQa9zdNBTFzNwwpOPVO_FnGCH9GPUoIaCupjSiJfRwJMB9BfuHyx_eplJeKG54gWCTKuWskKmMDcA8ICcUDYzCn3lYItlsPCwe6MTrCcTvYHvdVmo1AS5VloUEEOdQVgY81cJCbu903ACqiI2MGmYDAm7pdYU_g3VUYijoYBVPOoRbJBVdv3llP1VWgISrXlIoo73UXDetx5gu8sbjPYC7uMwmavwt_Jfc2kH6DbLCa_I629MX8D5cQm4WQMre3nuoch4EPH-YmFsQxwnLKYgpNGAKCSMB_JgLrB9nBB55VhqZ-1M8iTm4JGjrwea-5BYLOA9V7gqLb6lFnNecX6m9VU6bKMy9hF082NPeF-1bdXYWBXSsncGi_eB_oUIsZgoue1V61D_TLZsbg_kxKrHRXx0GjzjRvWMS0pS6IDTN522Yi35ZDugqus5W4wXFFpyKWl10H4DD5pUCOKq66MU91wGzupumIdhtUvD-elejGpbJaqeENgvWeyfOeYn8MOUzomB6Hv6JZmiSLypciAj_QR2WGq0tH7uKdE64Cej_1sqWZnfZMwVjweSvtUCASUlDlymQEyvRJ57Cyw5TUdF_FP7rXV73FrtBM0650thvDcdrfA3j8ZdWlSIKdvBANHDysz7QDJ_Lhb3L9R7InLkWMZIWVfZupvEm3JwTsfNOqgnYJyiwvY7W0IZEWlSYfMpYI3-LIHVFS0jN9cBAQBqN2ZpuOkslmU2Gi0IEyTfcpskotbY8S1_za4BpHBUFkluhZ41ZL7fGg5BG8rZ1o4pH8UA5x7vI1Py3S9vopzCO6RZdCn8CT8Qp2Zbv6xY0BsENo0kGETNk8XXN7ueS9-ds_upEuzfn2eF6woSHJaod5GuWHSMaoBEip6GZvtjnwBJFuNCoXuxdeNwjuIWLWaY8FvvloYRYirJcJ2anpnq17DnFRwBRfXDlhv2IxFN5UImCAzG5todSXsYqubJAy4ZJTi7iSG8G8i5beAbwv1UMpf1ZTtdpgd_BjDJav4LFg9UcfoIOjYjUp246JVJGXvst2Z1l9b64-QwOIrDh0e6aGCemFTUB3royAV2vcBvfIrP_fDDSm5UP6iBuGBBsJ14vFb1Sbvtmxt2VxT0F52EBhU0mYZcHsgg-Sb4EGJgjw8TDFbBA07aZ5P5aK0PXwTmobwZlNKxcvHvzckteEzLrj_igWWP4S_kIPnCFFf2H5mc7A0K060AMym01qBX-ToWuU14Tr1EQTFOsarVDTwbjhsmW6lEr8Hp5d1G9UOFEywfqObGK8gfRmgUNbZMZQTDFMc8RxPsezBOGsRrXy60LHi0nIxeGFYRml8slOSQpu42AE51hdoftzT6pr2xlrsbbAfO3HPxBhjkiATuGNNPZKiHqJdvHaBMMdrVJZFzaG4bq-38UwinRjkt9lxNQppUCMwexdNLfiEdbg8YK5E4ecxUW4INHAC8TjrG_BJCAuI5REkqrFn8-eQaF2ljZl7maHYhA8bb5j0qWTrbl49SqgO8IykcKUrKmVycnwAIU1BajoCrUqKRWQDzcvZoUJv3QLPB4LKeq7T8gKHvGrBCnntMhohC07HcONNW9KMjg8yS98E3qTjXflSBQLj-TYKid5Do8ntR2dP9ruRGuJ6UBmRyA21HkN1odVztmKQQVSgxSzoPlnwPfK_d0noc5pf4e9KhmGqRLPpwe6QjcMToHZflQGK-F-cPhRNX5YChBpowh9Mhr3uf3NRoIeNuTW-wi3mO5bKAnuyRYsLe4Vqzq6XKqfoMioBfz4jGXAc54dn4lKHzkgdMSM9Rf0o0M9twC2SX6TtLagn5irrRnyIsaUb5rVTCPMPhX8-XF-6qSoPA7Yol6tCeuM4trMiqiRe1_LsTmx9hs4kMcIVYd7AkE3Hi-biuNawaJRMqYNgvxDxQRTt8Sqx_AsAEq_yCyb0rBVtWRiR15l9ozbDfWuSqdqNlrDYPA70wOvlj973CcbH9aZDFWbOyM3_96Yx0kc9uZ7rRTeltsWmS0WmCnX8UEQIEvLI_-7loW468lybQ83PVHy_TIM3qZcrYArZ6OBGoSpuAJqmGo2__fKFM9VYo-R59lRObM9QnikwLxjiy8WO5XXaYdF7jSpHZMKMxF3hMYhYLVX3j9_pxVNXzVSxLk0v4mwObtGDxraxcqhcnFjkKNLMCkJlm9IAYvTfbV1-uQ-gTZr5yco6Dohf1lhXbFl08h9vs1hMHVvtidj6_1gyfJADXz_v-BYv52yuAtXE8Wgmqld8-42Kv4O6_QbG6H-iZ5VlGRYlGDZmkrETiVizDbV3NAYdkUw8bANRw4uo70j2Ry9QPcCy5l6KROE4jGAl1-Jv2Ro5sgaaFx4kVnebBXtLoZMchBiRUXLE31oXGr7BL3wjBnjjzkLT7hM19U7bffRCmLk_6QFI44AgHUb2zsR5t83cCVDm0b6A93FuEtbGj4bPhv1oWF9ZSpVHpqd50GQNR9_T_iXLN0MfZ2YMnI1gWwUnvK4NGr8HF_xSnqD8XIRkKP1eY5jru2oXUAdtoeZYG1_L4YnKvI7dqFJ0QAQLVEA9AU3KS8kY8Qz2CMidQekAWeNNNV2PJWgig7TezNMP1-iSqwI081HGk5JtpMTRVn4ifep9jGwKe5ujdNHoln22pwudJXvcOXjHH1kIoiIegW7e4tO0LeABqkArqgchAN038GRxKFkrPDFw189jlGIX3XYqgLGoYiwhdACP21qY7jw7xNSKCBs_ZI5YSYHrYovOOagu5iViOPV2A9kwdAhyD3jidSBU0GEwrm-ubGU3lvTInqy2bAbroBbYiW4DJGXp4zF8zcyo_HaB5P5ajcydF9YmLmRQ-m_2f2bbjGZlRxcuyhMF1AeHaTUt33u828wOLFNhUpr8MwMLj3nVuQpK_JjK7YPSKo6UK6NoFnutAgIEESdMJEylOcI93WI_bVRGMX2AhhC-TzPWpJ8vophX_G5HfCeqm6Hik32MJ0oXX2hAOZSD0qmzdARtyqPVKG-lu8Ffqu-OqM3TV8o_joodZoeaB0G3VXB6fNWiQDTX53m5HE_KP9ufbuBreZdxCn7F92gAHhAADfmUNqyEpULFlKj_c&pr=8%3AA0AE259981C808EB&cid=CAQSQABygQiDkH404O8CIn8s20fdIlHJSRriE-WqctGNKtuZvJyq4k-UJHiQV87vVfmx6dxvvA3lQrUvtIB3s2cpBnIYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&ds=l&xdt=0&iif=1&cor=17709273515617772000&adk=1035215994&idt=70&cac=0&dtd=37
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a94ffe4dbf3b1b8e201a2df8767a3699330664abab53631809b0b74bcd48f440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40509
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1475223/71249284/ Frame 3996 		244 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1475223/71249284/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=23564&ias_chanId=8&ias_placementId=20111331724&bidurl=https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gBeqkz-uLy13RD6xIqX1l6
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.211.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-211-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
447bd10b9f4afaf760b6d93cd88399c3cce3f82d68064d6650824cf5609e8fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3996 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
Origin
https://www.minitool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 20:07:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 3996 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B09Bc9Jj7SwfNI4JAqcJWekkif1woZ58xJxPoaTnD9uQmqkTw8UBbxZjxyDj-JOaIdh38wuHXuUxathJ226VrM0n7REddrG7qu_h1oYA6tajBmMHGA-waKtXnR60SQkR-EWp_-yEhqkgdZyhnzhiBpmWrXjjrFPzqN77o4jdyKRr8bzMA&dbm_d=AKAmf-DieNdW8Py-ecaHvVdj0HRJy5g7u9o6k99KqIObMHdwN90v6_ik2BvZfa60kewQ0MDbdyOSClOFJnhVssXNngM-s3UqKhhBRjWFLlCbFYyWKJ9jN5YfOxzv8F82sjobY8FA35dw094g5NIUHTJTfRxKQoNIZ5OkzhEuiPijNo0zNHQAXsHfxyOx5hgdWLzCxpBvUCS1f1Dp_CuMBTgE1rD8V-8L-9yw5z5ZZgVn_ufiMuVCsavurlkhBEbSxmdRqheRiJTllBM2qRrtgyFedwYkataEESAUQ5pqNPmEngcZlO7-IJ5FXoVzwsqrRp_6pxOszS69oRmiKq_mIjy_5OFTmalK0WSDcQPa9IyhOFzCoxpqIWWmLpAZfE0XFwUwrewKyW-cmyQkxcSp_2f6hkYzkwMOPyhkJO5okLfmlXEHZJaAAbrSkIwMZcDUzIRmobbzoBQugc3ASm_d-wHlbgrsHSsOqZMcWsB6SQXFY8IUQfjjMsXzWIEpFQRic9AnH0J5A-_4yRByZ7zgcSPJabHtIcAMsqDkNHCs1Jotl3XPDpKKuPIETrB8vXrURqKSRgEn3CN_WugE0Jd4Ky8Pvwnnb772NWZdtgza3qxmdCbNiPr0OeEcT5VuqZrwZsr3Xz1Qk1UX17pDGY-F0tmQa9zdNBTFzNwwpOPVO_FnGCH9GPUoIaCupjSiJfRwJMB9BfuHyx_eplJeKG54gWCTKuWskKmMDcA8ICcUDYzCn3lYItlsPCwe6MTrCcTvYHvdVmo1AS5VloUEEOdQVgY81cJCbu903ACqiI2MGmYDAm7pdYU_g3VUYijoYBVPOoRbJBVdv3llP1VWgISrXlIoo73UXDetx5gu8sbjPYC7uMwmavwt_Jfc2kH6DbLCa_I629MX8D5cQm4WQMre3nuoch4EPH-YmFsQxwnLKYgpNGAKCSMB_JgLrB9nBB55VhqZ-1M8iTm4JGjrwea-5BYLOA9V7gqLb6lFnNecX6m9VU6bKMy9hF082NPeF-1bdXYWBXSsncGi_eB_oUIsZgoue1V61D_TLZsbg_kxKrHRXx0GjzjRvWMS0pS6IDTN522Yi35ZDugqus5W4wXFFpyKWl10H4DD5pUCOKq66MU91wGzupumIdhtUvD-elejGpbJaqeENgvWeyfOeYn8MOUzomB6Hv6JZmiSLypciAj_QR2WGq0tH7uKdE64Cej_1sqWZnfZMwVjweSvtUCASUlDlymQEyvRJ57Cyw5TUdF_FP7rXV73FrtBM0650thvDcdrfA3j8ZdWlSIKdvBANHDysz7QDJ_Lhb3L9R7InLkWMZIWVfZupvEm3JwTsfNOqgnYJyiwvY7W0IZEWlSYfMpYI3-LIHVFS0jN9cBAQBqN2ZpuOkslmU2Gi0IEyTfcpskotbY8S1_za4BpHBUFkluhZ41ZL7fGg5BG8rZ1o4pH8UA5x7vI1Py3S9vopzCO6RZdCn8CT8Qp2Zbv6xY0BsENo0kGETNk8XXN7ueS9-ds_upEuzfn2eF6woSHJaod5GuWHSMaoBEip6GZvtjnwBJFuNCoXuxdeNwjuIWLWaY8FvvloYRYirJcJ2anpnq17DnFRwBRfXDlhv2IxFN5UImCAzG5todSXsYqubJAy4ZJTi7iSG8G8i5beAbwv1UMpf1ZTtdpgd_BjDJav4LFg9UcfoIOjYjUp246JVJGXvst2Z1l9b64-QwOIrDh0e6aGCemFTUB3royAV2vcBvfIrP_fDDSm5UP6iBuGBBsJ14vFb1Sbvtmxt2VxT0F52EBhU0mYZcHsgg-Sb4EGJgjw8TDFbBA07aZ5P5aK0PXwTmobwZlNKxcvHvzckteEzLrj_igWWP4S_kIPnCFFf2H5mc7A0K060AMym01qBX-ToWuU14Tr1EQTFOsarVDTwbjhsmW6lEr8Hp5d1G9UOFEywfqObGK8gfRmgUNbZMZQTDFMc8RxPsezBOGsRrXy60LHi0nIxeGFYRml8slOSQpu42AE51hdoftzT6pr2xlrsbbAfO3HPxBhjkiATuGNNPZKiHqJdvHaBMMdrVJZFzaG4bq-38UwinRjkt9lxNQppUCMwexdNLfiEdbg8YK5E4ecxUW4INHAC8TjrG_BJCAuI5REkqrFn8-eQaF2ljZl7maHYhA8bb5j0qWTrbl49SqgO8IykcKUrKmVycnwAIU1BajoCrUqKRWQDzcvZoUJv3QLPB4LKeq7T8gKHvGrBCnntMhohC07HcONNW9KMjg8yS98E3qTjXflSBQLj-TYKid5Do8ntR2dP9ruRGuJ6UBmRyA21HkN1odVztmKQQVSgxSzoPlnwPfK_d0noc5pf4e9KhmGqRLPpwe6QjcMToHZflQGK-F-cPhRNX5YChBpowh9Mhr3uf3NRoIeNuTW-wi3mO5bKAnuyRYsLe4Vqzq6XKqfoMioBfz4jGXAc54dn4lKHzkgdMSM9Rf0o0M9twC2SX6TtLagn5irrRnyIsaUb5rVTCPMPhX8-XF-6qSoPA7Yol6tCeuM4trMiqiRe1_LsTmx9hs4kMcIVYd7AkE3Hi-biuNawaJRMqYNgvxDxQRTt8Sqx_AsAEq_yCyb0rBVtWRiR15l9ozbDfWuSqdqNlrDYPA70wOvlj973CcbH9aZDFWbOyM3_96Yx0kc9uZ7rRTeltsWmS0WmCnX8UEQIEvLI_-7loW468lybQ83PVHy_TIM3qZcrYArZ6OBGoSpuAJqmGo2__fKFM9VYo-R59lRObM9QnikwLxjiy8WO5XXaYdF7jSpHZMKMxF3hMYhYLVX3j9_pxVNXzVSxLk0v4mwObtGDxraxcqhcnFjkKNLMCkJlm9IAYvTfbV1-uQ-gTZr5yco6Dohf1lhXbFl08h9vs1hMHVvtidj6_1gyfJADXz_v-BYv52yuAtXE8Wgmqld8-42Kv4O6_QbG6H-iZ5VlGRYlGDZmkrETiVizDbV3NAYdkUw8bANRw4uo70j2Ry9QPcCy5l6KROE4jGAl1-Jv2Ro5sgaaFx4kVnebBXtLoZMchBiRUXLE31oXGr7BL3wjBnjjzkLT7hM19U7bffRCmLk_6QFI44AgHUb2zsR5t83cCVDm0b6A93FuEtbGj4bPhv1oWF9ZSpVHpqd50GQNR9_T_iXLN0MfZ2YMnI1gWwUnvK4NGr8HF_xSnqD8XIRkKP1eY5jru2oXUAdtoeZYG1_L4YnKvI7dqFJ0QAQLVEA9AU3KS8kY8Qz2CMidQekAWeNNNV2PJWgig7TezNMP1-iSqwI081HGk5JtpMTRVn4ifep9jGwKe5ujdNHoln22pwudJXvcOXjHH1kIoiIegW7e4tO0LeABqkArqgchAN038GRxKFkrPDFw189jlGIX3XYqgLGoYiwhdACP21qY7jw7xNSKCBs_ZI5YSYHrYovOOagu5iViOPV2A9kwdAhyD3jidSBU0GEwrm-ubGU3lvTInqy2bAbroBbYiW4DJGXp4zF8zcyo_HaB5P5ajcydF9YmLmRQ-m_2f2bbjGZlRxcuyhMF1AeHaTUt33u828wOLFNhUpr8MwMLj3nVuQpK_JjK7YPSKo6UK6NoFnutAgIEESdMJEylOcI93WI_bVRGMX2AhhC-TzPWpJ8vophX_G5HfCeqm6Hik32MJ0oXX2hAOZSD0qmzdARtyqPVKG-lu8Ffqu-OqM3TV8o_joodZoeaB0G3VXB6fNWiQDTX53m5HE_KP9ufbuBreZdxCn7F92gAHhAADfmUNqyEpULFlKj_c&pr=8%3AA0AE259981C808EB&cid=CAQSQABygQiDkH404O8CIn8s20fdIlHJSRriE-WqctGNKtuZvJyq4k-UJHiQV87vVfmx6dxvvA3lQrUvtIB3s2cpBnIYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&ds=l&xdt=0&iif=1&cor=17709273515617772000&adk=1035215994&idt=70&cac=0&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 14:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
14654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 14:15:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 3996 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B09Bc9Jj7SwfNI4JAqcJWekkif1woZ58xJxPoaTnD9uQmqkTw8UBbxZjxyDj-JOaIdh38wuHXuUxathJ226VrM0n7REddrG7qu_h1oYA6tajBmMHGA-waKtXnR60SQkR-EWp_-yEhqkgdZyhnzhiBpmWrXjjrFPzqN77o4jdyKRr8bzMA&dbm_d=AKAmf-DieNdW8Py-ecaHvVdj0HRJy5g7u9o6k99KqIObMHdwN90v6_ik2BvZfa60kewQ0MDbdyOSClOFJnhVssXNngM-s3UqKhhBRjWFLlCbFYyWKJ9jN5YfOxzv8F82sjobY8FA35dw094g5NIUHTJTfRxKQoNIZ5OkzhEuiPijNo0zNHQAXsHfxyOx5hgdWLzCxpBvUCS1f1Dp_CuMBTgE1rD8V-8L-9yw5z5ZZgVn_ufiMuVCsavurlkhBEbSxmdRqheRiJTllBM2qRrtgyFedwYkataEESAUQ5pqNPmEngcZlO7-IJ5FXoVzwsqrRp_6pxOszS69oRmiKq_mIjy_5OFTmalK0WSDcQPa9IyhOFzCoxpqIWWmLpAZfE0XFwUwrewKyW-cmyQkxcSp_2f6hkYzkwMOPyhkJO5okLfmlXEHZJaAAbrSkIwMZcDUzIRmobbzoBQugc3ASm_d-wHlbgrsHSsOqZMcWsB6SQXFY8IUQfjjMsXzWIEpFQRic9AnH0J5A-_4yRByZ7zgcSPJabHtIcAMsqDkNHCs1Jotl3XPDpKKuPIETrB8vXrURqKSRgEn3CN_WugE0Jd4Ky8Pvwnnb772NWZdtgza3qxmdCbNiPr0OeEcT5VuqZrwZsr3Xz1Qk1UX17pDGY-F0tmQa9zdNBTFzNwwpOPVO_FnGCH9GPUoIaCupjSiJfRwJMB9BfuHyx_eplJeKG54gWCTKuWskKmMDcA8ICcUDYzCn3lYItlsPCwe6MTrCcTvYHvdVmo1AS5VloUEEOdQVgY81cJCbu903ACqiI2MGmYDAm7pdYU_g3VUYijoYBVPOoRbJBVdv3llP1VWgISrXlIoo73UXDetx5gu8sbjPYC7uMwmavwt_Jfc2kH6DbLCa_I629MX8D5cQm4WQMre3nuoch4EPH-YmFsQxwnLKYgpNGAKCSMB_JgLrB9nBB55VhqZ-1M8iTm4JGjrwea-5BYLOA9V7gqLb6lFnNecX6m9VU6bKMy9hF082NPeF-1bdXYWBXSsncGi_eB_oUIsZgoue1V61D_TLZsbg_kxKrHRXx0GjzjRvWMS0pS6IDTN522Yi35ZDugqus5W4wXFFpyKWl10H4DD5pUCOKq66MU91wGzupumIdhtUvD-elejGpbJaqeENgvWeyfOeYn8MOUzomB6Hv6JZmiSLypciAj_QR2WGq0tH7uKdE64Cej_1sqWZnfZMwVjweSvtUCASUlDlymQEyvRJ57Cyw5TUdF_FP7rXV73FrtBM0650thvDcdrfA3j8ZdWlSIKdvBANHDysz7QDJ_Lhb3L9R7InLkWMZIWVfZupvEm3JwTsfNOqgnYJyiwvY7W0IZEWlSYfMpYI3-LIHVFS0jN9cBAQBqN2ZpuOkslmU2Gi0IEyTfcpskotbY8S1_za4BpHBUFkluhZ41ZL7fGg5BG8rZ1o4pH8UA5x7vI1Py3S9vopzCO6RZdCn8CT8Qp2Zbv6xY0BsENo0kGETNk8XXN7ueS9-ds_upEuzfn2eF6woSHJaod5GuWHSMaoBEip6GZvtjnwBJFuNCoXuxdeNwjuIWLWaY8FvvloYRYirJcJ2anpnq17DnFRwBRfXDlhv2IxFN5UImCAzG5todSXsYqubJAy4ZJTi7iSG8G8i5beAbwv1UMpf1ZTtdpgd_BjDJav4LFg9UcfoIOjYjUp246JVJGXvst2Z1l9b64-QwOIrDh0e6aGCemFTUB3royAV2vcBvfIrP_fDDSm5UP6iBuGBBsJ14vFb1Sbvtmxt2VxT0F52EBhU0mYZcHsgg-Sb4EGJgjw8TDFbBA07aZ5P5aK0PXwTmobwZlNKxcvHvzckteEzLrj_igWWP4S_kIPnCFFf2H5mc7A0K060AMym01qBX-ToWuU14Tr1EQTFOsarVDTwbjhsmW6lEr8Hp5d1G9UOFEywfqObGK8gfRmgUNbZMZQTDFMc8RxPsezBOGsRrXy60LHi0nIxeGFYRml8slOSQpu42AE51hdoftzT6pr2xlrsbbAfO3HPxBhjkiATuGNNPZKiHqJdvHaBMMdrVJZFzaG4bq-38UwinRjkt9lxNQppUCMwexdNLfiEdbg8YK5E4ecxUW4INHAC8TjrG_BJCAuI5REkqrFn8-eQaF2ljZl7maHYhA8bb5j0qWTrbl49SqgO8IykcKUrKmVycnwAIU1BajoCrUqKRWQDzcvZoUJv3QLPB4LKeq7T8gKHvGrBCnntMhohC07HcONNW9KMjg8yS98E3qTjXflSBQLj-TYKid5Do8ntR2dP9ruRGuJ6UBmRyA21HkN1odVztmKQQVSgxSzoPlnwPfK_d0noc5pf4e9KhmGqRLPpwe6QjcMToHZflQGK-F-cPhRNX5YChBpowh9Mhr3uf3NRoIeNuTW-wi3mO5bKAnuyRYsLe4Vqzq6XKqfoMioBfz4jGXAc54dn4lKHzkgdMSM9Rf0o0M9twC2SX6TtLagn5irrRnyIsaUb5rVTCPMPhX8-XF-6qSoPA7Yol6tCeuM4trMiqiRe1_LsTmx9hs4kMcIVYd7AkE3Hi-biuNawaJRMqYNgvxDxQRTt8Sqx_AsAEq_yCyb0rBVtWRiR15l9ozbDfWuSqdqNlrDYPA70wOvlj973CcbH9aZDFWbOyM3_96Yx0kc9uZ7rRTeltsWmS0WmCnX8UEQIEvLI_-7loW468lybQ83PVHy_TIM3qZcrYArZ6OBGoSpuAJqmGo2__fKFM9VYo-R59lRObM9QnikwLxjiy8WO5XXaYdF7jSpHZMKMxF3hMYhYLVX3j9_pxVNXzVSxLk0v4mwObtGDxraxcqhcnFjkKNLMCkJlm9IAYvTfbV1-uQ-gTZr5yco6Dohf1lhXbFl08h9vs1hMHVvtidj6_1gyfJADXz_v-BYv52yuAtXE8Wgmqld8-42Kv4O6_QbG6H-iZ5VlGRYlGDZmkrETiVizDbV3NAYdkUw8bANRw4uo70j2Ry9QPcCy5l6KROE4jGAl1-Jv2Ro5sgaaFx4kVnebBXtLoZMchBiRUXLE31oXGr7BL3wjBnjjzkLT7hM19U7bffRCmLk_6QFI44AgHUb2zsR5t83cCVDm0b6A93FuEtbGj4bPhv1oWF9ZSpVHpqd50GQNR9_T_iXLN0MfZ2YMnI1gWwUnvK4NGr8HF_xSnqD8XIRkKP1eY5jru2oXUAdtoeZYG1_L4YnKvI7dqFJ0QAQLVEA9AU3KS8kY8Qz2CMidQekAWeNNNV2PJWgig7TezNMP1-iSqwI081HGk5JtpMTRVn4ifep9jGwKe5ujdNHoln22pwudJXvcOXjHH1kIoiIegW7e4tO0LeABqkArqgchAN038GRxKFkrPDFw189jlGIX3XYqgLGoYiwhdACP21qY7jw7xNSKCBs_ZI5YSYHrYovOOagu5iViOPV2A9kwdAhyD3jidSBU0GEwrm-ubGU3lvTInqy2bAbroBbYiW4DJGXp4zF8zcyo_HaB5P5ajcydF9YmLmRQ-m_2f2bbjGZlRxcuyhMF1AeHaTUt33u828wOLFNhUpr8MwMLj3nVuQpK_JjK7YPSKo6UK6NoFnutAgIEESdMJEylOcI93WI_bVRGMX2AhhC-TzPWpJ8vophX_G5HfCeqm6Hik32MJ0oXX2hAOZSD0qmzdARtyqPVKG-lu8Ffqu-OqM3TV8o_joodZoeaB0G3VXB6fNWiQDTX53m5HE_KP9ufbuBreZdxCn7F92gAHhAADfmUNqyEpULFlKj_c&pr=8%3AA0AE259981C808EB&cid=CAQSQABygQiDkH404O8CIn8s20fdIlHJSRriE-WqctGNKtuZvJyq4k-UJHiQV87vVfmx6dxvvA3lQrUvtIB3s2cpBnIYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html&ds=l&xdt=0&iif=1&cor=17709273515617772000&adk=1035215994&idt=70&cac=0&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
76546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 21:03:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3996 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 18:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Jun 2024 18:25:16 GMT
usync.html
eus.rubiconproject.com/ Frame 37D6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 18:19:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3996 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:25 GMT
index.html
s0.2mdn.net/sadbundle/13930567320524598244/ Frame 5A29 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a68bd47337d24bfad49cda4c4427a9abdf8d09d1a52c09819dfeebb08442245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
350876
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2166
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 16:51:29 GMT
expires
Sat, 01 Jun 2024 16:51:29 GMT
last-modified
Tue, 09 May 2023 14:23:41 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3996 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9Y74yy75e0IlCSAjFSazG7izmL8J6xhDY34R-gdzuRICAPg4coHYfouy1xhN24ODHG3qiXQnPbpAVUtPia2_ykiEPvrouOyzPScVj6jIkGBPfaC_clV3C77m9GRbCU2gZ1fYKDfiBrVU0aT-MsIn0rV_cJaKuV0LGNzOhq_fV9HNN91jRM8sKEjirlhmhxURg-mcU9nPgays1coG4ZcWAu0jYRCqqxHibtlfqIoAJ-IOOnbNcfL3ZROAaF7lvJLS3iFwTfIdy-uD-XRorgW4Q63eRZzmdiD_wvggqNXuG2AFkPYZx8_UmpAJ1ujVgCzT2yF-rxjjVgYqVYSatDhnDvUB3MirrUer5pKnt9nqz0RTfeShhLNA0AWD8ocKHEaSl3EFZMehUjVtzHnDq7cn71rXKwziPkEcv9wfeRopLS_6EdAqKVcrZccZYCNQKUVbJg-oOPHk6UB7pXuCH5JoGBxQyWtGZ5eQMcbVtZsWSl6KEHPTD5qRLPdlytG9HjHnzjo20W73i4gd56ZczS6GkRMtXYE2UyL8fgcG9c6XiXu1aw7HUhJ40q-7zq-JGerJPo-DFUfOXzpsucU1CuBcrC54IcqSmmBi21A7pf57DHhECoeNtPb9Pb4rUAILow7iblP24U_fZH-zkYWkSnhr_wz3kD8BY1uWu7Hx5IArGyXuOtpL-nynh4QWJf4fQJQYtqRrCKWFWgfdEb1wGaUU0FFrCvXNACkyBN61pcgkA9KeamDp1B9cPlLjeRe0mkk41jdKnQSnDgSZNQjwEnIlzJkUU4LB_8SqXCDzDCWaat_QaRQ7oQaxeRhFZwVopQXwNlNdfE9WoLKyThIihuL0XmI4KGjECoh4_0B2fLt2FnkPGaiueMj9uQRF4N1Hb1evBcemHMRHCttmjbnj1TxqPE3CRZnv2BfNQmnbwJscgVtwn4aQ2tRNwR2r6DW4YDNFfwAM_-miV4UB5qU3x9VyaFNc6TUiTlz0sFA4sW-UocwodSIfHNndxL8d02mLbxz31Tdlsw5Vuqw9ZxU0Jpa8lTt-w_JfdnbjtLTENDRsGAf8A6jRADF8lKOTMFR1clWb9rlFG9ImRkdXE-O6qey6aPwmbdtPFegM7kvjUTgsqOcxRtRiiY9XKkZQF7PQJJKBuduPFXzWTpNJLS_jKiSkYNM_QZekqbycX45dlgPZ_mN0zD6DLLcJDyVQo9OK0d1KuAmFu1DHLsYSUeDe18m-7_60sks_R6yUW14viP01dvHe3YwqWrmNS3t_8z-0rAnOUpxCGS39LA3wTwMK8kI4&sai=AMfl-YR5qDBNR_kkqWnhYY8EQ-x-d9OQOw8J34EUd-NwrPBCHH73q6xwaF3pwbfbSqvyIKksol5zTKk0R4tmMc81_l9U4rWxFZrcXyZcN20bR_nY0r5i94r_WKyNph_CtOdP2xFkmGrjIh0iqTfaPytIhQtAbnjgV3X8Lqfbix-Me6zKIvg2mzHcfokgzT19t1Vgp3HJClVd9ZmXL6Y7WjitFFXuiFMClpir_VgiXpiBPKyuIrTXBpRnw1uiC6EY3UzJ0Z-KKuvlM1Tz7IQB1FVo&sig=Cg0ArKJSzI_KRex00gDFEAE&uach_m=[UACH]&pr=8:A0AE259981C808EB&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=25&cbvp=1&cstd=23&cisv=r20230531.72719&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Jun 2023 18:19:25 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 06 Jun 2023 18:19:25 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0ACB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.minitool.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
297763
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Jun 2023 07:36:42 GMT
expires
Sun, 02 Jun 2024 07:36:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 37D6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 18:19:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 16:53:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81301
Connection
keep-alive
Content-Length
10112
Expires
Wed, 07 Jun 2023 16:54:26 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 5A29 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:25 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Tue, 06 Jun 2023 18:34:25 GMT
index.js
s0.2mdn.net/sadbundle/13930567320524598244/ Frame 5A29 		188 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13930567320524598244/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2c470f6a03716a738a3b4639a161ef4d0d3572426eddac5ffc890271a06e148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 11:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370111
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32154
x-xss-protection
0
last-modified
Tue, 09 May 2023 14:23:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jun 2024 11:30:54 GMT
EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
pagead2.googlesyndication.com/bg/ Frame 0ACB 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 13:09:55 GMT
4.js
static.adsafeprotected.com/ Frame 3996
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1475223/71249284/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=23564&ias_chanId=8&ias_placementId=20111331724&bidurl=https://www.minitool.com/news/check-reg...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Server
2600:9000:2450:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 15:26:31 GMT
x-amz-version-id
kRvzd7CjRoOo3q_aZsSszrsG3sJgteIV
content-encoding
gzip
via
1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
442375
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 01 Jun 2023 15:26:29 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
7J3hlMnFla2L_vTN4JkK7hOACyeSrMqyelbWYu5P8V7Jy0zk2h72wg==

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4D82 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
22300989
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
VD5a8M8NIX-Eewci3ykznyiQv5B3ZFDyWGR7tEiyC1822DAEud_b9g==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=2d958644-abbc-dc43-d9a3-213c0a357ab3&tv=%7Bc:eMCMeO,pingTime:-2,time:74,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:303,beZ:304,mfA:306,cmA:307,inA:307,inZ:310,prA:310,prZ:324,si:331,poA:332,poZ:350,cmZ:350,mfZ:350,loA:364,loZ:367,ltA:377,ltZ:377%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:0.0.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tGqtdHx+11%7C12%7C13%7C141%7C1421%7C143%7C15%7C161%7C162%7C163%7C164%7C17.1475223-71249284%7C171%7C172%7C173%7C18.1302878-68126404%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1e61%7C1e62%7C1e631%7C1e632%7C1e633%7C1e634%7C1e635%7C1e636%7C1e64%7C1e65%7C1e66%7C1e67%7C1e68%7C1e69%7C1e6a%7C1e6b%7C1e6c%7C1e7%7C1e81%7C1e82%7C1e83%7C1e84%7C1e85%7C1e86%7C1e87%7C1e88%7C1e89%7C1e8a%7C1e8b%7C1e8c%7C1e8d%7C1e8e%7C1e8f%7C1e8g%7C1e8h%7C1e8i%7C1e8j%7C1e9%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j61%7C1j62%7C1j63%7C1j64%7C1j65%7C1j66%7C1j67%7C1j68%7C1j69%7C1j6a%7C1j6b%7C1j6c%7C1j7%7C1j8%7C1j9%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1v*.1475223-71249284%7C1v1%7C1v2%7C1v3%7C1v4,idMap:1v*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:28,slid:%5Bpixfutureiframe-4992x522-display,pixfuture-4992x522-display,pxft-interact-container,pxft-widget,gostory,page-check-registry-for-malware-and-remove-it%5D,sinceFw:45,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index_atlas_P_1.png
s0.2mdn.net/sadbundle/13930567320524598244/images/ Frame 5A29 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13930567320524598244/images/index_atlas_P_1.png
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72a0bfe74654a39eb0c6b6a9009ed69ffcc224eaf304306ca2c042f94e54438b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 11:30:46 GMT
x-content-type-options
nosniff
age
370119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19411
x-xss-protection
0
last-modified
Tue, 09 May 2023 14:23:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jun 2024 11:30:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3996 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9Y74yy75e0IlCSAjFSazG7izmL8J6xhDY34R-gdzuRICAPg4coHYfouy1xhN24ODHG3qiXQnPbpAVUtPia2_ykiEPvrouOyzPScVj6jIkGBPfaC_clV3C77m9GRbCU2gZ1fYKDfiBrVU0aT-MsIn0rV_cJaKuV0LGNzOhq_fV9HNN91jRM8sKEjirlhmhxURg-mcU9nPgays1coG4ZcWAu0jYRCqqxHibtlfqIoAJ-IOOnbNcfL3ZROAaF7lvJLS3iFwTfIdy-uD-XRorgW4Q63eRZzmdiD_wvggqNXuG2AFkPYZx8_UmpAJ1ujVgCzT2yF-rxjjVgYqVYSatDhnDvUB3MirrUer5pKnt9nqz0RTfeShhLNA0AWD8ocKHEaSl3EFZMehUjVtzHnDq7cn71rXKwziPkEcv9wfeRopLS_6EdAqKVcrZccZYCNQKUVbJg-oOPHk6UB7pXuCH5JoGBxQyWtGZ5eQMcbVtZsWSl6KEHPTD5qRLPdlytG9HjHnzjo20W73i4gd56ZczS6GkRMtXYE2UyL8fgcG9c6XiXu1aw7HUhJ40q-7zq-JGerJPo-DFUfOXzpsucU1CuBcrC54IcqSmmBi21A7pf57DHhECoeNtPb9Pb4rUAILow7iblP24U_fZH-zkYWkSnhr_wz3kD8BY1uWu7Hx5IArGyXuOtpL-nynh4QWJf4fQJQYtqRrCKWFWgfdEb1wGaUU0FFrCvXNACkyBN61pcgkA9KeamDp1B9cPlLjeRe0mkk41jdKnQSnDgSZNQjwEnIlzJkUU4LB_8SqXCDzDCWaat_QaRQ7oQaxeRhFZwVopQXwNlNdfE9WoLKyThIihuL0XmI4KGjECoh4_0B2fLt2FnkPGaiueMj9uQRF4N1Hb1evBcemHMRHCttmjbnj1TxqPE3CRZnv2BfNQmnbwJscgVtwn4aQ2tRNwR2r6DW4YDNFfwAM_-miV4UB5qU3x9VyaFNc6TUiTlz0sFA4sW-UocwodSIfHNndxL8d02mLbxz31Tdlsw5Vuqw9ZxU0Jpa8lTt-w_JfdnbjtLTENDRsGAf8A6jRADF8lKOTMFR1clWb9rlFG9ImRkdXE-O6qey6aPwmbdtPFegM7kvjUTgsqOcxRtRiiY9XKkZQF7PQJJKBuduPFXzWTpNJLS_jKiSkYNM_QZekqbycX45dlgPZ_mN0zD6DLLcJDyVQo9OK0d1KuAmFu1DHLsYSUeDe18m-7_60sks_R6yUW14viP01dvHe3YwqWrmNS3t_8z-0rAnOUpxCGS39LA3wTwMK8kI4&sai=AMfl-YR5qDBNR_kkqWnhYY8EQ-x-d9OQOw8J34EUd-NwrPBCHH73q6xwaF3pwbfbSqvyIKksol5zTKk0R4tmMc81_l9U4rWxFZrcXyZcN20bR_nY0r5i94r_WKyNph_CtOdP2xFkmGrjIh0iqTfaPytIhQtAbnjgV3X8Lqfbix-Me6zKIvg2mzHcfokgzT19t1Vgp3HJClVd9ZmXL6Y7WjitFFXuiFMClpir_VgiXpiBPKyuIrTXBpRnw1uiC6EY3UzJ0Z-KKuvlM1Tz7IQB1FVo&sig=Cg0ArKJSzI_KRex00gDFEAE&uach_m=[UACH]&pr=8:A0AE259981C808EB&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=224&vt=11&dtpt=199&dett=3&cstd=23&cisv=r20230531.72719&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 18:19:25 GMT
index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/13930567320524598244/images/ Frame 5A29 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13930567320524598244/images/index_atlas_NP_1.jpg
Requested by
Host: www.minitool.com
URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ded26ed14c8fcb1ecfb6b333c738b9ca5a2a2d69e9cb0e6147ec61333d963f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 03:17:04 GMT
x-content-type-options
nosniff
age
54141
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114602
x-xss-protection
0
last-modified
Tue, 09 May 2023 14:23:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jun 2024 03:17:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ACB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByvgerXh_ZKmXGoWt9u8P2a2gwA8AAAAAOAHgBAI&bg=!oKOlo_fNAAY9J7QfHSc7ADkAdvg8WqZ5vc4dn2pILKitYuKC9nWJFmEnIKeMXlUIQj7VlJdtkTquXly2O7ypaYKsdYhAdyMXEB4CAAAAm1IAAAADaAEHmQMOtV1n6tCGBPs9Om3OOxcupINFi-Y7L15RqUsZ-m1vGgwgePiWjFBO84k21H_Pf153_ne_-tEYxXs0mf_i3c6LCxXwWtAXlCnktPK3eWsf5eE5moVN1QLRPX3QrkA43oKcRFUKTO-LtdX860kfW919qvB9e1iIx0_JxMPhw0D5LEu946OF0ItX9BeyqEfdzWPB28rzxiYCMpevgS8fnLhH0N9FgLbjd5lPp3sY8A_58ievhhzmOx3ZI4XVim4VKl3f3jhDNsceWf9JkXGw3RNdst5h2itT9ljFrSh_5oL7TnMZCBpy4tiL0bQxNam4r_V0ZTnPK5nUantXKFzECbczNS0nYsTrqA0ihkPPMAedzubAfWiotrxrbfip_2bZGvXIpqcTAQn1RjtpM4P8eOoEHzq4FTxWsFKEPjeteLxZ4fLqc3kg8Oi5ll8FFP9uNF3CdxZkyxSkYTqk3-X5i6Eb68hw_q_bub15fL0pk5zEOyv8MPHe5ZVn3P9NHNhSsiR8tDScMb_L4-Ix7bngV_qP0E95Vk-5aDr6SNfN40DpPj9SjRSWa2FYlYSuM7NnzJK9QONLCOe4KSoX-irOM5zkRsVDXkX4Cea85hgL-3Lneb7ssf9UMIXdSW_U6OmCyfQFTQ_QkscyWe7LpEBhFJe_cU4DGj7NYXAeHLHIyRWcB8REDPXr3GLDcyh_s7XGqcgspYqavh30T2eOUWI-S8auYPHaU7RWSCSMCi7qmpUUQ0tqzjSIl-7DxVlzgaaNAhfqLX0_lAnemDiujYfiFid2hcM5Zxu5uv4WNqFQt6QMExbzdVrDyx4UkNVXcx7Ilc5NEyE8kX9ikwL2jWuQei_ct5WBswt0lmbO0Gs0lt5r4n1JO9y6vOOGgL5bjnyZqp4BYUHONl4Xf3aQ5v8UiIzSERGSxnAemrLAJuWhXUVOk4eBGYSjQDUMTP_Z4p0OvMGAvRSYBvgqhWFDD0XMHfbq0Fqb4KmFCzitSRSFwicXGIhO28wyj0Vs-_hhdctIqnIlHHhQZVwzxF-eP_36DAk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame F36C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=e61ed528-ba50-d6b0-334f-5f95a38204a0&tv=%7Bc:eMCMjn,pingTime:5,time:6114,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D,%7Bpiv:100,vs:i,r:,t:1113%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1108~0,0~100%5D,as:%5B1108~300.250%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:574,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17*.1475223-71249284%7C171%7C1721%7C173%7C18.1302878-68126404%7C181%7C1821%7C183%7C19%7C1v.1475223-71249284,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:482%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:26 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame F36C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=e61ed528-ba50-d6b0-334f-5f95a38204a0&tv=%7Bc:eMCMjn,pingTime:5,time:6114,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D,%7Bpiv:100,vs:i,r:,t:1113%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1108~0,0~100%5D,as:%5B1108~300.250%5D%7D%7D,%7Bsl:i,t:1113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:574,fm:tGqtdHx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C16%7C17*.1475223-71249284%7C171%7C1721%7C173%7C18.1302878-68126404%7C181%7C1821%7C183%7C19%7C1v.1475223-71249284,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:482%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:26 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 3934 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66034865&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:23 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame D31A 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28065017&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 06 Jun 2023 18:19:26 GMT
content-length
47
content-type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=2d958644-abbc-dc43-d9a3-213c0a357ab3&tv=%7Bc:eMCMmz,time:555,type:e,im:%7Bpci:%7Btdr:506%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:555,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:1299.813.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B551~0%5D,as:%5B221~0.0,330~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tGqtdHx+11%7C12%7C13%7C141%7C1421%7C143%7C15%7C161%7C162%7C163%7C164%7C17.1475223-71249284%7C171%7C172%7C173%7C18.1302878-68126404%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1e61%7C1e62%7C1e631%7C1e632%7C1e633%7C1e634%7C1e635%7C1e636%7C1e64%7C1e65%7C1e66%7C1e67%7C1e68%7C1e69%7C1e6a%7C1e6b%7C1e6c%7C1e7%7C1e81%7C1e82%7C1e83%7C1e84%7C1e85%7C1e86%7C1e87%7C1e88%7C1e89%7C1e8a%7C1e8b%7C1e8c%7C1e8d%7C1e8e%7C1e8f%7C1e8g%7C1e8h%7C1e8i%7C1e8j%7C1e9%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j61%7C1j62%7C1j63%7C1j64%7C1j65%7C1j66%7C1j67%7C1j68%7C1j69%7C1j6a%7C1j6b%7C1j6c%7C1j7%7C1j8%7C1j9%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1v*.1475223-71249284%7C1v1%7C1v2%7C1v3%7C1v4,idMap:1v*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:141%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:26 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
um
u-ams03.e-planning.net/ Frame A71A 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=3436542dc08617db&uid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D3436542dc08617db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Tue, 06 Jun 2023 18:19:26 GMT
server
openresty
csync
sync.adtelligent.com/ Frame 2DB7 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:25 GMT
Etag
0da1d4f41ac4e2e9
Server
Adtelligent
usersync
usersync.gumgum.com/ Frame 1B46 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Jun 2023 18:19:26 GMT
Expires
0
Pragma
no-cache
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3996 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1041342190397&version=m202301230201&ct=76&x=8&cor=17709273515617772000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3996 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiLglkagjGbIfAnWwxJYUhRil0qyf4lZN7le1gninYq1Hn2ZBJ5WRly-CBfZ6bCnXaKoup60MnkkM0a-PR7Z69IIzejRVnDgw&sig=Cg0ArKJSzPihhJQCfLYxEAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230605&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686075565294&rpt=296&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cw_vtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_vtr.php?
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.minitool.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Jun 2023 18:19:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame D08C 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=2d958644-abbc-dc43-d9a3-213c0a357ab3&tv=%7Bc:eMCMNz,pingTime:1,time:2229,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D,%7Br:r,w:300,h:250,t:226%7D,%7Bpiv:100,vs:i,r:,t:1227%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1227,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:1299.813.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1223~0,0~100%5D,as:%5B221~0.0,1002~300.250%5D%7D%7D,%7Bsl:i,t:1227,wc:0.0.1600.1200,ac:1299.813.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:567,fm:tGqtdHx+11%7C12%7C13%7C141%7C1421%7C143%7C15%7C161%7C162%7C163%7C164%7C17.1475223-71249284%7C171%7C172%7C173%7C18.1302878-68126404%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1e61%7C1e62%7C1e631%7C1e632%7C1e633%7C1e634%7C1e635%7C1e636%7C1e64%7C1e65%7C1e66%7C1e67%7C1e68%7C1e69%7C1e6a%7C1e6b%7C1e6c%7C1e7%7C1e81%7C1e82%7C1e83%7C1e84%7C1e85%7C1e86%7C1e87%7C1e88%7C1e89%7C1e8a%7C1e8b%7C1e8c%7C1e8d%7C1e8e%7C1e8f%7C1e8g%7C1e8h%7C1e8i%7C1e8j%7C1e9%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j61%7C1j62%7C1j63%7C1j64%7C1j65%7C1j66%7C1j67%7C1j68%7C1j69%7C1j6a%7C1j6b%7C1j6c%7C1j7%7C1j8%7C1j9%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1v*.1475223-71249284%7C1v1%7C1v2%7C1v3%7C1v4,idMap:1v*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:141%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:27 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=2d958644-abbc-dc43-d9a3-213c0a357ab3&tv=%7Bc:eMCMNz,pingTime:1,time:2229,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D,%7Br:r,w:300,h:250,t:226%7D,%7Bpiv:100,vs:i,r:,t:1227%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1227,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:1299.813.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1223~0,0~100%5D,as:%5B221~0.0,1002~300.250%5D%7D%7D,%7Bsl:i,t:1227,wc:0.0.1600.1200,ac:1299.813.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:567,fm:tGqtdHx+11%7C12%7C13%7C141%7C1421%7C143%7C15%7C161%7C162%7C163%7C164%7C17.1475223-71249284%7C171%7C172%7C173%7C18.1302878-68126404%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1e61%7C1e62%7C1e631%7C1e632%7C1e633%7C1e634%7C1e635%7C1e636%7C1e64%7C1e65%7C1e66%7C1e67%7C1e68%7C1e69%7C1e6a%7C1e6b%7C1e6c%7C1e7%7C1e81%7C1e82%7C1e83%7C1e84%7C1e85%7C1e86%7C1e87%7C1e88%7C1e89%7C1e8a%7C1e8b%7C1e8c%7C1e8d%7C1e8e%7C1e8f%7C1e8g%7C1e8h%7C1e8i%7C1e8j%7C1e9%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j61%7C1j62%7C1j63%7C1j64%7C1j65%7C1j66%7C1j67%7C1j68%7C1j69%7C1j6a%7C1j6b%7C1j6c%7C1j7%7C1j8%7C1j9%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1v*.1475223-71249284%7C1v1%7C1v2%7C1v3%7C1v4,idMap:1v*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:141%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:27 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dc_oe=ChMI89a-9KCv_wIV1_IRCB0B9w2CEAAYACCrvfdKQhMIsMmA9KCv_wIV2IGFCh31XwFS;met=1;&timestamp=1686075570128;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C288 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI89a-9KCv_wIV1_IRCB0B9w2CEAAYACCrvfdKQhMIsMmA9KCv_wIV2IGFCh31XwFS;met=1;&timestamp=1686075570128;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI1MzC9KCv_wIVVomDBx25YQxVEAAYACCYkMdbQhMIscmA9KCv_wIV2IGFCh31XwFS;met=1;&timestamp=1686075570473;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F36C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1MzC9KCv_wIVVomDBx25YQxVEAAYACCYkMdbQhMIscmA9KCv_wIV2IGFCh31XwFS;met=1;&timestamp=1686075570473;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=2d958644-abbc-dc43-d9a3-213c0a357ab3&tv=%7Bc:eMCNQ5,pingTime:5,time:6229,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D,%7Br:r,w:300,h:250,t:226%7D,%7Bpiv:100,vs:i,r:,t:1227%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1227,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:1299.813.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1223~0,0~100%5D,as:%5B221~0.0,1002~300.250%5D%7D%7D,%7Bsl:i,t:1227,wc:0.0.1600.1200,ac:1299.813.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:385,fm:tGqtdHx+11%7C12%7C13%7C141%7C1421%7C143%7C15%7C161%7C162%7C163%7C164%7C17.1475223-71249284%7C171%7C172%7C173%7C18.1302878-68126404%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1e61%7C1e62%7C1e631%7C1e632%7C1e633%7C1e634%7C1e635%7C1e636%7C1e64%7C1e65%7C1e66%7C1e67%7C1e68%7C1e69%7C1e6a%7C1e6b%7C1e6c%7C1e7%7C1e81%7C1e82%7C1e83%7C1e84%7C1e85%7C1e86%7C1e87%7C1e88%7C1e89%7C1e8a%7C1e8b%7C1e8c%7C1e8d%7C1e8e%7C1e8f%7C1e8g%7C1e8h%7C1e8i%7C1e8j%7C1e9%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j61%7C1j62%7C1j63%7C1j64%7C1j65%7C1j66%7C1j67%7C1j68%7C1j69%7C1j6a%7C1j6b%7C1j6c%7C1j7%7C1j8%7C1j9%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1v*.1475223-71249284%7C1v1%7C1v2%7C1v3%7C1v4,idMap:1v*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:141%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:31 GMT
server
nginx
x-server-name
dt27.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=2d958644-abbc-dc43-d9a3-213c0a357ab3&tv=%7Bc:eMCNQ5,pingTime:5,time:6229,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D,%7Br:r,w:300,h:250,t:226%7D,%7Bpiv:100,vs:i,r:,t:1227%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1227,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:1299.813.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1223~0,0~100%5D,as:%5B221~0.0,1002~300.250%5D%7D%7D,%7Bsl:i,t:1227,wc:0.0.1600.1200,ac:1299.813.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:385,fm:tGqtdHx+11%7C12%7C13%7C141%7C1421%7C143%7C15%7C161%7C162%7C163%7C164%7C17.1475223-71249284%7C171%7C172%7C173%7C18.1302878-68126404%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1e61%7C1e62%7C1e631%7C1e632%7C1e633%7C1e634%7C1e635%7C1e636%7C1e64%7C1e65%7C1e66%7C1e67%7C1e68%7C1e69%7C1e6a%7C1e6b%7C1e6c%7C1e7%7C1e81%7C1e82%7C1e83%7C1e84%7C1e85%7C1e86%7C1e87%7C1e88%7C1e89%7C1e8a%7C1e8b%7C1e8c%7C1e8d%7C1e8e%7C1e8f%7C1e8g%7C1e8h%7C1e8i%7C1e8j%7C1e9%7C1f%7C1g%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j61%7C1j62%7C1j63%7C1j64%7C1j65%7C1j66%7C1j67%7C1j68%7C1j69%7C1j6a%7C1j6b%7C1j6c%7C1j7%7C1j8%7C1j9%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1v*.1475223-71249284%7C1v1%7C1v2%7C1v3%7C1v4,idMap:1v*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:141%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.minitool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:19:31 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2194730263&i4=80.255.10.205&r=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694

Verdicts & Comments Add Verdict or Comment

311 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 boolean| credentialless object| onbeforetoggle object| onscrollend object| pageConfig function| $ function| jQuery object| dataLayer object| googletag number| year object| BaseJS object| Article function| onYouTubeIframeAPIReady function| onPlayerStateChange function| getSourceParamFromUri function| getSourceCookie function| setSourceCookie string| expiresField string| pathField string| domainField string| bottomCookieCss string| bottomCookie number| start object| pxftGoStoryConfig function| pxftContinueFlow object| ggeac object| google_tag_data object| google_js_reporting_queue object| ADMITAD undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| AWIN function| getErrorMessage function| isIE function| sendDebugEvent object| shrslImgs function| AwinCustomEvent object| pbjs object| __uid2SecureSignalProvider object| __uid2 object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp function| setImmediate function| clearImmediate object| google_tag_manager string| GoogleAnalyticsObject function| ga object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_137 object| Criteo object| Criteo_identitytag_137 object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| signal_decrypted object| gaplugins object| gaData string| uts_ip string| uts_refr string| uts_protocol string| uts_now string| uts_dnt string| uts_lc_cookievalue string| uts_lc_uts_id string| uts_lcid string| uts_calling_domain string| lc_mref string| lc_val number| uoffset function| ScriptFunction function| ImgFunction function| uts_readCookie function| uts_setCookie function| uts_getHostName function| uts_getDomain function| uts_getQueryStringValue function| uts_unscramble function| uts_getLSCookie function| uts_setLSCookie undefined| d string| ic_infinity_cookievalue string| ic_real_cookievalue string| lc_aid boolean| uts_cj_guy boolean| uts_ss_guy boolean| set_nlt_cookie string| uts_location string| uts_trafficname string| uts_method number| uts_duration string| uts_customerid string| uts_cgid string| uts_nlt_campaignid string| nlt_name object| uString object| uCookieVal string| uts_uri string| uts_domain string| uts_cookieval object| regex undefined| new_promo string| lc_aref boolean| uts_wcookie object| exdate string| c_lctid string| ulctid boolean| uts_samedomain string| vuts_id string| uts_id_loc number| dateTime object| uts_lcid_arr undefined| uts_nlcid string| uts_mlcid undefined| uts_curl undefined| cj_val undefined| ss_val string| fl_val string| uts_cc_curl object| CookieObj function| pixFutureAdvertisementEnvironment object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| __ctcg_65349_0_exec object| _cwpixChunk object| _cwpix object| mnet object| GoogleGcLKhOms object| Trustpilot string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| Tawk_API object| google_image_requests boolean| _pxft_iel_init boolean| pxft_first_init_iel_activated object| __connect object| googDdmPs function| __IntegralASAdPush

159 Cookies

Domain/Path Name / Value
www.minitool.com/ Name: __b_t_article
Value: /news/check-registry-for-malware-and-remove-it.html_20230506181914
.minitool.com/ Name: _gid
Value: GA1.2.1080659650.1686075555
.criteo.com/ Name: uid
Value: 65edb0d1-8245-42ac-81bb-405acc43994a
.minitool.com/ Name: _gat_UA-686301-28
Value: 1
.minitool.com/ Name: _ga_KZX6JEMLPS
Value: GS1.1.1686075554.1.0.1686075554.0.0.0
.minitool.com/ Name: _ga
Value: GA1.1.1332409163.1686075555
.linkconnector.com/ Name: uts_901602_lpcheck
Value: 1
.minitool.com/ Name: _ga_W6RNX75Q2P
Value: GS1.1.1686075554.1.0.1686075554.0.0.0
.openx.net/ Name: i
Value: c35de742-5b0b-4243-8c86-e4b3316949a5|1686075554
.minitool.com/ Name: uts_id
Value: uts1686075554.19
.minitool.com/ Name: LCUTS_UID_901602
Value: 901602
.minitool.com/ Name: cto_bundle
Value: uBoVw19uY1NDbGRPUkFlUEJweWxOSlJlUjVUeUdxT1Z3OVRpWlZUQjFPc0xoeDZYc3JnTEdWRjBoeVhEN2JzYk9WbTlUY3NDRXdYaXlQJTJCJTJGTElhTENOWVA2OUF1aiUyRmlORTQ3RXJGeVM1MXVScm9hY2NtR1k4cEx3QzklMkY1Z0hRa25uJTJCV3ZwOGNpOWxtN1ZoOEk3QlFqM1dZdUZnJTNEJTNE
.minitool.com/ Name: __gads
Value: ID=d5d1de9e76266bb2:T=1686075554:RT=1686075554:S=ALNI_Mamx09D11Bs1mbWgZ_LYX6vVohlCA
.minitool.com/ Name: __gpi
Value: UID=00000c3f6d5c63f9:T=1686075554:RT=1686075554:S=ALNI_MbmHZgj3i30LqMi432DPoxvcmT0Qg
.doubleclick.net/ Name: IDE
Value: AHWqTUmXA4p7FalbVdIlL1wVAEdRozUjgP4JXA5H7-8u33AiMVS3zWIYvYWn0642
.casalemedia.com/ Name: CMID
Value: ZH94o2wrGx9DZKclpu7LNwAA
.casalemedia.com/ Name: CMPS
Value: 1178
.casalemedia.com/ Name: CMPRO
Value: 1178
.adnxs.com/ Name: uuid2
Value: 7081950935233263137
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?iiM9-]!]tbPl1M>e)ZlrFUfJ+tGXxp2GM^#MB#$RwV>XI1E:XyK:tqoaOyzb2Mn$Jd3If)y3KL9D3I?-$NN]*E
.agkn.com/ Name: ab
Value: 0001%3ApHx5j%2B9t8tQ0y%2BEt58ImCmBWxqRQn1hC
www.minitool.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.minitool.com/ Name: _pubcid
Value: 65322ba2-983f-475b-aa79-bc449baa6279
www.minitool.com/ Name: _lr_retry_request
Value: true
www.minitool.com/ Name: _lr_env_src_ats
Value: false
www.minitool.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-06-06T18%3A19%3A20%22%7D
.go.sonobi.com/ Name: __uis
Value: b44a1d23-dd26-4cb5-ae90-c40987326ac3
.go.sonobi.com/ Name: _usd_minitool.com
Value: 05583386-f15b-4a89-b064-a498870010d3
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 58157121376525720
.go.sonobi.com/ Name: HAPLB8A
Value: s8516|ZH94r
www.minitool.com/ Name: twk_idm_key
Value: tmDYwnvtY60HnMOwFad2J
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AE-6BVEg/YH6CFbO
.zeotap.com/ Name: zc
Value: a7b7b304-8b60-40d3-7492-3944620c0ed2
.adfarm1.adition.com/ Name: UserID1
Value: 7241639393108555921
.rubiconproject.com/ Name: khaos
Value: LIKLUTNU-T-3VK9
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrKzd0oXcV3HOQFbWGgM44fR/rFJVNr6iJbHu0hL1ZspsHcVepVzNTOqsumlbA/AzqJR5UOBniSdSYbB5SW5XQ3A5FZjBWUDBWma+WVcS1g3g==
.tapad.com/ Name: TapAd_TS
Value: 1686075561800
.tapad.com/ Name: TapAd_DID
Value: 5ea144a6-d5c4-44ed-a341-bb599495d9b7
.weborama.fr/ Name: AFFICHE_W
Value: bjd9CVEDiYFu66
.csync.loopme.me/ Name: viewer_token
Value: 08b34c65-9369-467f-b260-f661bec49816
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.demdex.net/ Name: demdex
Value: 59036700125370289730573378542898266694
www.minitool.com/ Name: TawkConnectionTime
Value: 0
.admanmedia.com/ Name: admtr
Value: 90ed9ff3-14d1-4244-acef-26223b453a6f
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
.gumgum.com/ Name: vst
Value: e_68c17e29-750d-471c-b0e5-d8ba1ff080eb
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_05ea6405-e04a-49c6-adb2-3751fccfc44b
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-731bb5b0-ce77-3b68-bb54-6d8159e958d3
.dpm.demdex.net/ Name: dpm
Value: 59036700125370289730573378542898266694
.adform.net/ Name: C
Value: 1
.ctnsnet.com/ Name: cid_a214c4239a384f3b8bf523b9fb6687fc
Value: 1
.quantserve.com/ Name: d
Value: EPwBCwGVKfijAA
.quantserve.com/ Name: mc
Value: 647f78a9-ee860-ed9e6-c4d45
.krxd.net/ Name: _kuid_
Value: PmXxBB-r
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjAyMrO0MDc3tRTiM9SNNHFLMUtKKg3LLvYEAJzxObUlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjAyMrO0MDc3tRTiM9SNNHFLMUtKKg3LLvYEAJzxObUlAAAA
.adform.net/ Name: uid
Value: 2556422807963527101
.go.sonobi.com/ Name: HAPLB8S
Value: s8546|ZH94r
.de17a.com/ Name: guid
Value: 1.3372652571521370752
.mathtag.com/ Name: uuid
Value: 8560647f-78a9-4600-b129-0daebddfd485
.simpli.fi/ Name: suid
Value: 78AF8DD4D24C413680E21FE54DD39F08
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2c2i
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7241639393108555921&KRTB&23369-7241639393108555921
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7081950935233263137&KRTB&23339-7081950935233263137
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0f53647f-78a9-4f00-aa63-6b113f87aaed&KRTB&16736-uid:0f53647f-78a9-4f00-aa63-6b113f87aaed&KRTB&23019-uid:0f53647f-78a9-4f00-aa63-6b113f87aaed&KRTB&23114-uid:0f53647f-78a9-4f00-aa63-6b113f87aaed
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2556422807963527101&KRTB&23263-2556422807963527101&KRTB&23481-2556422807963527101
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433828226987759
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ayzOa2ogmDRwfZw1ayjUaDkhnDtwe81paS37EZpw&KRTB&19420-ayzOa2ogmDRwfZw1ayjUaDkhnDtwe81paS37EZpw&KRTB&22979-ayzOa2ogmDRwfZw1ayjUaDkhnDtwe81paS37EZpw&KRTB&23462-ayzOa2ogmDRwfZw1ayjUaDkhnDtwe81paS37EZpw
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEJq5SBg9UI9JUOaWmAwXIZ4&KRTB&22987-CAESEJq5SBg9UI9JUOaWmAwXIZ4&KRTB&23025-CAESEJq5SBg9UI9JUOaWmAwXIZ4&KRTB&23386-CAESEJq5SBg9UI9JUOaWmAwXIZ4
.creativecdn.com/ Name: u
Value: xQLsnIjCKJftNpspaiXm
.creativecdn.com/ Name: ts
Value: 1686075562
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4981144181cf8fb8
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3372652571521370752
.yahoo.com/ Name: A3
Value: d=AQABBKl4f2QCEJfRj7PBRMYtIgYJssCWEKsFEgEBAQHKgGSJZOAYyiMA_eMAAA&S=AQAAAnZOPTNP7CJqNhz0xnBJ7M0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZH94qgACl4XR6wBR
.bidr.io/ Name: bito
Value: AABvYU7I_vEAACJXLuhy5w
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&KRTB&23413-31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&KRTB&23479-31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
.onaudience.com/ Name: cookie
Value: 26f4ed78aeb22edb
.onaudience.com/ Name: done_redirects104
Value: 1
.fwmrm.net/ Name: _uid
Value: "o0390_7241639397374985641"
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-Gp1rLOrtXUMWnQTSgnhXXnQh
.smartadserver.com/ Name: pid
Value: 2590308365955943298
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AABvYU7I_vEAACJXLuhy5w
.adsby.bidtheatre.com/ Name: __kuid
Value: 85df1338-e83e-4a18-9e51-0c419766503f.455289562
.outbrain.com/ Name: obuid
Value: 6073a08f-eddf-427e-8fb4-21b07e9b9c5e
.bidswitch.net/ Name: c
Value: 1686075562
.bidswitch.net/ Name: tuuid_lu
Value: 1686075562
.bidswitch.net/ Name: tuuid
Value: 6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABvYU7I_vEAACJXLuhy5w
.turn.com/ Name: uid
Value: 3845378058995340535
.360yield.com/ Name: tuuid
Value: 143c3ee1-0d02-4cb8-847e-01e80745e860
.360yield.com/ Name: tuuid_lu
Value: 1686075562
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3845378058995340535&KRTB&23150-3845378058995340535
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0f71840c-5471-5da1-5f3a-09412cad5991.KoRVNwZj4f75qyycvc%2Fc8UCM2HsiAjTlAaX5VDW%2Bn58
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AD3GEDFRxXaFfOglBLK1ZkVD_Cs0.iPSNVofU1q21OJQoU7GlH%2FZ7h0qTQcGXsBsAiW66ukw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AD3GEDFRxXaFfOglBLK1ZkVD_Cs0.iPSNVofU1q21OJQoU7GlH%2FZ7h0qTQcGXsBsAiW66ukw
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-D3GEDFRxXaFfOglBLK1ZkVD_Cs0&KRTB&23334-D3GEDFRxXaFfOglBLK1ZkVD_Cs0&KRTB&23417-D3GEDFRxXaFfOglBLK1ZkVD_Cs0&KRTB&23426-D3GEDFRxXaFfOglBLK1ZkVD_Cs0
.audrte.com/ Name: arcki2
Value: em2LGYwUnbmR9SZle5LveaCYw!20220908!1686075562404!ip#80.255.10.205
.audrte.com/ Name: arcki2_pubmatic
Value: 31F35B0E-8E54-4B63-A06A-F2C5856BEE9F!20220908!1686075562408
.gammaplatform.com/ Name: _aGeoIp
Value: HU|Nagyatad
.gammaplatform.com/ Name: _aUID
Value: 1puxks5jee0l
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1puxks5jee0l&KRTB&23446-1puxks5jee0l&KRTB&23465-1puxks5jee0l
ads.avct.cloud/ Name: uuid
Value: 7a86a7b6-84fd-449e-bc27-087750661b82
.tribalfusion.com/ Name: ANON_ID
Value: ajnseFOleq9PZabprMja83Zd6tFKOZaKxOxCV1DPE6FZcgHqYq0PmtA9oowux4fM6qODop27ZaGS4E1QcjQoQeY7Zd
.audrte.com/ Name: arcki2_ddp2
Value: em2LGYwUnbmR9SZle5LveaCYw!20220908!1686075562560
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-6dfb9a1c-ad7d-4633-9e8c-6d9a4884d118
prebidserver.pixfuture.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQUUtNkJWRWcvWUg2Q0ZiTyIsImV4cGlyZXMiOiIyMDIzLTA2LTIwVDE4OjE5OjIxLjc4NjM2NjQ0NloifSwiZ3JpZCI6eyJ1aWQiOiI2ZGZiOWExYy1hZDdkLTQ2MzMtOWU4Yy02ZDlhNDg4NGQxMTgiLCJleHBpcmVzIjoiMjAyMy0wNi0yMFQxODoxOToyMi42MDQ5ODUwNThaIn19LCJiZGF5IjoiMjAyMy0wNi0wNlQxODoxOToyMS40NjE5NDAxNTlaIn0=
.ipredictive.com/ Name: cu
Value: a48a0a6e-c06a-4b72-8b5f-8e3e0837e31b|1686075562627
.audrte.com/ Name: arcki2_adform
Value: 2556422807963527101!20220908!1686075562686
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFmYG5qamZoaWm0igXBNzYwNlwliuAbWVpYAABYAGbrMAAAAA
.zeotap.com/ Name: zsc
Value: %D3%CA%9A%94UNc%B1%EC%BE%A1%A4%B43%AD%9A%1Fb%17X%B3pFx%05%9CS%DB%99y%C1%AC%E0%B4%D3%C2%DA%A5%91%14%E4%EFn%069%FE%CE%89l%03%03%B4%B1oFN%D5Iu%96%06G%08%F7%C3-Q%F0%BE%E0%C0%05%D2%F3G%3Bzz%DD6%E2y%B8%2Br%21%C0%3D%1A%A1%7Cs%DC%80U%F9%3CV%81%8B%B8%BF%BB%ED%124P%05NP-%25%021%B3U%FF%0F4%01%BA%09%93%28O.~%9AW%2CnF1%3E%22%A4%05%00B%B2%88M%12%80%0A9%B7-%80%3A%F6%1F23QX%E4%BF%3C%B3%40w%AE%23%06%1C%D1%FF%A1
.linkedin.com/ Name: bcookie
Value: "v=2&3d6d822e-2692-41ab-8351-68d7971a6364"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODYwNzU1NjM7MjswMjEYrcjLzumopdLLLvzaa+xUhoj601hc9Ox2YfjQKnL4dQ==
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2921:u=1:x=1:i=1686075563:t=1686161963:v=2:sig=AQHvMYY1mviDipJ8bBD2Q7STUk8eVO0k"
.w55c.net/ Name: wfivefivec
Value: 7bJTvbsH1Q6Bh95
.adtelligent.com/ Name: a733849
Value: 7081950935233263137
.adtelligent.com/ Name: a743293
Value: 2556422807963527101
.adtelligent.com/ Name: vmuid
Value: 0da1d4f41ac4e2e9
.adtelligent.com/ Name: a307971
Value: AE-6BVEg/YH6CFbO
.w55c.net/ Name: matchcasale
Value: 5
.amazon-adsystem.com/ Name: ad-id
Value: AwYsHJzUpkz4ug8UD7o8H-M
.spotim.market/ Name: vmuid
Value: f2c526ea5522fa2d
.spotim.market/ Name: a323548
Value: 7081950935233263137
.console.adtarget.com.tr/ Name: vmuid
Value: 10b2990ca19c8ea2
.console.adtarget.com.tr/ Name: a307080
Value: xQLsnIjCKJftNpspaiXm
.console.adtarget.com.tr/ Name: a307457
Value: 2556422807963527101
.console.adtarget.com.tr/ Name: a743408
Value: 143c3ee1-0d02-4cb8-847e-01e80745e860
.adtelligent.com/ Name: a318342
Value: 10b2990ca19c8ea2
.console.adtarget.com.tr/ Name: a743845
Value: 2556422807963527101
.go.sonobi.com/ Name: __uir_bw
Value: 58157134261427611
.go.sonobi.com/ Name: __uir_mm
Value: 58157134261427611
.go.sonobi.com/ Name: __uir_zt
Value: 58157134261427611
.go.sonobi.com/ Name: __uir_td
Value: 58157134261427611
.go.sonobi.com/ Name: __uir_pp
Value: 58157134261427611
.go.sonobi.com/ Name: __uir_eb
Value: 58157134261427611
.richaudience.com/ Name: avcid-zeo-uid
Value: a7b7b304-8b60-40d3-7492-3944620c0ed2
.pubmatic.com/ Name: DPSync3
Value: 1687219200%3A226_219_197_201_245_241_235_227
.pubmatic.com/ Name: SyncRTB3
Value: 1686873600%3A63%7C1688601600%3A203%7C1687305600%3A35%7C1687219200%3A238_71_8_214_249_99_21_46_55_254_251_243_56_7_176_165_233_13_88_204_22_81_220_161_3_54_166_234%7C1686614400%3A223_2_15%7C1691193600%3A69
ads.playground.xyz/ Name: connect.sid
Value: s%3AAwrcXjc6Oe3H_WN9P62650T9gQPb7dSM.5SfTnVZe1TzZKH2NhNE7VTkjDUI9SD9M2HDaVNGivVE
.onaudience.com/ Name: done_redirects161
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003%22%2C%22nxtrdr%22%3Afalse%7D
.exelator.com/ Name: EE
Value: "bfb2bc610b429b26be3042259db04296"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSEpLckoKdnM0CDJxMgyycgsKdXYwMTIyNQyJQlIW5otLkstWrC0tDg1JenQkoqckpym1WXxoY7xbo6%252Bnj6Ry5wzivJzU1eAhcJcgxYbGposyS%252FKTF%252Fk4rq4KCWNYVFJ8angIx4%252FAJRsKlU%253D"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003%22%7D
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003&KRTB&17107-RX-44a87021-1ccf-4491-90b2-4fa40efeb76a-003
.pubmatic.com/ Name: PugT
Value: 1686075563
.semasio.net/ Name: SEUNCY
Value: E61503DD7A43BB6B
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1686097166040
.adtelligent.com/ Name: a281178
Value: 31F35B0E-8E54-4B63-A06A-F2C5856BEE9F
.pubmatic.com/ Name: SPugT
Value: 1686075567

23 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'join-ad-interest-group'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'run-ad-auction'.
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js(Line 13)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
javascript error URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2194730263&i4=80.255.10.205&r=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html' from origin 'https://www.minitool.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2194730263&i4=80.255.10.205&r=https%3A%2F%2Fwww.minitool.com%2Fnews%2Fcheck-registry-for-malware-and-remove-it.html
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.minitool.com/news/check-registry-for-malware-and-remove-it.html
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://www.minitool.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://va.tawk.to/v1/session/start
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a7b7b304-8b60-40d3-7492-3944620c0ed2&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c873439cfa8a0b72
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=31F35B0E-8E54-4B63-A06A-F2C5856BEE9F&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://tags.bluekai.com/site/87734?id=a7b7b304-8b60-40d3-7492-3944620c0ed2&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=df69d3aa-932d-4975-71d1-e110acc7a590&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cs.admanmedia.com/sync/gumgum?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7b7b304-8b60-40d3-7492-3944620c0ed2&reqId=2970c64c-cf06-44b8-575d-27f693f08540&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.admanmedia.com/sync/gumgum?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_68c17e29-750d-471c-b0e5-d8ba1ff080eb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ad.yieldlab.net
ad4m.at
ade.googlesyndication.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bd9030017126bb39bafca3904dff8eea.safeframe.googlesyndication.com
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
btlr.sharethrough.com
c1.adform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.pixfuture.com
cdn.prod.uidapi.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
code.createjs.com
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.admanmedia.com
cs.iqzone.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
embed.tawk.to
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
get.s-onetag.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
loada.exelator.com
loadeu.exelator.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mcdp-nydc1.outbrain.com
minitool.disqus.com
mug.criteo.com
mv.outbrain.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixfuture2-d.openx.net
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.media.net
prebidserver.pixfuture.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rock.defybrick.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
tcheck.outbrainimg.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
va.tawk.to
web.hb.ad.cpe.dotomi.com
widget-pixels.outbrain.com
widget.trustpilot.com
widgets.outbrain.com
www.artfut.com
www.dwin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkconnector.com
www.minitool.com
x.bidswitch.net
api.rlcdn.com
fid.agkn.com
104.80.242.37
108.138.233.121
108.138.36.121
108.138.36.98
124.146.215.47
134.122.57.34
137.184.242.150
141.94.170.77
141.94.242.206
141.95.33.111
142.250.185.66
142.250.186.34
142.250.186.98
146.59.148.16
146.75.118.132
151.1.205.165
151.101.66.49
161.35.253.218
162.55.236.224
169.197.150.7
173.231.181.122
178.250.1.11
178.250.1.9
18.194.223.184
18.194.57.28
18.195.124.86
18.195.80.95
18.198.126.47
18.214.236.190
18.66.192.102
18.66.192.107
184.30.20.22
185.15.245.82
185.184.8.90
185.239.172.77
185.29.134.244
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.81
185.64.191.210
185.80.39.216
185.86.138.150
185.86.138.151
185.89.210.153
185.89.211.12
193.0.160.131
193.3.178.1
193.3.178.3
193.3.178.4
195.5.165.20
199.232.196.134
2.23.197.190
2001:4860:4802:32::36
205.234.175.175
208.93.169.131
209.54.182.161
212.82.100.182
213.155.156.181
213.19.147.44
216.52.2.30
23.201.255.110
23.206.20.27
23.35.229.181
23.35.236.201
23.35.237.86
23.88.86.2
2600:1f13:800:7780:b3b4:bb89:e7bf:65d6
2600:1f16:e61:3f00:c809:e236:12ac:7ef7
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:20c3:2400:f:8ce2:fb80:93a1
2600:9000:225b:b800:a:e047:753:be1
2600:9000:2450:4400:8:48e:53c0:93a1
2600:9000:2450:5e00:1a:ba5c:3900:93a1
2602:803:c003:200::37
2602:803:c003:200::41
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:10::6816:1983
2606:4700:10::ac43:1627
2606:4700:10::ac43:266a
2606:4700:10::ac43:db6
2606:4700:20::681a:644
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4b3f
2606:4700::6810:3865
2606:4700::6812:14b2
2606:4700::6812:18ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:480:f::213:7ede
2a02:fa8:8806:13::1400
2a02:fa8:8806:20::2100
2a04:4e42:200::300
2a04:4e42:400::485
2a05:d018:24:b002:87fa:f3e4:ea80:83b3
2a05:d018:d29:3601:6b04:f2d6:9b64:eb08
2a0c:5c81:5142::2
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0
3.211.219.149
3.217.213.80
3.33.220.150
3.71.149.231
34.102.146.192
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.111.131.239
34.120.135.53
34.120.63.153
34.160.236.64
34.247.133.3
34.247.233.198
34.250.200.92
34.254.143.3
34.96.70.87
34.98.64.218
35.171.239.119
35.186.193.173
35.186.253.211
35.190.39.111
35.204.74.118
35.210.239.72
35.214.243.70
35.244.159.8
37.157.5.132
37.157.5.133
44.216.78.19
46.228.164.11
51.75.86.98
52.209.172.99
52.211.178.255
52.213.148.186
52.215.211.28
52.220.229.2
52.31.201.132
52.31.71.52
52.48.238.17
54.154.11.143
54.227.251.232
64.74.236.223
65.9.66.97
67.202.105.33
67.220.228.200
69.166.1.10
69.166.1.15
69.173.144.138
69.173.144.165
70.42.32.63
76.223.111.18
77.243.51.121
77.245.57.72
8.2.110.24
8.2.111.13
80.77.87.166
85.114.159.118
95.101.148.198
98.98.134.241
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0454c0105375438f1194ab5402d36e3256899428c95f9637c73e6215cb21033f
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0
082dc35ea6501f8b38354dfb9fda252a61a276c7a7dd7de5050563a990a24ab1
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a142acccdc47c31e172d3b1275428069f4ae87f88cbbe8e2907b567b4fd049d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1055b01b91693c4e000fd6957523728b91f43b99382f3856879654317d189a49
10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d
124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
160d1864783c67f39eb03bef232d860b57aba8f26003317974a774a3d5146345
16e96b6e11b7f7938a3715afff3fb0a8a341f800bbbfb4d6d2569452d6780d3f
17d11fd86d522fe722b3ba8049f3bcaf42a287036a515d507d62516df47b0b51
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1872a0305644f10e3b26f34f97dcf88c4fde5bd51a7ecbc3cef5e4e29bf2465c
1ac72a6fe240a598c8dabaf9778f216ac05830176276d1434c5199ec2ad58c75
1b3fc453f0e76225200b6a26d7cd832a18df0c2f00a9e8b0ff8337e7ea60a095
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1fc6de47730df6a07e8f033f2489d1a4a7c2505e6750de172c13b408b48d8e8c
209a8689017a87ce9d7245a5ec27319c435d1f5db4940f6e4a829b4bd8dff122
216e71410453fd5f77c0ccfff2e6d99e7255ed0801f9f40d44075d0b2919d983
219540d334db27bc55469e6d3d1fbf2d16255179cb5f1733e09756eff63796c9
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c
24527f35b6e849fcd88f0a97ba8d95baa4f70b362bba9f93ffa5d28aeb10262a
246278ddc018fae36c6dc1247855fc348f9c3aa38f2fe7d56620fc36f9b0b5b9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28b77e1be6e53c41a16c16c16c65641f1c683a3e1ebb1d12a035dc6016c67652
296d4dc4d4d47a032a1acb968c7d58b757d4adfce8e451f3c5f8800ec3641e4b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5ffbcb98e37a769c888d4fc219d662b8a75973edbbe290c3ab273391972958
2f6dc859762441b3814cf106199e44b28560ae2fcbe57b7d0d82af101512f430
313a9c8a42e2215432a2e1de99e69949b5a4858344559e44327971d22c5f0a45
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ca965b531f63821c74167d41f0cae2a19bd87e74ecb09d61a893c2f3864fc1
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
335d1ce1d0cf7a45cdc60106e97766b08c76edfb42b6683833dcde6bfd0508a9
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3bdfbc9766bcd10ebae55ac97cd34400ba37b6c478fdc41073d0a892eb51323c
3cce9f648b76fc254a7cd328ccd8085719c06f7600a5b6d258a2cc2d5b39a052
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f13a8a652585934679b92ef7b5bceaeda7672269c9e8d6155e00d803dc359d2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447bd10b9f4afaf760b6d93cd88399c3cce3f82d68064d6650824cf5609e8fa1
44fafeff740e6b0780b0a318d6f05a9e81ea4d62435440bfe989a3e25dcaaf7f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d48fc4c7dcd58d3c5fcc72e7df0d5325d24ad8652ea05ca5489b5ed33449b1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4cd211100531509c666dc8294533663b7ed90fcf2b70bab25d8a057e8194f263
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506f7af8fc4f495b85ff891159be15e23a02bbdd27b19c5df7c8822f7d4b3bb1
52d18f4159c16dd96b035ed92e3ecf2a5b041dcea097c0c25eb15e1ad437f564
535a2494319cef4c32752caeb80b68b6fc12d29a5088e555739d642e2d933b29
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
555c93f2c5c27d2d998b2faf691b060e08eb08b793a38d5da3d5d7fd8b48165a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
58cb74313848348b5465a8130165f77a8138313b5041f3c6057f188b4cdbb563
58ed75e2d2be64a6b791dc665a6f65b7f732415592b4ccea7905c65a65560526
5a68bd47337d24bfad49cda4c4427a9abdf8d09d1a52c09819dfeebb08442245
5c96dc2794ce0c6659a428f206899e12a3aa29a75cc5d8c3e09ce2b480297dbe
5eeb05aac82ab67f7dc44f0f46856e0e1960a3184491ac74cf39396665a48794
6171075e28005b5d5a436bfd400173be9cbb3c1ccdcb03853edf9282122b440f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81
643ea55257c47c01facd1346cc0c9ac302a3fbef13a3f0eb91c638bb156cfba2
65120c58ea50104363d7057e3d04517582a7aed059b085a49e23e81ffbbfb85d
65b6e7bda0445481b20c3df30e61c061831f474108f019def255ba7f98ecc59a
67907076724bbf95b9e31039e2480d775aa9cf2ff7ff7446dd81ee52c4fae09f
686b2c777d4877c47051008108a4edca8c7b1d21f8b43d053b3708ee9e35fc7e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be5607ec152b24f0880e3c280b9cb477d607287b2ec3b74c6235ffafb432416
6d10b1676d0a384d6e9aabe76de94344c3629e3b63a18c6457c4b5f8d6fa7cfd
6d6b969806080e1a761470b1f28859f3ff7d1bf3b6b41a2392ef6143af5b0d13
6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
70826466a8225b670b551df18e2c4815b0203321d7b330726321fd618d97bd3f
713b3cd2c9c0381e20aa0f85b65c1c28dca19ef5761c17e4a3812891f0df3103
72a0bfe74654a39eb0c6b6a9009ed69ffcc224eaf304306ca2c042f94e54438b
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73360e766ced0fdba06526c83b984ad4c1ed9531e54c88a32e3012bbbf65986f
751560c797fd689664c4cf946c59eb82fb5dc2b99fe33e0a80271b7308f46fc7
76a209437f825765bf546f6d9fbc3b8832e02da6455785a8b7f8831c53ea6e6c
7b2ace3ab16e791d1f02fc9d62bb9ea9bb64a7909a45c91d4cd68dff55a2cdc4
7dda27a21d2cab5ef52a86f04ce507219dda8ab16bf52f19de0000673f9e5055
7e76c98088b3e894f10637cf75b895990311ef9243ddd9804f067b54f72369b9
7f9dd15aa25e7a61402fce87411f4071eee7124cca7b5b5b99b04c8e1d0b0dc4
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
8458fe11752d5d38331b7a5a2c7405d4b7576be553c29b925c6db3518e6599b3
847dcc41fed1022fe1e414c509c9580c3232c30ea0b68e7ed5a56cb0c06c064d
84df6c71474cd4b232d43a05d1878267a5fd7eef3f10d75ab359f64f467fa757
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fc78949bdbd100c2a97198d87ab82815c5d3380a3b1394b30f1c9874e26ba4
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
861d4a406c4864b6ccc9cc7630a05bb53a92e3353e8213b040b363fd695ffa29
8644ad22d558cc88092ab54abe558602d1999e83ac681234daee57e44353cf0f
870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95
87707bc27af8e87d69bcd9cde37b97e42b6ae5369f34d66506e977e4f817f4b5
88e591c50bd89d0c289afb20067364a41a78b25d810ce16223e582753c976798
89a3fe8d8dac41fa5d87bf24757e3a08c8e432740d8eb2cb9969e8e6f24edd10
8b82265e5bb3ff65fbb3cd5e5fb32c0fc86e3f7cf1008768a7c72d1bd5f502f3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f72012e0b5d04f9036e2a5ef4030d78ca3055e17b624fc68bca45111b7455d4
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
94f9dc3fe1126d55053b1638ed35e036916f5e407a2651e0222adf5f6ee8b75d
959d7b8ed1f86daa8e06e3293e7b01c803ded8b9325c6040d3b2f67bdb352b5d
96a707d2e08cbf484c312dbdaee4c0b2c5eebc2aa90c1749633018cb4457810d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cf94b76bddd35ba07c27b707556990e03b8f2694473ebf9a1d39a248fb94ec9
9e8619f2e3b9ff54627dd372dcf72535997d521a012f22d1eaef66fd909e8f9c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a272b9f8468d5a619c21709a4fc702db301e25032f20ea4a034d3abe6fba7e79
a368489c379dc91bdae54a0bf07c01de5902c54f5c0bfdd5a57e0f732ede576e
a44429f4e11a62335ca76e2dd9790dd80b005565fe962305a490fa3354abfee8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a7fe9c713a5fc73d735e503ffdc06c84cca7cc284512209dee4fe715f8204d8d
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a94ffe4dbf3b1b8e201a2df8767a3699330664abab53631809b0b74bcd48f440
a96b4a50173b3255eaf86e1186a1d44ba22af677343afbcf3d8a8fb54f27ded9
aae6635350774bd3a01b56056ae406f23926f879b29e5682663982111621681a
abdf4d9b58a8a51f10b9c7ae1693b9f70eeabd53b34026dce0281beac6244e9d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04d72546f3d807901ac18982112fcf6c50c115095f76755040cd6be758599a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e0cd522b4efddfe135bfe77838791ea55b8f5cc22dc5edc761477458808a31
b455aca16ddae9ab83d1f5c86b5263742b5d788090d5049d598bc726317735f7
b52711528927060892e10870339ecc5ce012aaeaf2406ab4e9cac3acdbe48ccc
b537a26aa913602cf89943589dab0adce3c6e2f2137d31e28c685c5c043f2886
b545ff35ef181d922c75fe8953d94d70d9e104b556ef52f278791f2a9e309c34
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b7738faf2de54da7a16ae6d889bf5f59c04f80d898dc2a4931087864475069f3
b97424350ccb2dfb3b8990518e800445a9e15dfe47a3d6db1a96d8dcfd84646e
b9e3acc3ea33954ac74406b8bbd9489bba42631dda3b1ebfa20bb8874226a95a
ba9ea2dbd2340a080c3b117ccc97682072853a103029cb65bd2fd645a23f250b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc332d3f60c6d2e080be60f71daa1aa8aacb6b437ea96f1678f2453347ccb2fd
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c52bd55899fd2cd04227254552663db97825e1ef60ca31d13133274d3d51c1ed
c5386bebc9947e524876c59c694b5e58079747c11337aa6e7115b582f4f68feb
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
cd44862d0f8bd3eefe381c544f1980e1debcc57e278c58bbbde323316dfe8ae7
cd69d512d54d47e28a7c6debb7757762ffafcf32a8443d744ec71e7440439c59
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0be3feeda733c0c79c8fc5f5235f1e13375424e7c39e33ca9d97ce272ac29c4
d3e37e7fe19544adee2096b300794eb4fc3b8f566b1349e6c2b4c1daf283eb89
d5dcd752c4d997cffe71ecc77e8526e57628599f62601705b50ce13968a082e9
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d74fc278673af1800365cd5d23856b818ea523d7b6cee0cb5ab961bf5d8332c8
d94741d73e4500db83b9e05383f2ac96c80e5c6741314a7adb72312c3f405cf9
d99c3ef320f37f5ddf1429816efe0181056ee74a94ef00bc966295e0a215cfa2
db9d8c1cc89758c3e3f9ff67a420255ed2aee18f612696c97a15b8e1bf371c7c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde53fc96d217470fc220747f3deb58f7078ca339b91f2bdcfd6dc244db34b5a
de961f542dd891b32d3aeff150fb77aec0920f9638fdebf13f737a83c010e73a
ded26ed14c8fcb1ecfb6b333c738b9ca5a2a2d69e9cb0e6147ec61333d963f40
e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5
e173f6d03271af6cb0646ea50f8cf656b6cafc800fe95b69b66f122372220625
e1d44d22d51304844910cf555e3820d777e90b33d2a5505954d8453ed9ceb846
e20ef05650217e61bd0c642bc53f71f878f1250d879fad4bc4c20212d9e647d3
e292b789c91fe98f5abd1a39a3d316803d895068f301dff4606691bc26771e8e
e2c470f6a03716a738a3b4639a161ef4d0d3572426eddac5ffc890271a06e148
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e461962eda1aa52e4157b53410b58306161369b62628766400c8a279a5182e66
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ed25316f9b1fa338342fa7af622e15a20c0123d200c4bdcbfca53ce5fede3a23
edbe2e5100da426a1053c0c03dd457e4243545631d67fdd5bb6af0f577d7cad8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2088b3c4c6de326a6a4fdff15f374d7a1beb7be687edb87e3f83a8911b8ffd0
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c5d2c7127a5ef007a6419f0b1cddd9c66669f042fb69ea75af80626de05a92
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f90e86e415fef9aea8d31405a00fde59f92c5968762d3f9fa78a2c386a32ff09
fb96d71fb7cd250e9c7eb9c3156d8768a7f9cf146dd65d7056b535b097b3452a
fd4d9d732e7a4af52746ebabe6bb16941ee71ae3e919131af700cf4e1228a16a
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e