URL: http://1268851742.pub.ezanga.com/tags.php
Submission: On April 24 via manual from US

Summary

This website contacted 22 IPs in 7 countries across 24 domains to perform 32 HTTP transactions. The main IP is 75.126.40.124, located in Dallas, United States and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is 1268851742.pub.ezanga.com.
This is the only time 1268851742.pub.ezanga.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 75.126.40.124 36351 (SOFTLAYER)
1 34.215.122.35 16509 (AMAZON-02)
2 169.50.137.176 36351 (SOFTLAYER)
1 104.96.128.212 16625 (AKAMAI-AS)
1 2 34.255.244.192 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2.16.186.80 20940 (AKAMAI-ASN1)
2 104.111.241.32 16625 (AKAMAI-AS)
15 21 159.253.128.183 36351 (SOFTLAYER)
1 34.233.100.133 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 2600:1901:0:8... 15169 (GOOGLE)
2 54.86.0.208 14618 (AMAZON-AES)
2 2 147.75.102.200 54825 (PACKET)
1 185.59.220.18 60068 (CDN77)
1 34.231.62.224 14618 (AMAZON-AES)
1 52.209.198.125 16509 (AMAZON-02)
1 2 72.251.249.9 29791 (VOXEL-DOT...)
1 1 52.49.24.175 16509 (AMAZON-02)
1 1 52.3.8.119 14618 (AMAZON-AES)
1 1 216.58.207.34 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.94.180.126 35220 (SPOTX-AMS)
1 185.33.223.206 29990 (ASN-APPNEXUS)
1 151.101.0.166 54113 (FASTLY)
1 213.19.162.90 26667 (RUBICONPR...)
1 2 173.241.240.143 36089 (OPENX-AS1)
2 2 172.217.22.66 15169 (GOOGLE)
32 22
Domain Requested by
21 um.simpli.fi 15 redirects 1268851742.pub.ezanga.com
3 b.scorecardresearch.com 1 redirects 1268851742.pub.ezanga.com
3 bcp.crwdcntrl.net 1 redirects 1268851742.pub.ezanga.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects 1268851742.pub.ezanga.com
2 sync.search.spotxchange.com 1 redirects 1268851742.pub.ezanga.com
2 ce.lijit.com 1 redirects 1268851742.pub.ezanga.com
2 loadm.exelator.com 2 redirects
2 idsync.rlcdn.com 1268851742.pub.ezanga.com
2 fei.pro-market.net 2 redirects
2 script.anura.io 1268851742.pub.ezanga.com
script.anura.io
2 i.simpli.fi 1268851742.pub.ezanga.com
i.simpli.fi
1 pixel.rubiconproject.com 1268851742.pub.ezanga.com
1 bh.contextweb.com 1268851742.pub.ezanga.com
1 ib.adnxs.com 1268851742.pub.ezanga.com
1 www.google.de 1268851742.pub.ezanga.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 stags.bluekai.com 1268851742.pub.ezanga.com
1 sync.bfmio.com 1268851742.pub.ezanga.com
1 load77.exelator.com 1268851742.pub.ezanga.com
1 sync.intentiq.com 1268851742.pub.ezanga.com
1 ads.anura.io script.anura.io
1 tags.bluekai.com tags.bkrtx.com
1 tags.bkrtx.com 1268851742.pub.ezanga.com
1 exchange.bdex.com 1268851742.pub.ezanga.com
1 1268851742.pub.ezanga.com
32 30

This site contains no links.

Subject Issuer Validity Valid
*.bdex.com
Go Daddy Secure Certificate Authority - G2
2018-03-17 -
2019-05-16
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2017-05-11 -
2020-05-10
3 years crt.sh
*.intentiq.com
Amazon
2018-05-09 -
2019-06-09
a year crt.sh
*.rlcdn.com
Go Daddy Secure Certificate Authority - G2
2017-05-08 -
2019-06-21
2 years crt.sh
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3
2019-04-22 -
2019-07-21
3 months crt.sh
*.bfmio.com
Go Daddy Secure Certificate Authority - G2
2016-09-05 -
2019-09-05
3 years crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA
2018-12-10 -
2020-03-10
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2016-06-28 -
2019-06-28
3 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2019-03-11 -
2020-05-10
a year crt.sh
www.google.de
Google Internet Authority G3
2019-03-26 -
2019-06-18
3 months crt.sh
sync.search.spotxchange.com
GeoTrust RSA CA 2018
2018-02-20 -
2019-05-25
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA
2018-07-07 -
2020-06-03
2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.openx.net
DigiCert ECC Secure Server CA
2019-02-08 -
2020-05-12
a year crt.sh

This page contains 2 frames:

Primary Page: http://1268851742.pub.ezanga.com/tags.php
Frame ID: 452D873229F4A3B2811325F96334880E
Requests: 31 HTTP requests in this frame

Frame: http://tags.bluekai.com/site/20675?ret=html&phint=category%3Dunknown&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2F1268851742.pub.ezanga.com%2Ftags.php&r=64210948
Frame ID: 85624A68F8DEBBD0098715E272D5FC00
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • env /^_?COMSCORE$/i

Page Statistics

32
Requests

69 %
HTTPS

20 %
IPv6

24
Domains

30
Subdomains

22
IPs

7
Countries

36 kB
Transfer

58 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://bcp.crwdcntrl.net/5/c=7079/int=unknownh/int=unknown/int=ezanga.com HTTP 302
  • http://bcp.crwdcntrl.net/5/ct=y/c=7079/int=unknownh/int=unknown/int=ezanga.com
Request Chain 6
  • http://b.scorecardresearch.com/b?c1=8&c2=8287123&c3=2904991687&ns__t=1556117973605&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F1268851742.pub.ezanga.com%2Ftags.php&c9= HTTP 302
  • http://b.scorecardresearch.com/b2?c1=8&c2=8287123&c3=2904991687&ns__t=1556117973605&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F1268851742.pub.ezanga.com%2Ftags.php&c9=
Request Chain 11
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A9D579C05C1678EFA902E74508
Request Chain 15
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=B08932A9D579C05C1678EFA902E74508;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=B08932A9D579C05C1678EFA902E74508;mimetype=img;sr HTTP 302
  • https://idsync.rlcdn.com/398696.gif?partner_uid=7967568082182882738
Request Chain 16
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=B08932A9D579C05C1678EFA902E74508&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=B08932A9D579C05C1678EFA902E74508&j=0&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 18
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=B08932A9D579C05C1678EFA902E74508
Request Chain 19
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=B08932A9D579C05C1678EFA902E74508
Request Chain 20
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B08932A9D579C05C1678EFA902E74508
Request Chain 21
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=B08932A9D579C05C1678EFA902E74508 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=B08932A9D579C05C1678EFA902E74508&dnr=1
Request Chain 22
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=B08932A9D579C05C1678EFA902E74508
Request Chain 23
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418 HTTP 302
  • https://d.agkn.com/pixel/5502/?sk=164361403035000541636&pd=&l0=https://um.simpli.fi/aa_px?sk=164361403035000541636 HTTP 302
  • https://um.simpli.fi/aa_px?sk=164361403035000541636
Request Chain 24
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1556117973704&cv=7&fst=1556117973704&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1634718256&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=13nAXP7kFort3wPXpbTgBA&sscte=1&crd=&gtd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1634718256&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=13nAXP7kFort3wPXpbTgBA&random=987796891 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1634718256&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=13nAXP7kFort3wPXpbTgBA&random=987796891&ipr=y
Request Chain 25
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A9D579C05C1678EFA902E74508 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A9D579C05C1678EFA902E74508&__user_check__=1&sync_id=931090bb-66a1-11e9-bc9f-173c25ca2506
Request Chain 26
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=B08932A9D579C05C1678EFA902E74508
Request Chain 27
  • https://um.simpli.fi/cw_match HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B08932A9D579C05C1678EFA902E74508
Request Chain 28
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B08932A9D579C05C1678EFA902E74508&expires=365
Request Chain 29
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=B08932A9D579C05C1678EFA902E74508 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B08932A9D579C05C1678EFA902E74508
Request Chain 30
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEEj4xQK5f5MNDN85zOz3-Dk&google_cver=1 HTTP 302
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B08932A9D579C05C1678EFA902E74508 HTTP 302
  • https://um.simpli.fi/g_match?id=

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request tags.php
1268851742.pub.ezanga.com/
2 KB
2 KB
Document
General
Full URL
http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Server
75.126.40.124 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
7c.28.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
74892ffe375c953a9a0e533b4036bce808b5575888cc41d8d64d27465a41a255
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' data: *.anura.io *.scorecardresearch.com *.bdex.com *.simpli.fi *.bkrtx.com *.chango.com; style-src 'self' 'unsafe-inline'; img-src 'self' *; object-src 'self'; media-src 'self'; frame-src 'self' *.bluekai.com; font-src 'self'; connect-src 'self' *.anura.io; report-uri /rvcsp.php?rvid=
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
1268851742.pub.ezanga.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Apr 2019 14:59:33 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Expires
Mon, 16 Feb 1987 05:00:00 GMT
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' data: *.anura.io *.scorecardresearch.com *.bdex.com *.simpli.fi *.bkrtx.com *.chango.com; style-src 'self' 'unsafe-inline'; img-src 'self' *; object-src 'self'; media-src 'self'; frame-src 'self' *.bluekai.com; font-src 'self'; connect-src 'self' *.anura.io; report-uri /rvcsp.php?rvid=
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
1050
Connection
close
Content-Type
text/html; charset=UTF-8
bdexSeller.jsp
exchange.bdex.com/bdex/
0
423 B
Image
General
Full URL
https://exchange.bdex.com/bdex/bdexSeller.jsp?bdexPartnerAccountId=43&sellerCampaignId=273&industryId=460&customerUserId=&datasetClass=Interest&audienceClass=
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.122.35 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-215-122-35.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

dpx.js
i.simpli.fi/
2 KB
3 KB
Script
General
Full URL
http://i.simpli.fi/dpx.js?cid=6908&m=1&quid=unknown&referrer=unknown
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Wed, 24 Apr 2019 14:59:33 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
1998
x-request-id
2mc723b6bpea7lc7ck67jen1
Expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
bk-coretag.js
tags.bkrtx.com/js/
31 KB
10 KB
Script
General
Full URL
http://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Server
104.96.128.212 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-96-128-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Apr 2019 14:59:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jul 2018 20:07:28 GMT
Server
Apache
ETag
"3160052-7a94-571b031e6f476"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10358
Expires
Wed, 01 May 2019 14:59:33 GMT
int=ezanga.com
bcp.crwdcntrl.net/5/ct=y/c=7079/int=unknownh/int=unknown/
Redirect Chain
  • http://bcp.crwdcntrl.net/5/c=7079/int=unknownh/int=unknown/int=ezanga.com
  • http://bcp.crwdcntrl.net/5/ct=y/c=7079/int=unknownh/int=unknown/int=ezanga.com
49 B
1 KB
Image
General
Full URL
http://bcp.crwdcntrl.net/5/ct=y/c=7079/int=unknownh/int=unknown/int=ezanga.com
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Server
34.255.244.192 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-255-244-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:33 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.26.19.230
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:33 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
http://bcp.crwdcntrl.net/5/ct=y/c=7079/int=unknownh/int=unknown/int=ezanga.com
Cache-Control
no-cache
X-Server
10.26.29.140
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
request.js
script.anura.io/
21 KB
8 KB
Script
General
Full URL
http://script.anura.io/request.js?instance=151323033&source=unknown&campaign=unknown&697257395289
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Server
2606:4700::6811:ce4a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82bd3587057cf8a77c0a278c91c29279c1455daebbf5eba8c1358ba7b22c6389
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
CF-RAY
4cc8f116fcc964e1-FRA
Expires
Sun, 28 Dec 1980 18:57:00 EST
beacon.js
b.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Server
2.16.186.80 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Apr 2019 14:59:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Thu, 25 Apr 2019 14:59:33 GMT
b2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/b?c1=8&c2=8287123&c3=2904991687&ns__t=1556117973605&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F1268851742.pub.ezanga.com%2Ftags.php&c9=
  • http://b.scorecardresearch.com/b2?c1=8&c2=8287123&c3=2904991687&ns__t=1556117973605&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F1268851742.pub.ezanga.com%2Ftags.php&c9=
0
248 B
Image
General
Full URL
http://b.scorecardresearch.com/b2?c1=8&c2=8287123&c3=2904991687&ns__t=1556117973605&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F1268851742.pub.ezanga.com%2Ftags.php&c9=
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Server
2.16.186.80 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:33 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://b.scorecardresearch.com/b2?c1=8&c2=8287123&c3=2904991687&ns__t=1556117973605&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F1268851742.pub.ezanga.com%2Ftags.php&c9=
Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:33 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
20675
tags.bluekai.com/site/ Frame 8562
0
0
Document
General
Full URL
http://tags.bluekai.com/site/20675?ret=html&phint=category%3Dunknown&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2F1268851742.pub.ezanga.com%2Ftags.php&r=64210948
Requested by
Host: tags.bkrtx.com
URL: http://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Server
104.111.241.32 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-241-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
tags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://1268851742.pub.ezanga.com/tags.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://1268851742.pub.ezanga.com/tags.php

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
c020
Date
Wed, 24 Apr 2019 14:59:33 GMT
Connection
keep-alive
X-N
S
p
i.simpli.fi/
752 B
1 KB
Script
General
Full URL
https://i.simpli.fi/p?cid=&cb=sifi_att_107690267909954._hp
Requested by
Host: i.simpli.fi
URL: http://i.simpli.fi/dpx.js?cid=6908&m=1&quid=unknown&referrer=unknown
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
a2d6f375489a4afaa66552a89c9ee6233f7e65bde3cb6765cab2d2c3e5e36fca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Wed, 24 Apr 2019 14:59:33 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
status
200
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
application/javascript; charset=UTF-8
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
nexage
um.simpli.fi/
43 B
361 B
Image
General
Full URL
https://um.simpli.fi/nexage
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Apr 2019 14:59:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
showads.js
ads.anura.io/
0
518 B
XHR
General
Full URL
http://ads.anura.io/showads.js?13470302069
Requested by
Host: script.anura.io
URL: http://script.anura.io/request.js?instance=151323033&source=unknown&campaign=unknown&697257395289
Protocol
HTTP/1.1
Server
2606:4700::6811:ce4a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://1268851742.pub.ezanga.com/tags.php
Origin
http://1268851742.pub.ezanga.com

Response headers

Date
Wed, 24 Apr 2019 14:59:34 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4cc8f118da7764e7-FRA
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A9D579C05C1678EFA902E74508
43 B
502 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A9D579C05C1678EFA902E74508
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.100.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-233-100-133.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:34 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2019 14:59:33 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
*
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A9D579C05C1678EFA902E74508
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
status
302
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
response.json
script.anura.io/
44 B
737 B
XHR
General
Full URL
http://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: http://script.anura.io/request.js?instance=151323033&source=unknown&campaign=unknown&697257395289
Protocol
HTTP/1.1
Server
2606:4700::6811:704f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bef9c8bdf36aeab6cc150aef1a5fdde584aa4efb15f0bcb8e90196df52071650
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
Origin
http://1268851742.pub.ezanga.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
CF-RAY
4cc8f11a2cab97da-FRA
Expires
Sun, 28 Dec 1980 18:57:00 EST
pubmatic
um.simpli.fi/
43 B
361 B
Image
General
Full URL
https://um.simpli.fi/pubmatic
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Apr 2019 14:59:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
freewheel
um.simpli.fi/
43 B
361 B
Image
General
Full URL
https://um.simpli.fi/freewheel
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Apr 2019 14:59:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
398696.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=B08932A9D579C05C1678EFA902E74508;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=B08932A9D579C05C1678EFA902E74508;mimetype=img;sr
  • https://idsync.rlcdn.com/398696.gif?partner_uid=7967568082182882738
0
34 B
Image
General
Full URL
https://idsync.rlcdn.com/398696.gif?partner_uid=7967568082182882738
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.0.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-0-208.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Wed, 24 Apr 2019 14:59:34 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Apr 2019 14:59:33 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-5.c.datonics-gcp-01.internal
location
https://idsync.rlcdn.com/398696.gif?partner_uid=7967568082182882738
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
pixel.gif
load77.exelator.com/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=B08932A9D579C05C1678EFA902E74508&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=B08932A9D579C05C1678EFA902E74508&j=0&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
272 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.18 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-10.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Apr 2019 14:59:34 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
x-cache
HIT
content-type
image/gif
status
200
x-edge-ip
185.59.220.10
x-age
945586
accept-ranges
bytes
content-length
43

Redirect headers

date
Wed, 24 Apr 2019 14:59:34 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
location
https://load77.exelator.com/pixel.gif
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
302
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
yahoo
um.simpli.fi/
43 B
361 B
Image
General
Full URL
https://um.simpli.fi/yahoo
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Apr 2019 14:59:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=B08932A9D579C05C1678EFA902E74508
37 B
444 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=141&uid=B08932A9D579C05C1678EFA902E74508
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.62.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-231-62-224.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

access-control-allow-origin
*
Connection
keep-alive
Content-Length
37
Content-Type
image/gif

Redirect headers

date
Wed, 24 Apr 2019 14:59:34 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
*
location
https://sync.bfmio.com/sync?pid=141&uid=B08932A9D579C05C1678EFA902E74508
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
status
302
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=B08932A9D579C05C1678EFA902E74508
62 B
329 B
Image
General
Full URL
https://stags.bluekai.com/site/29931?id=B08932A9D579C05C1678EFA902E74508
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.241.32 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-241-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Apr 2019 14:59:35 GMT
X-N
S
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
d273
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

date
Wed, 24 Apr 2019 14:59:34 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
*
location
https://stags.bluekai.com/site/29931?id=B08932A9D579C05C1678EFA902E74508
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
status
302
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
tpid=B08932A9D579C05C1678EFA902E74508
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B08932A9D579C05C1678EFA902E74508
49 B
335 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B08932A9D579C05C1678EFA902E74508
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.198.125 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-209-198-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:35 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.26.18.62
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

date
Wed, 24 Apr 2019 14:59:34 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
*
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B08932A9D579C05C1678EFA902E74508
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
status
302
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=B08932A9D579C05C1678EFA902E74508
  • https://ce.lijit.com/merge?pid=2&3pid=B08932A9D579C05C1678EFA902E74508&dnr=1
43 B
580 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=B08932A9D579C05C1678EFA902E74508&dnr=1
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ap3ams1
Content-Type
image/gif
Content-Length
43
X-Application-Context
application:prod:9080
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=B08932A9D579C05C1678EFA902E74508&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ap3ams1
Content-Length
0
X-Application-Context
application:prod:9080
Expires
Fri, 20 Mar 2009 00:00:00 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=B08932A9D579C05C1678EFA902E74508
0
34 B
Image
General
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=B08932A9D579C05C1678EFA902E74508
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.0.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-0-208.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Wed, 24 Apr 2019 14:59:35 GMT

Redirect headers

date
Wed, 24 Apr 2019 14:59:35 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
*
location
https://idsync.rlcdn.com/419566.gif?partner_uid=B08932A9D579C05C1678EFA902E74508
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
status
302
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
aa_px
um.simpli.fi/
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418
  • https://d.agkn.com/pixel/5502/?sk=164361403035000541636&pd=&l0=https://um.simpli.fi/aa_px?sk=164361403035000541636
  • https://um.simpli.fi/aa_px?sk=164361403035000541636
43 B
228 B
Image
General
Full URL
https://um.simpli.fi/aa_px?sk=164361403035000541636
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Apr 2019 14:59:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:35 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://um.simpli.fi/aa_px?sk=164361403035000541636
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1556117973704&cv=7&fst=1556117973704&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1634718256&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=f...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1634718256&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1634718256&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=...
42 B
376 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=1634718256&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=13nAXP7kFort3wPXpbTgBA&random=987796891&ipr=y
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Apr 2019 14:59:35 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Apr 2019 14:59:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=1634718256&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=13nAXP7kFort3wPXpbTgBA&random=987796891&ipr=y
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A9D579C05C1678EFA902E74508
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A9D579C05C1678EFA902E74508&__user_check__=1&sync_id=931090bb-66a1-11e9-bc9f-173c25ca2506
43 B
525 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A9D579C05C1678EFA902E74508&__user_check__=1&sync_id=931090bb-66a1-11e9-bc9f-173c25ca2506
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Apr 2019 14:59:35 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
42
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 24 Apr 2019 14:59:35 GMT
Server
nginx
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
/partner?adv_id=7797&uid=B08932A9D579C05C1678EFA902E74508&__user_check__=1&sync_id=931090bb-66a1-11e9-bc9f-173c25ca2506
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
124
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=B08932A9D579C05C1678EFA902E74508
43 B
838 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=66&code=B08932A9D579C05C1678EFA902E74508
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.206 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:37 GMT
AN-X-Request-Uuid
c4cd854c-7489-47eb-aa79-2c810ebdc803
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.34.41.50; 185.34.41.50; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.138:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2019 14:59:35 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
*
location
https://ib.adnxs.com/setuid?entity=66&code=B08932A9D579C05C1678EFA902E74508
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
status
302
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://um.simpli.fi/cw_match
  • https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B08932A9D579C05C1678EFA902E74508
49 B
589 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B08932A9D579C05C1678EFA902E74508
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
envoy /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Apr 2019 14:59:35 GMT
Via
1.1 varnish
Transfer-Encoding
chunked
X-Cache
MISS
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
x-envoy-upstream-service-time
0
Connection
keep-alive
X-Served-By
cache-fra19166-FRA
server
envoy
content-language
en
expires
-1
cache-control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-f4b6bdcf9-rdgzp
X-Cache-Hits
0

Redirect headers

date
Wed, 24 Apr 2019 14:59:35 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
*
location
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B08932A9D579C05C1678EFA902E74508
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
status
302
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B08932A9D579C05C1678EFA902E74508&expires=365
42 B
371 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B08932A9D579C05C1678EFA902E74508&expires=365
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2019 14:59:35 GMT
Server
Rubicon Project
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-RPHost
NLdOxl8o66jT5BPT7vz1iA
Expires
0

Redirect headers

date
Wed, 24 Apr 2019 14:59:35 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
*
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B08932A9D579C05C1678EFA902E74508&expires=365
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
status
302
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=B08932A9D579C05C1678EFA902E74508
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B08932A9D579C05C1678EFA902E74508
43 B
256 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B08932A9D579C05C1678EFA902E74508
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.132.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Apr 2019 14:59:35 GMT
server
OXGW/16.132.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status
302
date
Wed, 24 Apr 2019 14:59:35 GMT
server
OXGW/16.132.0
content-length
0
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B08932A9D579C05C1678EFA902E74508
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEEj4xQK5f5MNDN85zOz3-Dk&google_cver=1
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B08932A9D579C05C1678EFA902E74508
  • https://um.simpli.fi/g_match?id=
0
272 B
Image
General
Full URL
https://um.simpli.fi/g_match?id=
Requested by
Host: 1268851742.pub.ezanga.com
URL: http://1268851742.pub.ezanga.com/tags.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://1268851742.pub.ezanga.com/tags.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Wed, 24 Apr 2019 14:59:35 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

pragma
no-cache
date
Wed, 24 Apr 2019 14:59:35 GMT
server
HTTP server (unknown)
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _comscore function| udm_ object| ns_p object| COMSCORE object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| sifi_att_107690267909954 object| Anura

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' data: *.anura.io *.scorecardresearch.com *.bdex.com *.simpli.fi *.bkrtx.com *.chango.com; style-src 'self' 'unsafe-inline'; img-src 'self' *; object-src 'self'; media-src 'self'; frame-src 'self' *.bluekai.com; font-src 'self'; connect-src 'self' *.anura.io; report-uri /rvcsp.php?rvid=
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1268851742.pub.ezanga.com
aa.agkn.com
ads.anura.io
b.scorecardresearch.com
bcp.crwdcntrl.net
bh.contextweb.com
ce.lijit.com
cm.g.doubleclick.net
d.agkn.com
exchange.bdex.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
load77.exelator.com
loadm.exelator.com
pixel.rubiconproject.com
script.anura.io
stags.bluekai.com
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tags.bkrtx.com
tags.bluekai.com
um.simpli.fi
us-u.openx.net
www.google.com
www.google.de
www.googleadservices.com
104.111.241.32
104.96.128.212
147.75.102.200
151.101.0.166
159.253.128.183
169.50.137.176
172.217.22.66
173.241.240.143
185.33.223.206
185.59.220.18
185.94.180.126
2.16.186.80
213.19.162.90
216.58.207.34
2600:1901:0:8eee::
2606:4700::6811:704f
2606:4700::6811:ce4a
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2004
2a00:1450:4001:81f::2003
34.215.122.35
34.231.62.224
34.233.100.133
34.255.244.192
52.209.198.125
52.3.8.119
52.49.24.175
54.86.0.208
72.251.249.9
75.126.40.124
0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
74892ffe375c953a9a0e533b4036bce808b5575888cc41d8d64d27465a41a255
82bd3587057cf8a77c0a278c91c29279c1455daebbf5eba8c1358ba7b22c6389
a2d6f375489a4afaa66552a89c9ee6233f7e65bde3cb6765cab2d2c3e5e36fca
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bef9c8bdf36aeab6cc150aef1a5fdde584aa4efb15f0bcb8e90196df52071650
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629