iplogger.org Open in urlscan Pro
148.251.234.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.iplogger.org/
Effective URL:
https://iplogger.org/
Submission: On January 22 via api (January 22nd 2023, 12:27:52 am UTC) from US — Scanned from DE

Summary HTTP 360 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 101 IPs in 16 countries across 110 domains to perform 360 HTTP transactions. The main IP is 148.251.234.83, located in Germany and belongs to HETZNER-AS, DE. The main domain is iplogger.org. The Cisco Umbrella rank of the primary domain is 188596.
TLS certificate: Issued by R3 on January 8th 2023. Valid for: 3 months.

This is the only time iplogger.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 41	148.251.234.83 148.251.234.83	24940 (HETZNER-AS) (HETZNER-AS)
20	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	134.209.56.195 134.209.56.195	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
28	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	52.210.29.120 52.210.29.120	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 6	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.205.2.35 52.205.2.35	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
10 29	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
5	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 3	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5 5	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
10	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:20e... 2600:9000:20eb:1000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
3	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
2 5	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
5 5	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
8 8	3.68.131.77 3.68.131.77	16509 (AMAZON-02) (AMAZON-02)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1	35.176.33.61 35.176.33.61	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	23.67.134.223 23.67.134.223	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 5	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
2 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.189.29 13.224.189.29	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.30 13.225.78.30	16509 (AMAZON-02) (AMAZON-02)
2	3.9.112.14 3.9.112.14	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	13.224.189.79 13.224.189.79	16509 (AMAZON-02) (AMAZON-02)
4	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.154.84.112 54.154.84.112	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
1 3	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:21f... 2600:9000:21f3:4200:1f:4c18:bd40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
5 5	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1 1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1 1	3.88.253.42 3.88.253.42	14618 (AMAZON-AES) (AMAZON-AES)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
13	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	67.220.226.238 67.220.226.238	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	23.23.131.203 23.23.131.203	14618 (AMAZON-AES) (AMAZON-AES)
5 6	52.51.57.10 52.51.57.10	16509 (AMAZON-02) (AMAZON-02)
1 3	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	5.161.47.120 5.161.47.120	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1 1	141.95.171.142 141.95.171.142	16276 (OVH) (OVH)
2 2	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	72.251.245.181 72.251.245.181	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
1	52.18.161.122 52.18.161.122	16509 (AMAZON-02) (AMAZON-02)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.87 185.64.190.87	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	3.120.51.163 3.120.51.163	16509 (AMAZON-02) (AMAZON-02)
1 3	2a05:d018:d29... 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1 18	34.247.233.198 34.247.233.198	16509 (AMAZON-02) (AMAZON-02)
1 1	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
2 2	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	3.208.37.196 3.208.37.196	14618 (AMAZON-AES) (AMAZON-AES)
1	132.226.41.106 132.226.41.106	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	8.18.47.7 8.18.47.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	18.203.20.80 18.203.20.80	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2 2	18.156.32.70 18.156.32.70	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.43 124.146.215.43	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	141.95.97.231 141.95.97.231	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6810:77c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.193.173 35.186.193.173	() ()
1	2606:4700:10:... 2606:4700:10::6816:1857	() ()
360	101

41 148.251.234.83 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: iplogger.com

www.iplogger.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iplogger.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.iplogger.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 134.209.56.195 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ca-14.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.21 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.210.29.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.2.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-2-35.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:807::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.181.226 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.130.49 (United States) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:1000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.56.137 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.68.131.77 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-131-77.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.33.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.134.223 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-134-223.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.41 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-29.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-30.fra2.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.112.14 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-112-14.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-79.fra2.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.84.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-84-112.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.122 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.35.65 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:4200:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.44 (United Kingdom) 5 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.88.253.42 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-253-42.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.238 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.23.131.203 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-131-203.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.51.57.10 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-57-10.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.131 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.223.115 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.142 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.215 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.170.64 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.161.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-122.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.51.163 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-51-163.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.84 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.201.58 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.247.233.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.39.188 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.127 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.14 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.191 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.37.196 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-37-196.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.20.80 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-20-80.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.32.70 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.43 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.97.231 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-eu-002.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:77c3 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (None, )

ASN- ()

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (None, )

ASN- ()

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	250 KB
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 156	446 KB
41	iplogger.org 2 redirects www.iplogger.org iplogger.org — Cisco Umbrella Rank: 188596 cdn.iplogger.org	308 KB
36	yahoo.com 6 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 821 ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417	5 KB
31	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 444 image6.pubmatic.com — Cisco Umbrella Rank: 702 ads.pubmatic.com — Cisco Umbrella Rank: 463 simage2.pubmatic.com — Cisco Umbrella Rank: 654 image2.pubmatic.com — Cisco Umbrella Rank: 862 aud.pubmatic.com — Cisco Umbrella Rank: 4371 image4.pubmatic.com — Cisco Umbrella Rank: 898 simage4.pubmatic.com	46 KB
19	gumgum.com 1 redirects g2.gumgum.com — Cisco Umbrella Rank: 1318 usersync.gumgum.com — Cisco Umbrella Rank: 1725	6 KB
12	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1645 public.servenobid.com — Cisco Umbrella Rank: 3061	8 KB
12	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 207 acdn.adnxs.com — Cisco Umbrella Rank: 550 secure.adnxs.com — Cisco Umbrella Rank: 413	29 KB
11	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434	8 KB
10	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 301	3 KB
9	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 306 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 840 eus.rubiconproject.com — Cisco Umbrella Rank: 532 token.rubiconproject.com — Cisco Umbrella Rank: 551	23 KB
8	bidswitch.net 8 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	3 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 34179 hal90007.redintelligence.net — Cisco Umbrella Rank: 246141	240 KB
8	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 15402	179 KB
7	mathtag.com 3 redirects tags.mathtag.com — Cisco Umbrella Rank: 4501 pixel.mathtag.com — Cisco Umbrella Rank: 972 sync.mathtag.com — Cisco Umbrella Rank: 453	5 KB
6	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 480	3 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 691	1 KB
6	gstatic.com fonts.gstatic.com	82 KB
5	1rx.io 5 redirects sync.1rx.io — Cisco Umbrella Rank: 521	3 KB
5	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 780 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 565	2 KB
5	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 590	3 KB
5	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 728 s.tribalfusion.com — Cisco Umbrella Rank: 1773	3 KB
5	everesttech.net 5 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 554	1 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	109 KB
5	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 698 gum.criteo.com — Cisco Umbrella Rank: 385 mug.criteo.com — Cisco Umbrella Rank: 2848 dis.criteo.com — Cisco Umbrella Rank: 703	8 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 960 s.amazon-adsystem.com — Cisco Umbrella Rank: 279	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	170 KB
3	outbrain.com 2 redirects sync.outbrain.com — Cisco Umbrella Rank: 712	1 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 13724 pixel.onaudience.com — Cisco Umbrella Rank: 2968	2 KB
3	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 850 ap.lijit.com — Cisco Umbrella Rank: 595	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18712 api.webgains.io — Cisco Umbrella Rank: 49878	31 KB
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 788	2 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 47464 medialead.de — Cisco Umbrella Rank: 47044	1 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	369 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1862 mp.4dex.io — Cisco Umbrella Rank: 1893	25 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 810 api.btloader.com — Cisco Umbrella Rank: 922	8 KB
3	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 15920	2 KB
2	glotgrx.com pre.glotgrx.com — Cisco Umbrella Rank: 7457	317 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 533	701 B
2	emxdgt.com 2 redirects cs.emxdgt.com — Cisco Umbrella Rank: 1048	552 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 648	622 B
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 420	677 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 515	1 KB
2	yabidos.com pixel.yabidos.com — Cisco Umbrella Rank: 7459	25 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3807	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3812	1 KB
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 26833	2 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 826	467 B
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 525	939 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 650	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4845	562 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 637	58 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 102502	6 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 333	958 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1223	456 B
2	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 679	674 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11998	907 B
2	mantisadnetwork.com mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 16540	827 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1038 contextual.media.net — Cisco Umbrella Rank: 543	8 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 921	1 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9550	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	zeotap.com mwzeom.zeotap.com	382 B
1	ctnsnet.com ipac.ctnsnet.com	369 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 2348	340 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 931	660 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 935	700 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 393	1 KB
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1128	619 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 835	44 B
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1224	293 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 909	465 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 516	767 B
1	nrich.ai 1 redirects dsp.nrich.ai — Cisco Umbrella Rank: 2806	535 B
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3576	467 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 721	518 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2052	555 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 611	191 B
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2837	104 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 747	265 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1327	283 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 16381	367 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 5849
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 5405	279 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442	524 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 636	588 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1375	109 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1291	472 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 838	191 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 803	498 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 726	735 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 2867	484 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 47056	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	40 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15193	703 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 97044	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 40045	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 160348	409 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 131376	931 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46272	606 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1808	174 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8470	792 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3465	722 B
1	servedby-buysellads.com m.servedby-buysellads.com — Cisco Umbrella Rank: 24856	15 KB
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	audrte.com Failed a.audrte.com Failed
0	semasio.net Failed uipglob.semasio.net Failed
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
360	110

	Domain	Requested by
37	cdn.iplogger.org	iplogger.org cdn.iplogger.org
29	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com g2.gumgum.com
28	c2shb.pubgw.yahoo.com	cdn4.buysellads.net
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com iplogger.org 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.ampproject.org
20	pagead2.googlesyndication.com	iplogger.org pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
18	usersync.gumgum.com	1 redirects g2.gumgum.com
13	simage2.pubmatic.com	ads.pubmatic.com
11	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com ssbsync.smartadserver.com ads.pubmatic.com
10	match.adsrvr.org	2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com public.servenobid.com ads.pubmatic.com mantodea.mantisadnetwork.com ssum-sec.casalemedia.com g2.gumgum.com ssbsync.smartadserver.com
8	x.bidswitch.net	8 redirects
8	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
8	ib.adnxs.com	4 redirects cdn4.buysellads.net googleads.g.doubleclick.net acdn.adnxs.com
8	cdn4.buysellads.net	iplogger.org
6	match.prod.bidr.io	5 redirects ssum-sec.casalemedia.com
6	image2.pubmatic.com	ads.pubmatic.com
6	onetag-sys.com	2 redirects cdn4.buysellads.net 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com public.servenobid.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net iplogger.org
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
5	sync.1rx.io	5 redirects
5	c1.adform.net	4 redirects ads.pubmatic.com
5	ups.analytics.yahoo.com	5 redirects
5	sync-tm.everesttech.net	5 redirects
5	hal9000.redintelligence.net	iplogger.org hal90007.redintelligence.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	2 redirects tpc.googlesyndication.com iplogger.org 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
4	eus.rubiconproject.com	public.servenobid.com eus.rubiconproject.com g2.gumgum.com
4	ads.pubmatic.com	cdn4.buysellads.net public.servenobid.com ads.pubmatic.com g2.gumgum.com
4	image6.pubmatic.com	2 redirects ads.pubmatic.com
4	2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	cdn4.buysellads.net 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
3	sync.outbrain.com	2 redirects g2.gumgum.com
3	secure.adnxs.com	3 redirects
3	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com ssum-sec.casalemedia.com
3	rtb-csync.smartadserver.com	1 redirects ssbsync.smartadserver.com
3	ssum-sec.casalemedia.com	1 redirects public.servenobid.com ssum-sec.casalemedia.com
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	a.tribalfusion.com	2 redirects ads.pubmatic.com
3	hal90007.redintelligence.net	hal9000.redintelligence.net hal90007.redintelligence.net
3	sync.mathtag.com	3 redirects
3	s0.2mdn.net	2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
3	tags.mathtag.com	2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com tags.mathtag.com
3	ad.doubleclick.net	1 redirects iplogger.org
3	srv.buysellads.com	m.servedby-buysellads.com cdn4.buysellads.net
2	token.rubiconproject.com	eus.rubiconproject.com
2	pre.glotgrx.com
2	creativecdn.com	2 redirects
2	cs.emxdgt.com	2 redirects
2	ad.360yield.com	2 redirects
2	us-u.openx.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	pixel.yabidos.com	mantodea.mantisadnetwork.com pixel.yabidos.com
2	ads.creative-serving.com	2 redirects
2	visitor.fiftyt.com	2 redirects
2	loada.exelator.com	2 redirects
2	pixel-eu.onaudience.com	2 redirects
2	csync.loopme.me	2 redirects
2	bh.contextweb.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	ce.lijit.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	api.webgains.io	analytics.webgains.io
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	eb2.3lift.com	2 redirects
2	s.tribalfusion.com	2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
2	sync.teads.tv	1 redirects
2	s.ad.smaato.net	1 redirects ssbsync.smartadserver.com
2	ads.travelaudience.com	2 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	mantodea.mantisadnetwork.com	cdn4.buysellads.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	api.btloader.com	btloader.com
2	ad-delivery.net	iplogger.org
2	counter.yadro.ru	1 redirects iplogger.org
2	www.google-analytics.com	iplogger.org www.google-analytics.com
2	fonts.googleapis.com	iplogger.org hal90007.redintelligence.net
2	iplogger.org	iplogger.org
2	www.iplogger.org	2 redirects
1	mwzeom.zeotap.com
1	ipac.ctnsnet.com	ads.pubmatic.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	ws.rqtrk.eu	1 redirects
1	cs.admanmedia.com	1 redirects
1	tg.socdm.com	1 redirects
1	id5-sync.com	g2.gumgum.com
1	sync.inmobi.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	stags.bluekai.com	1 redirects
1	dsp.nrich.ai	1 redirects
1	ads.playground.xyz	1 redirects
1	ad.turn.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	green.erne.co	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	1 redirects
1	sync.adkernel.com	public.servenobid.com
1	ssp.disqus.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	p.rfihub.com	1 redirects
1	ap.lijit.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	contextual.media.net	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	acdn.adnxs.com	cdn4.buysellads.net
1	mug.criteo.com
1	cdn.track.production.webgains.team	2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	www.googletagmanager.com	adv.office-partner.de
1	pixel.rubiconproject.com	1 redirects
1	www.awin1.com	2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
1	ad-server.eu	2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	track.webgains.com	iplogger.org
1	futalis.de	hal90007.redintelligence.net
1	adv.office-partner.de	hal90007.redintelligence.net
1	pb.media01.eu	hal90007.redintelligence.net
1	tr.blismedia.com	2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
1	pixel.mathtag.com	tags.mathtag.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	mp.4dex.io	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	btloader.com	cdn4.buysellads.net
1	m.servedby-buysellads.com	iplogger.org
0	cr.frontend.weborama.fr Failed
0	a.audrte.com Failed
0	uipglob.semasio.net Failed
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
360	153

This site contains links to these domains. Also see Links.

Domain
srv.buysellads.com
wl.gl
help.iplogger.org
www.facebook.com
twitter.com
t.me
www.reddit.com
play.google.com

Subject Issuer	Validity	Valid
iplogger.org R3	`2023-01-08` - `2023-04-08`	3 months	crt.sh
cdn.iplogger.org R3	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
m.servedby-buysellads.com R3	`2023-01-21` - `2023-04-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
cdn4.buysellads.net R3	`2022-11-23` - `2023-02-21`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-06-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-05` - `2023-08-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-12-18` - `2023-03-18`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
ads.servenobid.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.mantisadnetwork.com Amazon	`2022-09-13` - `2023-10-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
redintelligence.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.futalis.de R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.servenobid.com Amazon	`2023-01-07` - `2024-02-05`	a year	crt.sh
gumgum.com Amazon	`2022-09-06` - `2023-10-05`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.minutemedia-prebid.com Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.iprom.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
truffle.bid R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-12-28` - `2024-01-26`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon	`2023-01-16` - `2024-02-15`	a year	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
*.ctnsnet.com DigiCert SHA2 Secure Server CA	`2022-09-27` - `2023-03-08`	5 months	crt.sh

This page contains 67 frames:

Primary Page: https://iplogger.org/
Frame ID: 53704B8426DB081E1D37B547C54235A6
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html
Frame ID: C8F23E558FCD7E821C67D647174E6AB5
Requests: 1 HTTP requests in this frame

Frame: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BFC21FCD6E77EA1DB92F3BFEA6A04084
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 467CE8791A811142A7C0BEA474CB6E25
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3A4504A7DD0803A8B94DEDA6481F50A
Requests: 2 HTTP requests in this frame

Frame: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AFEC1EE5C688E02FD850E01D4B237E8A
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022301041800000/amp4ads-v0.mjs
Frame ID: 3DA2FFB29BA51A2306FFB531ED7A0E95
Requests: 15 HTTP requests in this frame

Frame: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E519F46E24FD01E0FE445975015E250
Requests: 19 HTTP requests in this frame

Frame: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AF7E8D9D4CF02A7452FFD87BB6A35BDD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNW_GdJkpmQb9GKpjbzPfJj4rJ8hJTenk3EWOhb1eTAp0qEtcV4YunYvHbZoU95RxHMlctF-ziBqf-f--_N3n9hzw0EGwHeFEBuqZbmuGRu4JiNo4xsdL5p68YBJDLxYyOIx8YplhlPVYkfauw0g678ZFxBbi1uHNwWKp5R8XWww1S2hbBk
Frame ID: 200AF883A11B79A3DCDE99CAE1DBBC72
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2769809151A0CE17B731E91260B7EB6A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0C52D8F695F1418C2B46E183BD62DE65
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64BEADC2185E6B8CFDD3BC3EE5DD3E79
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 371E9BA86AE40C8B4E19B8E0C0116669
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52342200008717900951403012212007&actionid=981741&produktid=&dt_url=
Frame ID: 54AA7527A77BC0091ADDBF13B7CDBF7A
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8D09112960DC2D36906E84BD0A41CCF1
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2114838770
Frame ID: 74CD1E26469E510FD51B560D13F28623
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=52342200008717900951403012212007&a=e58f3b65
Frame ID: 1F7E221E8712A043834F7CBA792597EB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4E74F4E40AB4F42E1DC6612DACEAC1BF
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=iplogger.org
Frame ID: 503D69B6BF6C3F089A9627018D5D8885
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D721D117EFAAA70F2E4FFFE0627B2881
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: A4F650D754DBB7D9E6E13FE2031CE1CD
Requests: 11 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1674347266589&secure=true&version=9&title=IP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses&url=https%3A%2F%2Fiplogger.org%2F
Frame ID: E2D4B69F25899A996176C5A7F12A0715
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1674347266310
Frame ID: 6C2D8271B477925B166E2D1098918153
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: 750A2C7C03884DF27C3BD5C282536263
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: A59ED89F6DC4E13A4D04153ED9416B8E
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: BDE3F683D2B3610B00DDF4B3469CBCDD
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 235E25D14687167412D2C4D393095B56
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 987477E7C5D3CA427D81DAC7047107DA
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 256C3DDEECC13BEDC148564530EB1F37
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: EBB5BBEDF23A9C26CC36181FD21E5734
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: B7BE15001F1F14868EFA0C0C7E82926B
Requests: 6 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: E1D7C8C30AB89089936643FB91868B8E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&gdpr=0&gdpr_consent=
Frame ID: 16B01C79E14BB872A5CBD7501EF5E8F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=
Frame ID: 556799E288874350F3FC1BB00ABAD84D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2624905517755670101
Frame ID: C5C9A6C8775C8614540C7727A64F51FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1EE61FD1D6BBAF1EDA29101F0E2ECE25
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5607D7F2-1E55-47AE-8A59-E826E7F6F277&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 26CF32871F8CA3F727D638E677F6101A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A-GV2Q3hxo8YsMXcAOLb3FTgx4oY5cOJA-D5llCB
Frame ID: AB457CB2663E3E29CBB5676A0F7AA272
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8053552683138483034&gdpr=0&gdpr_consent=
Frame ID: A6E101C98E4CC131D37C80C9D1DA8DE1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7191266762519148699&gdpr=0&gdpr_consent=
Frame ID: 6B25B270D50236E13F2CDC0016AC5C5C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWMbvp5oT_ZRm-DPq5fMDrKi0YM
Frame ID: 1054A221F04215558A00B40A48882805
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=
Frame ID: 2D1609630686556625C4A5720445AE98
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGpCk7HmQYAAB-sChmoIQ&gdpr=0&gdpr_consent=
Frame ID: 05C4A6BB7E18C849958B6BFBFFBF2A96
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8955436945
Frame ID: 0F94B0E6FB36B525A05A34D8124FA54B
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 8991B5D2FEB2146371FFE2DD046F9A5B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 71D93D14E32274134331492B3728AE83
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 67F5AA148AD482BEBFDC7A66B767D4CD
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 922AB1F10AF9717A144C37018C4ACF24
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTSbUQTXVQaXnjnY
Frame ID: 3AACBFDF0CBE0F3F0B886C1C1CC3C5EE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B7728119EE9C2A36209AA4A0470F4089
Requests: 1 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 1779F9B6EA3FA93227AAC46C99AB8896
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F4B493BB14995D92B0D559BE785236C5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 3FE074127F12732C8D99AF6AFD509551
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=
Frame ID: A323618A44E34F4BC73407BD5CAFFE33
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=
Frame ID: E87AED5F1564D5C5B088F775828B58DB
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NjgwNTJjMS0yMjdjLTRjNzktYTI0Zi03MjgyMDk1NTVjMTQ=&gdpr=0&gdpr_consent=
Frame ID: 8C85DCABCA24AED38B29D61DB14E0514
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=8053552683138483034brt50781674347269874879f1
Frame ID: 129C973D0CD3B12A5AC7B0B5071ED410
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y8yDBsCo8X8AAC1OEvQAAAAA
Frame ID: 7C4EAF72C19943756CF73722A4FD7277
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=846c9b2f-6575-4a88-8b20-4f5bd60cddb8
Frame ID: 73A0B6795DD543A57D4868B7E6435A80
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y8yDA4cEkej7q1cKSkb7aAAA%262155
Frame ID: CE2BEE05E09A867A8A8402A851F0ACBE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=MVuPCXWSbF1EeGM1smqp&pi=gumgum&tc=1
Frame ID: 2FE1C9F379480B3C8F653BBA9FAB50B8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: AFF25194A19A0FE9087FF13BA109A661
Requests: 3 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: BA02D7208EF6F462644E0361C2F016DC
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7E0D4E2F5BCAB56A266E739921F88306
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3DB24F7857A440528675C0D52567F986&gdpr=0&gdpr_consent=
Frame ID: 94DEA93F8A91AB228E62E98ACA28E4EE
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=5607D7F2-1E55-47AE-8A59-E826E7F6F277
Frame ID: 2C08CF0724D155ABC45C116B73AFD975
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IP Logger URL Shortener - Log and Track IP addresses

Page URL History Show full URLs

http://www.iplogger.org/ HTTP 301
https://www.iplogger.org/ HTTP 302
https://iplogger.org/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

BuySellAds (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

servedby-buysellads\.com/monetization(?:\.[\w\d]+)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

360
Requests

81 %
HTTPS

24 %
IPv6

110
Domains

153
Subdomains

101
IPs

16
Countries

2540 kB
Transfer

5535 kB
Size

133
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://srv.buysellads.com/ads/click/x/GTND42JUCE7I553NFTB4YKQNCABD62QUCKSI5Z3JCYSIC277CVSI55QKC67DE27LCTAD4K3WCWBIV5QLFTBI6237HEYIK27WCKBDP2JECTNCYBZ52K?segment=placement:iploggerorg;
Title: Start free trial nowWith online stores, video and scheduling tools, whatever your idea, you can sell anything with Squarespace.Sponsored by Squarespace

Search URL Search Domain Scan URL

URL: https://wl.gl/tg

Search URL Search Domain Scan URL

URL: https://wl.gl/app

Search URL Search Domain Scan URL

URL: https://help.iplogger.org/knowledgebase.php?category=2
Title: Need help?

Search URL Search Domain Scan URL

URL: https://help.iplogger.org/knowledgebase.php?article=2
Title: How to use IP Logger?

Search URL Search Domain Scan URL

URL: https://help.iplogger.org/knowledgebase.php?article=6
Title: What is an IP tracker?

Search URL Search Domain Scan URL

URL: https://help.iplogger.org/knowledgebase.php?article=3
Title: What data is included in analytics?

Search URL Search Domain Scan URL

URL: https://help.iplogger.org/knowledgebase.php?article=7
Title: What is invisible pixel?

Search URL Search Domain Scan URL

URL: https://help.iplogger.org/knowledgebase.php?article=4
Title: What is URL Checker?

Search URL Search Domain Scan URL

URL: https://help.iplogger.org/knowledgebase.php?article=5
Title: What is a geo-logger?

Search URL Search Domain Scan URL

URL: https://www.facebook.com/iploggerteam

Search URL Search Domain Scan URL

URL: https://twitter.com/iplogger_team

Search URL Search Domain Scan URL

URL: https://t.me/iplogger_team

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/IPLogger_Team/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.iplogger.android.free&utm_source=site&utm_campaign=promo&pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1

Search URL Search Domain Scan URL

URL: https://help.iplogger.org/?a=add&category=2
Title: Report abuse

Search URL Search Domain Scan URL

URL: https://help.iplogger.org/?a=add
Title: Сontact us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.iplogger.org/ HTTP 301
https://www.iplogger.org/ HTTP 302
https://iplogger.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttps%3A//iplogger.org/;hIP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses;0.9965636549977137 HTTP 302
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//iplogger.org/;hIP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses;0.9965636549977137

Request Chain 70

https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.354632606;dc_trk_aid=545821830;dc_trk_cid=183807839;ord=1674347265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.354632606;dc_pre=CLbKmND12fwCFajGuwgdbOoMKw;dc_trk_aid=545821830;dc_trk_cid=183807839;ord=1674347265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1&C=1

Request Chain 157

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8yDA4cEkej7q1cKSkb7aAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECG3VE7C_WsGaPKcBXQQIVo&google_cver=1

Request Chain 159

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1MzU1MjY4MzEzODQ4MzAzNA%3D%3D

Request Chain 171

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 180

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMNUiIfpNsfxn0x1SF-KbCY&google_cver=1&google_push=AavPq0P78BNSsvY4iI79P0WetLpFvorwRJq3eACLpKLLsjIsAbpBIIXTQpIh9dbMRHVMdsGoHrf0BNOr_CSPhh991qSGQjycsiM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=5eZjzIMDQwG14P6_lSgLGA&google_push=AavPq0P78BNSsvY4iI79P0WetLpFvorwRJq3eACLpKLLsjIsAbpBIIXTQpIh9dbMRHVMdsGoHrf0BNOr_CSPhh991qSGQjycsiM

Request Chain 181

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_cver=1&google_push=AavPq0Pf6TA6FpIDllQp4TgXCkBH8_Cqh8pKYo2EL2Tgglc-dWswBKpkWV0APqEjvG6XnT5cmchE84mRftMO-UGDDmba2yp6hfE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_push=AavPq0Pf6TA6FpIDllQp4TgXCkBH8_Cqh8pKYo2EL2Tgglc-dWswBKpkWV0APqEjvG6XnT5cmchE84mRftMO-UGDDmba2yp6hfE

Request Chain 183

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGY09DGY83MPCGabjTcEwcM&google_cver=1&google_push=AavPq0PH-2KMzFeizXnlmrhqDYMr4bpUnt-Vd562LuwslLym20wNGjD7R5y1DSjoRSH1nCOzpTHFBtPQm4ecmh36PLNVXu5_32g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oxQTURXFSWCWH9ccuCHc1A2&google_push=AavPq0PH-2KMzFeizXnlmrhqDYMr4bpUnt-Vd562LuwslLym20wNGjD7R5y1DSjoRSH1nCOzpTHFBtPQm4ecmh36PLNVXu5_32g

Request Chain 184

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENfAAw7iZJE5SEEeKEYjwEg&google_cver=1&google_push=AavPq0NA5wtHt44Tj4FZg7APIoQ1uQ220QvDhN8zrcgE7oh4IouycfY9pbJWtsyWrRhxrVqC-qAlgxlyUddaSbot34ciLbnRtg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NA5wtHt44Tj4FZg7APIoQ1uQ220QvDhN8zrcgE7oh4IouycfY9pbJWtsyWrRhxrVqC-qAlgxlyUddaSbot34ciLbnRtg

Request Chain 185

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEElHcIQdUCNLfdXUvxHHc_c&google_cver=1&google_push=AavPq0PIjRV55SLioQ1eXQBL0TZAXwNJMs6Kr7dP7wlj3vZgiEfe6TldfW71p4q4iFDV9mNCtxsHa-fXjCWfKznJqxByLOadM70 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PIjRV55SLioQ1eXQBL0TZAXwNJMs6Kr7dP7wlj3vZgiEfe6TldfW71p4q4iFDV9mNCtxsHa-fXjCWfKznJqxByLOadM70

Request Chain 186

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOdB-M-nTp1mFTDLwJrHPsg&google_cver=1&google_push=AavPq0Ple_4RUwycdl2Qx7ct1tkXpxAym0irRGFaLV-IZtDIWw7_VsSyYX49rgmS9hj_V9C1St2PNj58wOFmkinSCcKKxJ4pHhuv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0Ple_4RUwycdl2Qx7ct1tkXpxAym0irRGFaLV-IZtDIWw7_VsSyYX49rgmS9hj_V9C1St2PNj58wOFmkinSCcKKxJ4pHhuv HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 188

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 194

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-uUA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-uUA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-uUA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-uUA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 197

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGY09DGY83MPCGabjTcEwcM&google_cver=1&google_push=AavPq0NjaIPxIRS-h3ksBY_YyHobyRplP-4IjMJXb71w7fq10Kc7NSjbVLH3SJ8JVLTiElF-kbRr4prn4p_paJ1kEg-kfbTrEm2I5w HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oxQTURXFSWCWH9ccuCHc1A2&google_push=AavPq0NjaIPxIRS-h3ksBY_YyHobyRplP-4IjMJXb71w7fq10Kc7NSjbVLH3SJ8JVLTiElF-kbRr4prn4p_paJ1kEg-kfbTrEm2I5w

Request Chain 198

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEK0L1CpsOimEV4utYXelZfg&google_cver=1&google_push=AavPq0N2KbsqYhOPt-pVTPlUmEsGVuyrQADg2HxCDmDP4dZcSS9tmWd43UQHN4WDU4PWXhrfvxsd8SbyUl9eq5hJhTEOzcivhKnY_g HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0N2KbsqYhOPt-pVTPlUmEsGVuyrQADg2HxCDmDP4dZcSS9tmWd43UQHN4WDU4PWXhrfvxsd8SbyUl9eq5hJhTEOzcivhKnY_g&google_gid=CAESEK0L1CpsOimEV4utYXelZfg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgzNzE2NTU3NDAzODI0NTkyMDY3NA%3D%3D&google_push=AavPq0N2KbsqYhOPt-pVTPlUmEsGVuyrQADg2HxCDmDP4dZcSS9tmWd43UQHN4WDU4PWXhrfvxsd8SbyUl9eq5hJhTEOzcivhKnY_g

Request Chain 199

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBv31IcNDNaXIfjv1SrESys&google_cver=1&google_push=AavPq0OssPnHpVX21zmRxd5l2LxEHwPn4-E3CnyVsuyGHAT4RWguBVsG6T92PS_yAFoXjO9bpBoVt2zGOoUGkFQN0JrVBomhgNK2OlI HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBv31IcNDNaXIfjv1SrESys&google_cver=1&google_push=AavPq0OssPnHpVX21zmRxd5l2LxEHwPn4-E3CnyVsuyGHAT4RWguBVsG6T92PS_yAFoXjO9bpBoVt2zGOoUGkFQN0JrVBomhgNK2OlI&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WMzVLZWtORTJ1SFRqNkttX1oyRGFRZHg2aU5fYXZNU35B&google_push=AavPq0OssPnHpVX21zmRxd5l2LxEHwPn4-E3CnyVsuyGHAT4RWguBVsG6T92PS_yAFoXjO9bpBoVt2zGOoUGkFQN0JrVBomhgNK2OlI

Request Chain 200

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFO-hMAK7gCBhzOBSFJNAKA&google_cver=1&google_push=AavPq0O05u63mGHLdryIyo-40hodRiviN-B_4oaSQx7nR5-oWF9i1vyYtHNArpXR2QxQDJwUyAoq0kXBXJfF-TpOshMU5TkphstS67Q HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFO-hMAK7gCBhzOBSFJNAKA&google_cver=1&google_push=AavPq0O05u63mGHLdryIyo-40hodRiviN-B_4oaSQx7nR5-oWF9i1vyYtHNArpXR2QxQDJwUyAoq0kXBXJfF-TpOshMU5TkphstS67Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ff081c61-2dcd-423c-94dd-afd2058741d0&%%GOOGLE_PUSH_PAIR%%

Request Chain 204

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=52342200008717900951403012212007&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52342200008717900951403012212007&actionid=981741&produktid=&dt_url=

Request Chain 206

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=52342200008717900951403012212007&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2114838770

Request Chain 209

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=52342200008717900951403012212007 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=52342200008717900951403012212007 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 218

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 219

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_cver=1&google_push=AavPq0MTJNOGP8QbwohLDgxpMn-qoCdYelVUu1cvEmtOCfnOEXn2jZTi62_soa0fjnaigzd_78wlTgA3qD8fpJ4_pUTaLnC_wwM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTh5REF3QUFBYVU2Q2dBRg==&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_cver=1&google_push=AavPq0MTJNOGP8QbwohLDgxpMn-qoCdYelVUu1cvEmtOCfnOEXn2jZTi62_soa0fjnaigzd_78wlTgA3qD8fpJ4_pUTaLnC_wwM

Request Chain 220

https://um.simpli.fi/gp_match?google_gid=CAESEI0UsxtlRxNrmmPX12-U8Ko&google_cver=1&google_push=AavPq0OFRjoZmowm3TUF3TthwLaJw8OHnoc5RPWlLkjDO3kA4imyguIwpy6aXBTspcpmTWezv-5Nv7yOQpJNWiPnJii-z1JJnJ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3DB24F7857A440528675C0D52567F986&google_push=AavPq0OFRjoZmowm3TUF3TthwLaJw8OHnoc5RPWlLkjDO3kA4imyguIwpy6aXBTspcpmTWezv-5Nv7yOQpJNWiPnJii-z1JJnJ8

Request Chain 221

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENPfBEOIP_s5LmLXMTpwSGU&google_cver=1&google_push=AavPq0O4_CmnP8miAwEWfpdooNT9rVmMrBl0iMbpl9IJ3t9xqaB0LkTlc5vT151NiJ7FvFaJcZtfIgIp994bwnMz-xVAhN4k1TE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENPfBEOIP_s5LmLXMTpwSGU&google_cver=1&google_push=AavPq0O4_CmnP8miAwEWfpdooNT9rVmMrBl0iMbpl9IJ3t9xqaB0LkTlc5vT151NiJ7FvFaJcZtfIgIp994bwnMz-xVAhN4k1TE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI0OTg2Mjg5MDk2ODE0ODg4NA&google_push=AavPq0O4_CmnP8miAwEWfpdooNT9rVmMrBl0iMbpl9IJ3t9xqaB0LkTlc5vT151NiJ7FvFaJcZtfIgIp994bwnMz-xVAhN4k1TE

Request Chain 222

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG8weCeqIXCnJhV7PEpJ1ww&google_cver=1&google_push=AavPq0M2YO68FuKlK8_GzRDgpNKa1BezRaN8Z2QHPZnMvaguB01bGN7DEA1gsB1q4YRwvo2yTsD6guCNdyajw8fR7zcxtut3bVc HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG8weCeqIXCnJhV7PEpJ1ww&google_cver=1&google_push=AavPq0M2YO68FuKlK8_GzRDgpNKa1BezRaN8Z2QHPZnMvaguB01bGN7DEA1gsB1q4YRwvo2yTsD6guCNdyajw8fR7zcxtut3bVc&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VgfX8h5VR66KWegm5_bydw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0M2YO68FuKlK8_GzRDgpNKa1BezRaN8Z2QHPZnMvaguB01bGN7DEA1gsB1q4YRwvo2yTsD6guCNdyajw8fR7zcxtut3bVc

Request Chain 223

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMPQ7Jk3Fw-9ovjKMzTrcgY&google_cver=1&google_push=AavPq0NxGhY9MUZ7sKPGJSuNqevDxrBpiJpRUod4xRRz_tClsLVhxl83cG7zb5hQmfN76Q1kqRGP7nZ6fqxn9RBuJANlrDf2gI8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ2TjRTMVgtUy1LVEk0&google_push=AavPq0NxGhY9MUZ7sKPGJSuNqevDxrBpiJpRUod4xRRz_tClsLVhxl83cG7zb5hQmfN76Q1kqRGP7nZ6fqxn9RBuJANlrDf2gI8

Request Chain 224

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEElHcIQdUCNLfdXUvxHHc_c&google_cver=1&google_push=AavPq0Mwh00Tj9yKKAti0Yu-TTlVdtST8TVhdZ4hX7oceva4or2VMFPZHePHY1DC6-P-USk_ANdjUGRBlqIU1AkNNvIIsqS7oCud HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Mwh00Tj9yKKAti0Yu-TTlVdtST8TVhdZ4hX7oceva4or2VMFPZHePHY1DC6-P-USk_ANdjUGRBlqIU1AkNNvIIsqS7oCud HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 241

https://gum.criteo.com/sid/json?origin=publishertag&domain=iplogger.org&sn=ChromeSyncframe&so=0&topUrl=iplogger.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=I8WfQnx5TEFzZzRIcFpsK2hzcGwxK2RtQXliYzRkVGxqSFpwc2VZenhFRW1BeCtGb3hYWTJZNmoyUHkzdk43TnZyb3cvRUJETWwwOXlvZ0FzTlBxUytXWTZNYVB0dVo3UDNORWxjcnZ2djVNd3dkOVN2b1FVWkN6Y25uWGJiZlJmcnBDTjh0L1ExelZzMWxSRmQxTzZkV0NYejdrdmt0U0ZNVmhWdUErVS82ajR0QitlcXlQemc3WFoyL1R3Z3J0alJaeUNJelJuaDNJZFZIK0h0QjBXRUhKbHBoV0lnWGEyVDVQUUNIOWtTbmNSMTN0enEzWGlqMVlZanFUeElXNW9mV0p0dGxmVkR4Vi9VUW41cUVDY0lGeXdVdz09fA&cppv=2

Request Chain 254

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 257

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=8053552683138483034

Request Chain 258

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=GBq7uRZHi0XwF0YdSM-_mHpJ

Request Chain 260

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1674347269737 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5903503077

Request Chain 261

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5108559725999380087

Request Chain 263

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=3b2b2daa-daf0-464b-be66-01aacbc57504&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 264

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A

Request Chain 265

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS03NmNkMTdhMy0xZWQwLTNlMGItYjNhNi1iOTQ5YjdmNTJhZjMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS03NmNkMTdhMy0xZWQwLTNlMGItYjNhNi1iOTQ5YjdmNTJhZjMyAhsMOAE=%26buyeruid%3D%7BUID%7D

Request Chain 266

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A

Request Chain 268

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=

Request Chain 269

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2624905517755670101

Request Chain 270

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 271

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5607D7F2-1E55-47AE-8A59-E826E7F6F277&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5607D7F2-1E55-47AE-8A59-E826E7F6F277&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 272

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A-GV2Q3hxo8YsMXcAOLb3FTgx4oY5cOJA-D5llCB

Request Chain 273

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8053552683138483034&gdpr=0&gdpr_consent=

Request Chain 274

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7191266762519148699&gdpr=0&gdpr_consent=

Request Chain 275

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWMbvp5oT_ZRm-DPq5fMDrKi0YM

Request Chain 276

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=

Request Chain 277

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHcENrN0htUVlBQUItc0NobW9JUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGpCk7HmQYAAB-sChmoIQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8546324679899167549&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGpCk7HmQYAAB-sChmoIQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8546324679899167549%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8546324679899167549&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGpCk7HmQYAAB-sChmoIQ&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGpCk7HmQYAAB-sChmoIQ&gdpr=0&gdpr_consent=

Request Chain 278

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1674347269737 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8955436945

Request Chain 280

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 283

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaTSbUQTXVQaXnjnY HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaTSbUQTXVQaXnjnY&xl8blockcheck=1 HTTP 302
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=b84729aac5b82fe8f084624d01c77fab&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JaTSbUQTXVQaXnjnY HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTSbUQTXVQaXnjnY

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VgfX8h5VR66KWegm5_bydw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 286

https://pixel.onaudience.com/?partner=214&mapped=5607D7F2-1E55-47AE-8A59-E826E7F6F277&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=07816d725d02ece3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 287

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&addseg=19,36,42

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTYwN0Q3RjItMUU1NS00N0FFLThBNTktRTgyNkU3RjZGMjc3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 289

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAdLMACFaOLV3BvoKdHuqwg&google_cver=1

Request Chain 291

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2249862890968148884

Request Chain 293

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ff081c61-2dcd-423c-94dd-afd2058741d0 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ff081c61-2dcd-423c-94dd-afd2058741d0 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=2b81921a-4428-48c9-a7d0-075c4c8d0912&ssp=pubmatic&expires=30&user_group=5&bsw_param=ff081c61-2dcd-423c-94dd-afd2058741d0 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 295

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NcC_iD1E2uV6SKdaK3MmUv1B9PTdPY4-~A&gdpr=0

Request Chain 298

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2c4792ad-5de7-4ef5-bdf5-b8d5ab5d6d21&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 299

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4426469066683050377&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 300

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8053552683138483034

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK46A8IfKgYBjQ9joGTVwTk&google_cver=1

Request Chain 305

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB&dcc=t

Request Chain 308

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=85f5001f-6e54-4202-8b85-0d755b77f889&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 309

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2249862890968148884&expiration=1675556869

Request Chain 310

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8053552683138483034

Request Chain 314

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=8053552683138483034

Request Chain 315

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_768052c1-227c-4c79-a24f-728209555c14&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=781c75fb-8de1-46a8-9e88-5ad672d0b57b&expires=1&user_group=2&ssp=gumgum2&bsw_param=ff081c61-2dcd-423c-94dd-afd2058741d0 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=ff081c61-2dcd-423c-94dd-afd2058741d0

Request Chain 316

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-42bee812-60b9-40f0-70f9-4d580690a9b9$ip$178.162.209.131

Request Chain 317

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_768052c1-227c-4c79-a24f-728209555c14&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=uIrTmnRYfQfCJs4It5Kn&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25KJOJKG23SSLFTFCZSDJJZTISLUGVFW4JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25KJOJKG23SSLFTFCZSDJJZTISLUGVFW4JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=uIrTmnRYfQfCJs4It5Kn&us_privacy=1---

Request Chain 318

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8155127988

Request Chain 319

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=45uRdGmv2zsc&ev=1&pid=558355

Request Chain 320

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28YQKaU8jppQ_1mLAHGP4B2txxT70qLOytkPXq230hfJs6n_QB-T6GN_QZBCf9leSO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28YQKaU8jppQ_1mLAHGP4B2txxT70qLOytkPXq230hfJs6n_QB-T6GN_QZBCf9leSO%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_768052c1-227c-4c79-a24f-728209555c14&obuid=ENC(YQKaU8jppQ_1mLAHGP4B2txxT70qLOytkPXq230hfJs6n_QB-T6GN_QZBCf9leSO) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 321

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=6f252cfe-1be5-46f8-a54e-b82d2651eafd

Request Chain 322

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-RNnH31dE2pcQzpMHBlo_a2Fz8NuC.Tw27pr.~A

Request Chain 323

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=d38e5500-da3f-4589-86f5-ca9c4b3d8da4

Request Chain 326

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=495e0559-5a86-4c60-aaa8-be15cf3ca6b6

Request Chain 327

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=8546324679899167549

Request Chain 329

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D

Request Chain 332

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=

Request Chain 333

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=

Request Chain 335

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=8053552683138483034&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://usersync.gumgum.com/usersync?b=emx&i=8053552683138483034brt50781674347269874879f1

Request Chain 336

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=Y8yDBsCo8X8AAC1OEvQAAAAA

Request Chain 337

https://cs.admanmedia.com/sync/gumgum?puid=e_768052c1-227c-4c79-a24f-728209555c14&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=aad&i=846c9b2f-6575-4a88-8b20-4f5bd60cddb8

Request Chain 338

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=iex&i=Y8yDA4cEkej7q1cKSkb7aAAA%262155

Request Chain 339

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=MVuPCXWSbF1EeGM1smqp&pi=gumgum&tc=1

Request Chain 340

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 342

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=smartadserver&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=smartadserver HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=&gdpr_consent=

Request Chain 345

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=

Request Chain 356

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3DB24F7857A440528675C0D52567F986&gdpr=0&gdpr_consent=

Request Chain 361

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2721278266

360 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
iplogger.org/
Redirect Chain

http://www.iplogger.org/
https://www.iplogger.org/
https://iplogger.org/

41 KB
10 KB

1353ms
23ms

Document
text/html

148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://iplogger.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

iplogger.com

Software

nginx /

Resource Hash

a4ab47e7f3e708016110c92bdea07b44ec3306ba0ce504bd3b5a7c7536a5ca2e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; report-uri https://iplogger.org/csp.php;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=3, must-revalidate
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; report-uri https://iplogger.org/csp.php;
content-type: text/html; charset=UTF-8
date: Sun, 22 Jan 2023 00:27:45 GMT
engine-ended: 0.007659912109375
engine-errors: 0
engine-executed: 0.007647991180419922
engine-finished: 0.007806062698364258
engine-initialized: 0.007302045822143555
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
x-frame-options: DENY SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
cache-control: max-age=3, must-revalidate
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; report-uri https://iplogger.org/csp.php;
content-type: text/html; charset=UTF-8
date: Sun, 22 Jan 2023 00:27:43 GMT
engine-ended: 0.00042700767517089844
engine-errors: 0
engine-stop: 1
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 26 Jul 1997 05:00:00 GMT
location: //iplogger.org
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
x-frame-options: DENY SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 main_banner_bg.webp
cdn.iplogger.org/main-banner/ 31 KB
31 KB 85ms
23ms Image
image/webp 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/main-banner/main_banner_bg.webp
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: bd7b039d14ed94dc5f4d093327eaf1defee0c94bdfb6665721e0f3c65a27a8b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Sun, 15 Nov 2020 14:54:59 GMT
server: nginx
etag: "5fb14143-7bda"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 31706
x-static: 1

GET
H2 200 ui.css
cdn.iplogger.org/css/ 28 KB
6 KB 73ms
11ms Stylesheet
text/css 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iplogger.org/css/ui.css?1.6.2
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 0c9034d3d0ce2266c93bc321a0c1c6592df5839a9957e57b54af115536bea623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 12:36:19 GMT
server: nginx
etag: W/"63c93943-70ad"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-static: 1

GET
H2 200 template.css
cdn.iplogger.org/css/ 40 KB
8 KB 83ms
21ms Stylesheet
text/css 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iplogger.org/css/template.css?1.6.2
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: bb0156027e0d7be3c6e896d0d1c33226709615cf4a13e3e358d336544ba75000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 07:16:52 GMT
server: nginx
etag: W/"639c1b64-a0cc"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-static: 1

GET
H2 200 main.css
cdn.iplogger.org/css/ 10 KB
2 KB 83ms
22ms Stylesheet
text/css 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iplogger.org/css/main.css?1.6.2
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: f984462d59de30bf81be1b98729ecd9d4b404f19db99c2a596820c4fac22b0e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
last-modified: Sun, 06 Nov 2022 11:47:32 GMT
server: nginx
etag: W/"63679ed4-29ae"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-static: 1

GET
H2 200 domain.svg
cdn.iplogger.org/ 3 KB
3 KB 23ms
21ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/domain.svg
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 17ff79820dca4fb785baec7023d40ff31e25f01fde915615c06142340c3f7ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Sun, 27 Feb 2022 08:20:56 GMT
server: nginx
etag: "621b3468-c12"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3090
x-static: 1

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
49 KB 96ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6886789169244828

Requested by

Host: iplogger.org
URL: https://iplogger.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245b3adca012ced70efbce757209886d7c5928065942d181b3de3e8320321ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iplogger.org/
Origin: https://iplogger.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49906
x-xss-protection: 0
server: cafe
etag: 10378461825263105230
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 00:27:45 GMT

GET
H2 200 monetization.js Show response
m.servedby-buysellads.com/ 66 KB
15 KB 54ms
11ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m.servedby-buysellads.com/monetization.js
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 0114ab589ce42ed402ce67254aa06f725f6b53e4a04d2f79b4b01fc92501dcf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJGisp4GEooBCiQxNzY5NmUyNC1jMmM2LTRmNDAtYjViMy0yNGY5NGM0ZWYwZjEQ0KW+ltjY/AIaBgiBhrKeBiIPMTc4LjE2Mi4yMDkuMTMxKNzbAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkMmEwNGJiN2MtNTU0NS00NmM4LWEzZTYtMTM1MDk4NDQ0NjZkGLNzIhgIAhIUY2RzMjU0LmZyOC5od2Nkbi5uZXQ=.NGvx3w5F3+/J4tH7aGYRcfJGKy1PlWG4n5kwLVgeQIM=
last-modified: Fri, 03 Jun 2022 18:18:52 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1654280297/ctime:1654280295/gid:1000/gname:nathan/md5:4896c8077f50520418d4d1ab293b6545/mode:33204/mtime:1654280295/uid:1000/uname:nathan
x-amz-request-id: XF70REMZ419ZQSPP
etag: "4896c8077f50520418d4d1ab293b6545"
x-hw: 1674347265.cds001.fr8.hn,1674347265.cds254.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2601
accept-ranges: bytes
content-length: 14771
x-amz-id-2: NoStfDFRMqEdbIJqni1F4gF8pTVQI0dJ9g2Y9p1x3i2dHfGOhf2WpKhlBN2ELucSNABD/e3o1FQ=

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 83ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: iplogger.org
URL: https://iplogger.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 Jan 2023 00:00:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 Jan 2023 00:27:45 GMT

GET
H2 200 libs.css
cdn.iplogger.org/css/ 29 KB
3 KB 14ms
10ms Stylesheet
text/css 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iplogger.org/css/libs.css?1.6.2
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 43f6b1980c1890cee1e51039a40b023bf8688c1fe44b361fb20d50287bfa6d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
last-modified: Sat, 11 Jun 2022 04:52:36 GMT
server: nginx
etag: W/"62a41f94-7294"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-static: 1

GET
H2 200 1nFPF4.png
iplogger.org/ 116 B
499 B 31ms
29ms Image
image/png 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iplogger.org/1nFPF4.png

Requested by

Host: iplogger.org
URL: https://iplogger.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

iplogger.com

Software

nginx /

Resource Hash

b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/png
date: Sun, 22 Jan 2023 00:27:45 GMT
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
server: nginx
x-frame-options: SAMEORIGIN
expires: Sun, 22 Jan 2023 00:27:45 +0000

GET
H2 200 jquery-3.6.1.min.js Show response
cdn.iplogger.org/js/ 88 KB
31 KB 17ms
14ms Script
application/javascript 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iplogger.org/js/jquery-3.6.1.min.js
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
last-modified: Fri, 11 Nov 2022 06:50:33 GMT
server: nginx
etag: W/"636df0b9-15e40"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-static: 1

GET
H2 200 selectize.min.js Show response
cdn.iplogger.org/js/ 45 KB
16 KB 18ms
15ms Script
application/javascript 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iplogger.org/js/selectize.min.js
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: f82d00e4896a9aee107123f1ae51a9699c49d38563b118cabbe1bcda49795099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
last-modified: Wed, 21 Nov 2018 16:23:58 GMT
server: nginx
etag: W/"5bf5869e-b309"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-static: 1

GET
H2 200 functions.js Show response
cdn.iplogger.org/js/ 31 KB
9 KB 18ms
16ms Script
application/javascript 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iplogger.org/js/functions.js?1.6.2
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 7c927779281c20f99508a03a44b0962d308b0740ab337b4d6b0a7cd3597e284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
last-modified: Wed, 04 Jan 2023 15:49:32 GMT
server: nginx
etag: W/"63b5a00c-7dcf"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-static: 1

GET
H2 200 main.js Show response
cdn.iplogger.org/js/ 721 B
967 B 19ms
16ms Script
application/javascript 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iplogger.org/js/main.js?1.6.2
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 8ac2358bf1a5388fd9b09e458ef26da4cac7d06e4bdf8f8574b3bc0d9a1616a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Thu, 28 Jan 2021 05:55:57 GMT
server: nginx
etag: "601251ed-2d1"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 721
x-static: 1

GET
H2 200 logo.png
cdn.iplogger.org/ 4 KB
4 KB 26ms
24ms Image
image/png 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/logo.png
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/template.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 5ca5ce4a4016c724e9b6126d554089acc219b45c03ff8c94a3e7ed68ca05b31c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/template.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Fri, 13 Nov 2020 09:45:42 GMT
server: nginx
etag: "5fae55c6-e58"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3672
x-static: 1

GET
H2 200 tg-badge.png
cdn.iplogger.org/ 14 KB
15 KB 27ms
25ms Image
image/png 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/tg-badge.png
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/template.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 9f8b4c21adc1635b2b7a42b6a7e04d37b6ddc677efce940c5fcdc7fc1bbbd777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/template.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Sat, 22 Oct 2022 09:48:24 GMT
server: nginx
etag: "6353bc68-39ca"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 14794
x-static: 1

GET
H2 200 google-play-badge.png
cdn.iplogger.org/ 14 KB
15 KB 27ms
25ms Image
image/png 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/google-play-badge.png
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/template.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 6794402f4ce1f6e854461259a40105b16f31974a3ae60502d3780b064276554b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/template.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 04 Apr 2022 10:43:31 GMT
server: nginx
etag: "624acbd3-3980"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 14720
x-static: 1

GET
H2 200 tools_arrow_down.svg
cdn.iplogger.org/icons/ 504 B
745 B 27ms
26ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_arrow_down.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/template.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 9242ba850c58937db36bec11db95ab59c01651bc2ca7889d55a35fdcdae3511e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/template.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Fri, 13 Nov 2020 18:38:46 GMT
server: nginx
etag: "5faed2b6-1f8"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 504
x-static: 1

GET
H2 200 banner_arrows_down.svg
cdn.iplogger.org/main-banner/ 1 KB
1 KB 19ms
18ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/main-banner/banner_arrows_down.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 7cd0f94808f330ada1174fbb1d5c20aece930c6cd03dabbc5d1fd6842d93c565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Fri, 13 Nov 2020 12:11:57 GMT
server: nginx
etag: "5fae780d-482"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1154
x-static: 1

GET
H2 200 tools_1.svg
cdn.iplogger.org/icons/ 2 KB
2 KB 19ms
18ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_1.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: f878cac46f254fdec5d7a5f097470ea7753e52b213f57a9f42492cc96f669a24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 02 Nov 2020 09:40:53 GMT
server: nginx
etag: "5f9fd425-7c3"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1987
x-static: 1

GET
H2 200 after_link_arrow.svg
cdn.iplogger.org/ 231 B
472 B 19ms
18ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/after_link_arrow.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 450c6ad62f1d38659faa4d1808028d4a3bdf23224cca8ceb6c20addab7fa19dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Fri, 13 Nov 2020 12:22:25 GMT
server: nginx
etag: "5fae7a81-e7"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 231
x-static: 1

GET
H2 200 tools_14.svg
cdn.iplogger.org/icons/ 6 KB
6 KB 19ms
18ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_14.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 366625d97f7aa2fbee7a230694b0e3012a559ca9d1102ca1be32a91758f92b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Tue, 05 Jul 2022 10:47:32 GMT
server: nginx
etag: "62c416c4-163a"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5690
x-static: 1

GET
H2 200 tools_2.svg
cdn.iplogger.org/icons/ 2 KB
3 KB 19ms
18ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_2.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 0d8ff4fca5c6f7537ffba3c55c92a44adaec6ef252844a1bfb981a4c2f80728f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 02 Nov 2020 09:42:43 GMT
server: nginx
etag: "5f9fd493-9db"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2523
x-static: 1

GET
H2 200 tools_4.svg
cdn.iplogger.org/icons/ 2 KB
3 KB 19ms
19ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_4.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 427e00362ad6cde3343c2622e56e69952b671507e038d7d88e6bd007755969e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 02 Nov 2020 09:43:34 GMT
server: nginx
etag: "5f9fd4c6-96c"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2412
x-static: 1

GET
H2 200 tools_3.svg
cdn.iplogger.org/icons/ 118 KB
41 KB 23ms
19ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_3.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 8d3178bbbb291c3cc04de9c5b25f3ef94e16ee5a8b1ada7b7823137e83241138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 10:20:27 GMT
server: nginx
etag: W/"61fa5aeb-1d988"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-static: 1

GET
H2 200 tools_6.svg
cdn.iplogger.org/icons/ 9 KB
10 KB 24ms
20ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_6.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 00044bc22caa4b65bb3cd2172e23151b1a28821f281455415823ab313f4378ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 02 Nov 2020 09:44:22 GMT
server: nginx
etag: "5f9fd4f6-2524"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 9508
x-static: 1

GET
H2 200 tools_5.svg
cdn.iplogger.org/icons/ 650 B
892 B 24ms
21ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_5.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 79ef3b24be098db722380c42c08c9ebaa16d432021a1674f6f1889ae98a5722f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 02 Nov 2020 09:43:59 GMT
server: nginx
etag: "5f9fd4df-28a"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 650
x-static: 1

GET
H2 200 tools_7.svg
cdn.iplogger.org/icons/ 3 KB
3 KB 24ms
21ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_7.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 56fdcfd42941f5cdf5a51c1a2b8c928ca33103b571fde7f599aa7a364c8e78b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Thu, 31 Mar 2022 10:47:26 GMT
server: nginx
etag: "624586be-cd8"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3288
x-static: 1

GET
H2 200 tools_12.svg
cdn.iplogger.org/icons/ 5 KB
5 KB 24ms
22ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_12.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: fc868906b9c6da83202bd4cfa1685ca822b8d1606f6a11d0e6483f26eeb64c6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 09 Aug 2021 07:31:47 GMT
server: nginx
etag: "6110d9e3-1310"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4880
x-static: 1

GET
H2 200 tools_15.svg
cdn.iplogger.org/icons/ 14 KB
5 KB 24ms
22ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/icons/tools_15.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 304ab1e1dd7c5e0fb69c9cde58290b5e2bc9bfd8a4171038c24f5966418b9733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
last-modified: Sun, 06 Nov 2022 11:57:58 GMT
server: nginx
etag: W/"6367a146-362f"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-static: 1

GET
H2 200 capabilities_img.png
cdn.iplogger.org/main-banner/ 22 KB
23 KB 25ms
23ms Image
image/png 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/main-banner/capabilities_img.png
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: cb14b7d8111dc00ed5145ca7d5fb514dd151c8c26a220a9d989f5d4ee7c60d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Fri, 16 Oct 2020 16:59:12 GMT
server: nginx
etag: "5f89d160-5938"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 22840
x-static: 1

GET
H2 200 consent_img.png
cdn.iplogger.org/main-banner/ 37 KB
37 KB 26ms
24ms Image
image/png 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/main-banner/consent_img.png
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/main.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 2d77d16bf1dfe855d98b6046bfff2e6bce42650c4e52ad01ed03cfd0f578de63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/main.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Fri, 22 Apr 2022 08:49:47 GMT
server: nginx
etag: "62626c2b-9264"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 37476
x-static: 1

GET
H2 200 attention.svg
cdn.iplogger.org/ 2 KB
3 KB 26ms
24ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/attention.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/template.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 7dc30d6928e58f058f551f23e6dcaf155a06a771c2de6a270ba089ce1fc2c9fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/template.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Fri, 13 Nov 2020 10:29:05 GMT
server: nginx
etag: "5fae5ff1-9c8"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2504
x-static: 1

GET
H2 200 iplogger.js Show response
cdn4.buysellads.net/pub/ 625 KB
172 KB 48ms
14ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: e3e8c26c91f1a9304986a94fc7ad14c29c576751009cf6c27117b859add08dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJGisp4GEooBCiQ3ZTQ1ZWYzYy02NzNkLTRjNWEtOWYxOS0yYTQzOTI0NmY4NjAQiOWfifXE+wIaBgiBhrKeBiIPMTc4LjE2Mi4yMDkuMTMxKOjbAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMDdlYjIzOTEtZjBkYS00NzlhLTk3MDgtZDU1YmRjN2NiYmU0GNzbCiIYCAISFGNkczIwNy5mcjguaHdjZG4ubmV0.Uy4Orhomr0vROe8QnhaIAjEK/jhaCnhuLLAfYenA9vc=
last-modified: Sun, 22 Jan 2023 00:02:21 GMT
server: AmazonS3
x-amz-request-id: RX8RFG1MGTZ22TG7
etag: "e87cb46ae4bce2a0e80a39b2dea5e103"
x-hw: 1674347265.cds229.fr8.hn,1674347265.cds207.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 175580
x-amz-id-2: lc0MtX4kwfj1EHNNL63QNr+p+umPY3DVzKpPnZ7rOSrsani9m9TjEVRnttx50lsu5HRbpIVe8JY=

GET
H2 200 CK7IT53I.json Show response
srv.buysellads.com/ads/ 628 B
589 B 490ms
159ms XHR
application/json 134.209.56.195
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CK7IT53I.json?segment=placement:iploggerorg
Requested by: Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.56.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ca-14.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: ace6b45669402ffdcbfa20bf1640728c48693f33496cad02c6b8822e29751a4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 476
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 CK7IT53W.json Show response
srv.buysellads.com/ads/ 2 KB
1 KB 489ms
160ms XHR
application/json 134.209.56.195
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CK7IT53W.json?segment=placement:iploggerorg
Requested by: Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.56.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ca-14.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 4a39cbd135ff150a5dd1f9c77446340b8b08b6912ed231f53438f16529154c44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 998
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
575 B 161ms
130ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=10.34180597464387
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
x-sp-metadata: HS256.CJGisp4GEooBCiQzYzc0OGI5Zi1lNjM2LTQ4MTEtOTU2ZC1jZWYzY2YzYTQwNjkQiOWfifXE+wIaBgiBhrKeBiIPMTc4LjE2Mi4yMDkuMTMxKOjbAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGigSJGFmOWVjYWY1LWIwNzAtNDkxZi04NGFhLThlNTZiNmMwM2NhMBgrIhoIAhIUY2RzMjU4LmZyOC5od2Nkbi5uZXQYCQ==.hFsNoG02EgQfyVkb7zRdp6LJ0pK3XlJoc3MrzoDG8Tg=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: 4NRR0SXKQDHVHKFE
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1674347265.cds229.fr8.hn,1674347265.cds258.fr8.sc,1674347265.cds258.fr8.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: u06MhjAlwW244lQeX4C4oHQ7iSwt3h/xyWwTrkP63P/BkDpMWx12o+xetr36kUEUq98bPnuE6WTE2ODGwz+uWA==

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
525 B 167ms
136ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=10.34180597464387
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
x-sp-metadata: HS256.CJGisp4GEooBCiQwOTQyMWQyYy1hNTg5LTQ0ODMtOWY4MC05YTNhYTNhOTM3NmYQiOWfifXE+wIaBgiBhrKeBiIPMTc4LjE2Mi4yMDkuMTMxKOjbAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGigSJGI3ZDU3N2E4LWY5MmItNDUwZi04MzhhLWUwNzU5ODE0NDY3NRgrIhoIAhIUY2RzMjQ2LmZyOC5od2Nkbi5uZXQYCQ==.Q61PRCdb/5HwCHrzQ50TRt9PoshuV+NnjcIi0KGaPNA=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: 4NRK3M6WQBWA58JD
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1674347265.cds229.fr8.hn,1674347265.cds246.fr8.sc,1674347265.cds246.fr8.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: 7CNK83FDAPJv9PkUySHudCmtl12oDp4SLWaemk35aEOd5CEX3+77kHOuJBsj44q13L+WBW1dHZI=

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
524 B 177ms
146ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=9.237645885166911
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
x-sp-metadata: HS256.CJGisp4GEooBCiQzNjk4NTUzZS02OWJjLTRhNDMtODkwZi00ZTYwYmI3YjU0OWYQiOWfifXE+wIaBgiBhrKeBiIPMTc4LjE2Mi4yMDkuMTMxKOjbAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGigSJGI4MTM1ZDI1LTVlMzItNDQ0Ni1iYTU4LWQyZGQwYjgwZWY2YxgrIhoIAhIUY2RzMzIxLmZyOC5od2Nkbi5uZXQYCQ==.tB8m6dl7kOIWRzClXMo2GZuGJRph62mzfMaIpJ3mlss=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: 4NRJGBY087MXJ6B6
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1674347265.cds229.fr8.hn,1674347265.cds321.fr8.sc,1674347265.cds321.fr8.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: 2Pvvnq+lEWXyuz+1rkz1fNHoArsDcDQsX2L38PYL8pcEattiCmrRZ4t/YPwNQv7fnCuUzJ6Ozx4=

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
536 B 172ms
141ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=9.237645885166911
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
x-sp-metadata: HS256.CJGisp4GEooBCiQ2N2JiODE3YS1hZDFkLTRlZWMtYTRkYy1mNGExNmZiNGFhNTcQiOWfifXE+wIaBgiBhrKeBiIPMTc4LjE2Mi4yMDkuMTMxKOjbAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGigSJGQ2Y2FlOTU3LTE3NjEtNDQzMC04YTM2LTMzMWQ3ZDcwMGNiMhgrIhoIAhIUY2RzMjc5LmZyOC5od2Nkbi5uZXQYCQ==.EMUVCzSHagvcNuxWWp0K/apR+BeIzLUiYG5E+bJO9k8=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: 4NRPH2ZVCEE5ZAY3
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1674347265.cds229.fr8.hn,1674347265.cds279.fr8.sc,1674347265.cds279.fr8.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: dvLbg+IDjxsMJ5qS9BjpKCzYzrGv0LR35l0KmruR96pt+Yzpta+K4rVxEXE8v7b5CDlXWnQNnvIrw6HL/0SpJQ==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 70ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://iplogger.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 21:51:10 GMT
x-content-type-options: nosniff
age: 268595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:51:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 79ms
28ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://iplogger.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 155896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 66ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://iplogger.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:14:53 GMT
x-content-type-options: nosniff
age: 126772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 13:14:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: iplogger.org
URL: https://iplogger.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 00:26:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 95
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Sun, 22 Jan 2023 02:26:10 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttps%3A//iplogger.org/;hIP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses;0.9965636549977137
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//iplogger.org/;hIP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses;0.9965636549977137

132 B
618 B

42ms
42ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//iplogger.org/;hIP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses;0.9965636549977137

Requested by

Host: iplogger.org
URL: https://iplogger.org/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:45 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Fri, 21 Jan 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:45 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//iplogger.org/;hIP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses;0.9965636549977137
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 21 Jan 2022 21:00:00 GMT

GET
H2 200 us.webp
cdn.iplogger.org/countries/ 290 B
528 B 12ms
10ms Image
image/webp 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/countries/us.webp
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/libs.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: b328b80a033e87926e4d9c7963e8bdc071b4051c55144489ad1569d1213986da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/libs.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 06 Apr 2020 17:14:38 GMT
server: nginx
etag: "5e8b637e-122"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 290
x-static: 1

GET
H2 200 ru.webp
cdn.iplogger.org/countries/ 56 B
293 B 15ms
13ms Image
image/webp 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/countries/ru.webp
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/libs.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: e0695d487d92393f8d9380a8178772da3aaeddaa6156d3b0b400a7b3a0e47cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/libs.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 06 Apr 2020 17:14:36 GMT
server: nginx
etag: "5e8b637c-38"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 56
x-static: 1

GET
H2 200 es.webp
cdn.iplogger.org/countries/ 276 B
514 B 15ms
13ms Image
image/webp 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/countries/es.webp
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/libs.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 829416046a1f4c95b98b95b1d8806039685a7e0c418649d2299963c7029c990d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/libs.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 06 Apr 2020 17:14:36 GMT
server: nginx
etag: "5e8b637c-114"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 276
x-static: 1

GET
H2 200 pt.webp
cdn.iplogger.org/countries/ 392 B
631 B 15ms
14ms Image
image/webp 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/countries/pt.webp
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/libs.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 3d2a007bb491e30905ffd3ffba60b4b00977a84c32517733da7a8b35d53808b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/libs.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 06 Apr 2020 17:14:36 GMT
server: nginx
etag: "5e8b637c-188"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 392
x-static: 1

GET
H2 200 logo-facebook-white-opacity.svg
cdn.iplogger.org/ 2 KB
2 KB 15ms
14ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/logo-facebook-white-opacity.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/template.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: b5218a3d297274b51a2f0c3c48ee85a94a20b8563d1cce820499aac7aa5f22bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/template.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Thu, 21 Jun 2018 11:04:49 GMT
server: nginx
etag: "5b2b8651-895"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2197
x-static: 1

GET
H2 200 logo-twitter-white-opacity.svg
cdn.iplogger.org/ 2 KB
2 KB 16ms
14ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/logo-twitter-white-opacity.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/template.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 84cf569fc6c79862aaf9727156a2d9fa077e6cb264b2f8e8f58c1551ef7597a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/template.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Thu, 21 Jun 2018 11:04:42 GMT
server: nginx
etag: "5b2b864a-8d1"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2257
x-static: 1

GET
H2 200 logo-tg-white-opacity.svg
cdn.iplogger.org/ 603 B
845 B 16ms
15ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/logo-tg-white-opacity.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/template.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: e8458f8bbc73845f2967ea9ac79e3295d779c1a29cde49c9157bfa68620ac3c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/template.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Tue, 06 Oct 2020 10:41:09 GMT
server: nginx
etag: "5f7c49c5-25b"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 603
x-static: 1

GET
H2 200 logo-reddit-white-opacity.svg
cdn.iplogger.org/ 3 KB
3 KB 16ms
15ms Image
image/svg+xml 148.251.234.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iplogger.org/logo-reddit-white-opacity.svg
Requested by: Host: cdn.iplogger.org
URL: https://cdn.iplogger.org/css/template.css?1.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.234.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: iplogger.com
Software: nginx /
Resource Hash: 7b50d4213e57b3e6892fe2e7d02d7ee15561b5c9bcf59f65eec6b4bb8cd2d376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.iplogger.org/css/template.css?1.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:27:45 GMT
pragma: public
date: Sun, 22 Jan 2023 00:27:45 GMT
last-modified: Mon, 04 Apr 2022 10:29:13 GMT
server: nginx
etag: "624ac879-a14"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2580
x-static: 1

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 38ms
32ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://iplogger.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:59:07 GMT
x-content-type-options: nosniff
age: 5318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 22:59:07 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ 358 KB
118 KB 97ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6886789169244828&plah=iplogger.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6886789169244828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd3b62f1c4f188c40237a6234ce56981efaa64c22eea9c462aa57fd7d1bf8829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120547
x-xss-protection: 0
server: cafe
etag: 15676822806810104347
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 00:27:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/ Frame C8F2 10 KB
5 KB 66ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6886789169244828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 20:24:45 GMT
etag: 10353107486223812946
expires: Sat, 04 Feb 2023 20:24:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag Show response
btloader.com/ 26 KB
8 KB 39ms
12ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcc95a2016c336ce5ea23bbdb3436e99a61d8feed49cbdc749437516aeda27f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Jan 2023 00:05:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1273
etag: W/"83bb122a75befad944f8ad2f4d5d8ebc"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNcl0Rn7n%2BXnilPRLhkhDAXBVWpQbFmMFoa%2F2t8CmEmFpeJJOZZ%2FOtjRS%2Ffp8lCPp%2FA8MNgfCiZHThU7bJ0LbcsC7AsOAXfKJElHsTqsRUm8IoqnzBQ5zvQFNJ3TKdGAknZYgfs5YLjusw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 78d42a6a9b9e2bba-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c6b59cdfd55642b52b5e3bf0c6c47464cf783c2cf9b6e3d28b3097a42f99b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27735
x-xss-protection: 0
server: sffe
etag: "1459 / 826 of 1000 / last-modified: 1674256154"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 22 Jan 2023 00:27:45 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
521 B 129ms
129ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=10.995015153468678
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
x-sp-metadata: HS256.CJGisp4GEooBCiRiMjU3NGE3Mi1lNzg2LTQ5YjctYTQyYi1mOGNlOWI2ZTAwMjYQiOWfifXE+wIaBgiBhrKeBiIPMTc4LjE2Mi4yMDkuMTMxKOjbAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGigSJDhkMjI4YmM4LWFmN2UtNGMzOS1iZDUyLTFiNTA5YWZmNzExNBgrIhoIAhIUY2RzMjY5LmZyOC5od2Nkbi5uZXQYCQ==.A7BiAbk1o7LgYggcp5nKa601PgHm1QqyC6lzfEnzhgI=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: 4NRPR6C240Q16C07
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1674347265.cds229.fr8.hn,1674347265.cds269.fr8.sc,1674347265.cds269.fr8.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: /+Brqno8Rtw3VCTIz+v7bXfY8600f6ltIgl9INEIaA95Fgw0vcZQNlpggGB1kFH7eFblfb9CFf4=

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
520 B 123ms
122ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=10.995015153468678
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
x-sp-metadata: HS256.CJGisp4GEooBCiQ0NmI0Yzc1ZC1kMjI2LTRiNTMtYjNjMC03NDM4MDBjMzliMjAQiOWfifXE+wIaBgiBhrKeBiIPMTc4LjE2Mi4yMDkuMTMxKOjbAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGigSJDhlYjM4MjFiLWZiNmUtNGY4My04NmE2LTUzODFmZTYxZmU2NRgrIhoIAhIUY2RzMzIzLmZyOC5od2Nkbi5uZXQYCQ==.7n6t2UnAtriqeLoLbVdhId84nGty6mMG0u3pFmoErn0=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: 4NRT2J2NT7K14Q61
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1674347265.cds229.fr8.hn,1674347265.cds323.fr8.sc,1674347265.cds323.fr8.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: 58oqkee6C0KJ/IyTsTMZm6WGETxRPrxFOxI9N/0vgkIrynzZWpfa6hqEiMypvU+2WIDfnKa9uF4=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 21ms
20ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1989486439&t=pageview&_s=1&dl=https%3A%2F%2Fiplogger.org%2F&ul=en-us&de=UTF-8&dt=IP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1295726889&gjid=604783679&cid=1714088005.1674347266&tid=UA-67516667-1&_gid=594596954.1674347266&_r=1&_slc=1&z=1223290460

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iplogger.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
342 B 39ms
13ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2565676
x-guploader-uploadid: ADPycduqhH9aYxDx3II-2FyG57717ncdLlXzgT2uvhdli4EafgcSUlRmhd4QmYhqRQi5dYqML35E61Vh6hCfxZCB0gKBFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkiwhLRxN7dsKy90c%2BmthsyiwjCiV%2BwTtS9q0Qv4DNOLyuz%2FgV0%2B%2BENtZYuFs6Wxo0GrmFvO6PGBZDpN%2BNYM23rw347S4lJvQFopc3j4imByQOEGoVWmK5IKaWYSyMObQkfifjc3HAbh7VRi6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 78d42a6b1aae2be6-FRA
expires: Fri, 23 Dec 2022 08:08:59 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 75ms
12ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: iplogger.org
URL: https://iplogger.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 Jan 2023 14:01:01 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
938 B 38ms
12ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.2994774820654649
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2565676
x-guploader-uploadid: ADPycduqhH9aYxDx3II-2FyG57717ncdLlXzgT2uvhdli4EafgcSUlRmhd4QmYhqRQi5dYqML35E61Vh6hCfxZCB0gKBFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8W7CvNpP7Cq5FT587J5tQveSBrWd86NdU9OYOnaw8vzHrJ8TWde%2BQe6%2FCrGjvXQJb6Z2KF82swnzSBFgDci1yybBvFiA8IPeE4O%2BeDrUu15SIYzfOUddP6OJGbaMfrWqaStD59sitsCE6Phlg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 78d42a6b1ab22be6-FRA
expires: Fri, 23 Dec 2022 08:08:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-67516667-1&cid=1714088005.1674347266&jid=1295726889&gjid=604783679&_gid=594596954.1674347266&_u=IEBAAEAAAAAAACAAI~&z=1408957557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 22 Jan 2023 00:27:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iplogger.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2023011801.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 77ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68c43f158a42c60bfd2f29f2b397b2cabde9ed43a1aec3ef1296770d1f8df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 15:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133035
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 09:38:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Jan 2024 15:07:51 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
694 B 83ms
21ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=iplogger.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af656b55e32f8662fafd8f8d7e513d4051d24b96084c6d99e5ec0fa04e0bca97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59
x-xss-protection: 0
expires: Sun, 22 Jan 2023 00:27:45 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 148ms
112ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 149ms
113ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=3VwgJl7Yg&w=4875027420282880&o=5102648370397184&cv=2.1.06-2-g014272c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fiplogger.org%2F&sid=uimXgVjI&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 Jan 2023 00:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 1660242971-KFN2B_Native-Ads_250x100.png
cdn4.buysellads.net/uu/1/122891/ 3 KB
4 KB 11ms
10ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/122891/1660242971-KFN2B_Native-Ads_250x100.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 8352e02d89ad51ae66a63c1a10f6aba4e2003f7737bbdc440eec9a1effe7d2f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
x-sp-metadata: HS256.CJKisp4GEooBCiQ4OTJlMzVkZi01YWFiLTQxMmYtYjljYS0zNTY1ZGI3OTUzNGUQiOWfifXE+wIaBgiChrKeBiIPMTc4LjE2Mi4yMDkuMTMxKOjbAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkMTE3MmQ3Y2MtODI0Zi00OTM0LWI3NDYtMTA4NmFiMDVlMmMwGPMaIhgIAhIUY2RzMjU1LmZyOC5od2Nkbi5uZXQ=.8V5Q0nXW22RBXHHi5+2v3smaVo7/GKA3jLGGRHN5mZY=
last-modified: Thu, 11 Aug 2022 18:36:12 GMT
server: AmazonS3
x-amz-request-id: 86D2GQ6QR1M79N2W
etag: "ed36f670237a76184f500fe14d2de2a9"
x-hw: 1674347266.cds229.fr8.hn,1674347266.cds255.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3443
x-amz-id-2: ieYQpV/X4N/saC7P9+3AcPxscGSaKNVpjZE58ZnQgygiOH4EXdc0PS5fLW3EOuhKVA8JKwoVfsY=

GET
H2

200

B29090009.354632606;dc_pre=CLbKmND12fwCFajGuwgdbOoMKw;dc_trk_aid=545821830;dc_trk_cid=183807839;ord=1674347265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=
ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.354632606;dc_trk_aid=545821830;dc_trk_cid=183807839;ord=1674347265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.354632606;dc_pre=CLbKmND12fwCFajGuwgdbOoMKw;dc_trk_aid=545821830;dc_trk_cid=183807839;ord=1674347265;dc_lat=;dc_rdid=;...

42 B
220 B

31ms
30ms

Image
image/gif

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.354632606;dc_pre=CLbKmND12fwCFajGuwgdbOoMKw;dc_trk_aid=545821830;dc_trk_cid=183807839;ord=1674347265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=?

Protocol

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.354632606;dc_pre=CLbKmND12fwCFajGuwgdbOoMKw;dc_trk_aid=545821830;dc_trk_cid=183807839;ord=1674347265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 69ms
14ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 69ms
14ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 69ms
15ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 68ms
14ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 67ms
14ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 68ms
15ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 75ms
22ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 66ms
13ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 67ms
15ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 74ms
22ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 74ms
23ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 73ms
21ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 73ms
22ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 73ms
22ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://iplogger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://iplogger.org
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25

GET
H2 200 CEAIVKQ7.json Show response
srv.buysellads.com/ads/ 933 B
609 B 160ms
159ms Fetch
application/json 134.209.56.195
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEAIVKQ7.json?forcebanner=484939&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.56.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ca-14.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 9a5d99fd75c48b76123888c176165debdf2d63db9efca2141532e914837d70ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 Jan 2023 00:27:46 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 556
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1021 B 38ms
12ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:46 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2447794
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kHcb2IE7XmPTJgbJ9hBR3kmRzCK5eYAd7FuKox8lg6OoCCv2mUwTPInaqfvlYBQBsIHLKWtBHL6cMggCBD0ofZ2KP15Gkx%2FdJ%2B%2Bj41dUlgCogEAES0yhlvCr%2Bi6mXRMf37paqpqEv5CRs8p"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 78d42a6e0896bbc1-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 375 B
1 KB 221ms
200ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ac75206f4edacb92ce51672d1cad2bea9a9f1eda3d75c18eea09f0b01861a94c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:46 GMT
AN-X-Request-Uuid: f1b4e147-67f5-4525-b26a-f2e29e81132e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://iplogger.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 375
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 1 KB
722 B 152ms
113ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fiplogger.org%2F

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

b94a38239b592aed3cebbcb6b558f5df7f993229e7dba16c157aec0fb0b65456

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-upstream-service-time: 96
content-length: 369
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://iplogger.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 44ms
28ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3390a0cbc75c5489838827a5313fed9494e98b02a3b95318b1349993477c95e

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 120ms
104ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 12f837d9ae8765fa4cdd6bcb8072b94b3850cf3cc455c92dd43f1edcd0a39240

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
295 B 35ms
20ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8445acb70fad20246e3ebd86e27a7ccfd41ff60a7c1a88108bf6cf427a448b4f

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 115ms
99ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fa7d44e632f0650d83d97fe99bc33f08783b0948aa261f252862652614ffb4aa

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 132ms
116ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f1951dc4d97622d6e0b06dcdf996cf54f67193f2e567abc6e5db5490ff1da797

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 41ms
26ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b3a679344ad3e4e554ab4462a108cbd76ef8d0c3c6ede5d269ef3bafb85f8863

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 35ms
26ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 711bf4aac9a4d90f349f2ae4aeb7dfef78c181ef84cd201d82a7fa5ad20dbe9f

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 43ms
25ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a0b6ecbcf7ae100aee6f5a3401d8f18af6ae61b2fa129f1a84a3cb889fdcd94d

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 160ms
144ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8765d40288f84fdc8b14b18a891c3f055fdc24a78f573c8a7bbf7ed0e28c95d0

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 278ms
269ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 40b628e24a3da030d8cceb6e61adbe19a86ed857b6a9261bd9ae744a2a204f62

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 36ms
27ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7cd44063d6dc5d01b4bad392f7fab3f7cfecd425ea195144eb28818a443f62ea

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 39ms
28ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8e8d90003b25bc7f663b891e428288306c5fc4ef282020982c0d18dcf8ddcd1d

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 36ms
27ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a79e3626d51ab8c22091e73a0f380f4c0085361900355d6a3faf53622e7327cb

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 109ms
100ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e2a02af7a5124bf8ad985a63f4df0446ba9121183805090cf8b3c3749e91bf30

Request headers

Referer: https://iplogger.org/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-length: 66

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
598 B 62ms
25ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 01462b63fbefe928e58dba70375d3d581d8ab63cdb2678defb876652657c2191

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:46 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://iplogger.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sun, 22 Jan 2023 00:27:46 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 717 B
744 B 355ms
281ms XHR
application/json 52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=6300
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7b363d2d49f05ad7611c76b29615fc21c18316c6d4dee18d37fe958869e7d912

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://iplogger.org
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 142ms
84ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://iplogger.org
date: Sun, 22 Jan 2023 00:27:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
310 B 63ms
27ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.10.0&cb=43485594442&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Jan 2023 00:27:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 59ms
21ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://iplogger.org
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 prebid Show response
mp.4dex.io/ 0
268 B 57ms
30ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:46 GMT
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-ref-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://iplogger.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 78d42a6e3e37927f-FRA
expires: 0

GET
H2 400 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
331 B 329ms
113ms XHR
text/html 52.205.2.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1674347266245&secure=true&version=9&title=IP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses&url=https%3A%2F%2Fiplogger.org%2F&measurable=true&bids[0][bidId]=65400b643724699&bids[0][config][property]=iplogger&bids[0][config][zone]=iplogger_S2S_FixedFooter_ROS&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=468&bids[0][sizes][2][height]=60&bids[0][sizes][3][width]=980&bids[0][sizes][3][height]=90&bids[0][sizes][4][width]=990&bids[0][sizes][4][height]=90&property=iplogger&foo
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.2.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-2-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: 5352720a5ffb778e42dbb1d4b81c975c02018dd660e1fe9c430cbf13dba78762

Request headers

Referer: https://iplogger.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:46 GMT
x-powered-by: Express
etag: W/"38-oN4RNSEETikJBvZER0pAAAEOHrw"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://iplogger.org
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 36ms
20ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:46 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1536084
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmdTZzhDUG1ou35tZgaFwK3jDgOqBA0mySQE9EviVvH8HDQhb5i5V5u2HYODOd%2Fcj0jZCcO5EZUs%2FGecddfi9TimADLgsYHY%2BzTZNZUYR%2F%2BgYiwfEBUyvot8rToTiu68SD5dntvSLYWmVdHX"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 78d42a6e3e502bc5-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 87ms
23ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=iplogger.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 72ms
22ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=iplogger.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 206 KB
62 KB 356ms
355ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=801493282996564&correlator=883248518091875&eid=31071151%2C31071769&output=ldjh&gdfp_req=1&vrg=2023011801&ptt=17&impl=fifs&iu_parts=21814629391%2Ciplogger_S2S_FixedFooter_ROS%2Ciplogger_S2S_Leaderboard_ROS_Pos2%2Ciplogger_S2S_Leaderboard_ROS_Pos3%2Ciplogger_S2S_Interstitial_ROS%2Ciplogger_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C468x60%7C980x90%7C990x90%2C320x50%7C728x90%7C970x90%7C970x250%7C300x250%7C336x280%7C980x90%7C990x90%7C750x100%7C750x200%7C750x300%7C930x180%7C980x120%2C320x50%7C728x90%7C970x90%7C970x250%7C300x250%7C336x280%7C980x90%7C990x90%7C750x100%7C750x200%7C750x300%7C930x180%7C980x120%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=4&adks=608699878%2C482953812%2C1851967547%2C1729358428%2C115969165&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1654594069205-3_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1667488834797-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1667488863276-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1669370478211-9_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1672650109284-6_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Diplogger%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1674347266613&lmt=869893200&dlt=1674347265373&idt=520&adxs=436%2C436%2C436%2C-9%2C-9&adys=1140%2C1390%2C2400%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fiplogger.org%2F&frm=20&vis=1&psz=1280x1772%7C1280x100%7C1280x100%7C0x-1%7C0x-1&msz=1600x-1%7C1280x90%7C1280x90%7C0x-1%7C0x-1&fws=516%2C4%2C4%2C2%2C2&ohw=1600%2C1280%2C1280%2C0%2C0&ga_vid=1714088005.1674347266&ga_sid=1674347267&ga_hid=1989486439&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bbdb6448d685ab2364231c5973f1d58ed65868ddcb96e6744bedd304b0ab025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62602
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://iplogger.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 27ms
27ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

853f15008ae6a86c8629a7facce2e184069ea8992ad2b5f2ad28d54633f2cf77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11000
x-xss-protection: 0

GET
H2 200 container.html Show response
2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BFC2 6 KB
3 KB 84ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:46 GMT
expires: Mon, 22 Jan 2024 00:27:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads_2023011801.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023011801.js?cb=31071769

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1c399c04e7cd66dabcf07c81687d08d0aca9b66c54b848d5b7d9b18c269c1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 23:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13719
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 09:38:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 Jan 2024 23:25:52 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 77ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 00:27:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 467C 13 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 21:49:03 GMT
expires: Sun, 21 Jan 2024 21:49:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F3A4 783 B
1 KB 130ms
52ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ada7815727017ccdded1630ef926d14ea0f78c901442d3ed1e92145105d0c21

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-udcCfypLEM3Hwvk3bfklcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-udcCfypLEM3Hwvk3bfklcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:46 GMT
expires: Sun, 22 Jan 2023 00:27:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 467C 36 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 18:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 18:35:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F3A4 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011801&jk=801493282996564&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 container.html Show response
2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AFEC 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:46 GMT
expires: Mon, 22 Jan 2024 00:27:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022301041800000/ Frame 3DA2 221 KB
61 KB 81ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ec6225a4e15fce914847fb3a4ac496b393c23cf38f0a614293b0e7311b7c33b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 22:20:08 GMT
age: 353259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61636
x-xss-protection: 0
server: sffe
etag: "6860505b1f6c104a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 22:20:08 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022301041800000/v0/ Frame 3DA2 15 KB
5 KB 105ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 22:20:08 GMT
age: 353259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5230
x-xss-protection: 0
server: sffe
etag: "98e8559bf0300638"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 22:20:08 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022301041800000/v0/ Frame 3DA2 94 KB
28 KB 108ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 22:20:08 GMT
age: 353259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28829
x-xss-protection: 0
server: sffe
etag: "80143a542ab189b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 22:20:08 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022301041800000/v0/ Frame 3DA2 5 KB
2 KB 113ms
48ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 22:20:08 GMT
age: 353259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "c26873ae23a2dfcc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 22:20:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022301041800000/v0/ Frame 3DA2 40 KB
13 KB 105ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 22:20:08 GMT
age: 353259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a53f7d5e2894160e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 22:20:08 GMT

GET
DATA 200
OK truncated
/ Frame 3DA2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0752ff93178a60132a85d765063ab749d7a7fa70613075abd8e7b085734a1fe9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E51 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:46 GMT
expires: Mon, 22 Jan 2024 00:27:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AF7E 6 KB
3 KB 14ms
12ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011801.js?cb=31071769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:46 GMT
expires: Mon, 22 Jan 2024 00:27:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 17151093467137003493
tpc.googlesyndication.com/simgad/ Frame 3DA2 41 KB
41 KB 16ms
15ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17151093467137003493?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkQT6g87GIQz2OMFp4cw6IJOSl3YQ

Requested by

Host: iplogger.org
URL: https://iplogger.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a55836eea57e7407140855fef88ad78d2235d3826f651e5621f80f9d8dbaa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:35:50 GMT
x-content-type-options: nosniff
age: 204717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42302
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 15:58:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jan 2024 15:35:50 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3DA2 2 KB
2 KB 19ms
18ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: iplogger.org
URL: https://iplogger.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 05:07:54 GMT
x-content-type-options: nosniff
server: cafe
age: 69593
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 22 Jan 2023 05:07:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3DA2 295 B
319 B 19ms
17ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: iplogger.org
URL: https://iplogger.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 09:50:10 GMT
x-content-type-options: nosniff
server: cafe
age: 52657
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 22 Jan 2023 09:50:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3DA2 0
0 51ms
49ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNwbMn0i4gaf3jZkT1YvNT5cHLaJHZucP9_QBDjC5az2Qs4K8c876AQvkKbbE0shH6ywZr0Ae1--idQP-4isDEI8xAng
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3DA2 0
0 62ms
61ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cji2HAoPMY4WcKbvO7_UPmsu1yA2c24uGbt22xPLwEP_Ror3AARABIMHlupcBYJXCpoKwB6ABnK_7qALIAQLgAgCoAwHIAwiqBOMBT9BHtGcr15hFgJqcILbNj8CQsAUKpFl8-yE4pI3ct8YanKiPpaTsiqitjyCjVWVKXgCgfJgAOEh9zZM1Q8_ql7slJ4HxCXTTzcdD0x-8tBrIcXYWBlZoDf3AbVoviewEsTiyOb_7bxz2DEsqfJ67R2rstc0_xiJIUffTCewBMxMw9--iNiZ3SAXbD6_PIda2hSk4Le3AR089hLJjdNj6HnhFNIvBu71YOk2T-20bfwHsgSbXXBgv-kyVfiNrHxdJxfqvNyV4kIsuW1np7TiOmv5wBeAeBuLasQBQmWJjkY0VLgjABOrN6fCeBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKiiDNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMO0BUBmBYBgBcBshceChwIABIUcHViLTQxNDg0MTIyMzM1MzA3NzcY1PBw&sigh=PbxtgI4U-3g&uach_m=[UACH]&cid=CAQSOwDq26N9v7qd2qJUWuFOgeLfg6wQdhrLkawVjWnNLm0M3TgDoVobBrtp1vh3ahVQJj9zaztOLPoYW26JGAEgEw
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 200A 624 B
288 B 28ms
26ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNW_GdJkpmQb9GKpjbzPfJj4rJ8hJTenk3EWOhb1eTAp0qEtcV4YunYvHbZoU95RxHMlctF-ziBqf-f--_N3n9hzw0EGwHeFEBuqZbmuGRu4JiNo4xsdL5p68YBJDLxYyOIx8YplhlPVYkfauw0g678ZFxBbi1uHNwWKp5R8XWww1S2hbBk

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AFEC 76 KB
27 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 00:27:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFEC 42 B
63 B 52ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CoEjZNSe7s8eH6bqqE3QY_DltzR5FFkHkj55Z3A8gmghz2tNlSty-gqG4hCmAR5PL95cb8L7pMGofVQhX0SyLRnO3VJKH82_QEPxCDhgEY_q6OPHY

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFEC 0
20 B 53ms
51ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2141554535208709295&x=1&ct=76

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame AFEC 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 16:55:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame AFEC 18 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 16:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 16:49:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFEC 155 KB
48 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 00:27:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0E51 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPm84AoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT4AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ6pRFQGP2J14eCgsMFHr04WU7u0-O82nJD1A_GlfK9KJM0eK_7C24AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00MTQ4NDEyMjMzNTMwNzc3GNTwcA&sigh=fa7hzIEVYE4&uach_m=[UACH]&cid=CAQSOwDq26N9v7qd2qJUWuFOgeLfg6wQdhrLkawVjWnNLm0M3TgDoVobBrtp1vh3ahVQJj9zaztOLPoYW26JGAEgEw&tpd=AGWhJmtCzup7-oiAJ5eFzRq4a_DjutywbErtHr70bfLCfy2SSZUxs4yLE1zsai-rpeaMNaQbtgqz6--dsyLBnb-Rkt-g8AEqujEjsxXos-b1oIAfMNPsCvKWmT0CuNPJ4Booq2XMdhafy1hhggPmt0X8KQhuyMXsl7aPyyWj4ptqg6hm-wn_6asScw593Uk5csRWwPsCQw-ry4XW02tDmtCkaETWxfbyzN8MyTVYrjYpPvWmMwia3shcdRHqmTg-9kNH8b2tuwj7mC0nhDt3BQhaMhyMyVjxAIKA5aDT1-fGkFsBgnvjWrRPExazYrnpyU0VjSIYFO_rjjfDtPy8c363RIEYBwDtwvhJYRbQsxZO7_K6eXiHkp0-RHUM_NVNEy3sSKh86IZwozkbCucAIQcUkjeUvsCoDkQmuf2rH0gXhfj3IrdC1ciKtAOCyxIwnI1O73uYRTo6ZYq_rSUV8xwSo-VcvKGpRrDQkM85DViPC5qz_A6WlHNsfwNZoakON94GaiYZtrwLuBg5hpABF9-G61Jv25QqXo-njEcE23riACNLNluyBdSRdkqZud4HTtcpbdyuRrPAvULc0FYQaTP-JuJemNGcHvhsB1_BY3il2NgS-jJXBjtGn4lGQBpfBMzYs4jjZuhxNX07R_ryGNmX7p_geipOL0p12ftbgMqmyfqbW87KFig3h65N4hyGmMR4P42Ggo1xA0xkqKShZ8tmlfPQ4rmTRtWmyieX08WvOgJ6kT5N87Zgz5ffMie6XllaRZimw785sXiU4jtRdCzENHXWbH1icp3ZLHy6WELzmayCA3r1z4-emurF-rJZvyqOlm23B1p1bREHkrGVkOqbzw_AvQYa9Bg1wTHjW9NNhF4OJWwq8HfyC2yPzVRKSOH2JxBx1X4Smj7DNwudvW21kKdsu91jky0hHwoNVaK6kNZ3ek_7zOnsPdVU2DKGYif2BOiv9kE75v9waYznuPDI4GVA5K43DdwA0eLF4NR__dX5FWfEGdNVZiew4fCRXZ5Ni6wuqL9tvKGDbi9rJ4d1sBMMNLZnkiTs1K-N5oO4h7sseiDrokFoBlWIUv7RmRgLeAMqWrCOQuVEq1CRXvSpFrlVvvXyXU5Y7HqmifBcNndadMYYcOc
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 0E51 3 KB
2 KB 91ms
55ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURJM04yWmtaV010WlRVeE5pMDNNR0l3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODEzOTgzNzQyMTk0NjM4MDUvNjYyMjMzNS80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3REhJaXZGb2NuV0M1OW5GX1hOU19Jby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzgxMzk4Mzc0MjE5NDYzODA1L2Ftcy8wLzE0MC82Lzk5OS8zMjIvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2NzQzNDcyNjYvMTY3NDM1OTg2Ni80L3B1Yi00MTQ4NDEyMjMzNTMwNzc3Lw/27-UtHNcpacVnrt70r7K4VYYc4g&nodeid=3289&group=cdg&auctionid=6381398374219463805&pbs_auctionid=6381398374219463805&shardkey=6381398374219463805&sid=4562306&cid=6622335&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%26client%3Dca-pub-4148412233530777%26adurl%3D
Requested by: Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.377.0 /
Resource Hash: e6df2ba3d275bc4faee29a6a9bf7bd8c36100c264049e2caa441705e84e5dbe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
x-mm-nodeid: 3289
Content-Encoding: gzip
x-mm-bid-request-time: 1674347266
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Sun, 22 Jan 2023 00:27:46 GMT
Server: MMBD/3.377.0
x-mm-latency: 43 (0)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x69, cdg-bidder-x145
x-mm-lag: 1
Expires: Sun, 22 Jan 2023 00:27:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 0E51 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 16:55:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 0E51 18 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 16:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 16:49:02 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0E51 24 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 08:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 08:20:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E51 155 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 00:27:47 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame AF7E 36 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c9248e89892c7df957267e2dd48e86cad650b9a95fd0cf97e09813e023f5d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 17:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14243
x-xss-protection: 0
server: cafe
etag: 15919115603846298518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 17:32:11 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AF7E 24 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 08:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 08:20:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF7E 155 KB
47 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 00:27:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame AF7E 22 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 21:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 21:04:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame AF7E 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 16:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 16:55:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame AF7E 18 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 16:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 16:49:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AF7E 0
0 50ms
49ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3krwTK90ktdC4cshe43lubIcmRNBwO0gclFe2R6j2qXYOUnHCAvO-QvQPS-QN7zGv9UqdYHs-EWm6yrlizLkVeE66EQ
Requested by: Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 200A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1&C=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNW_GdJkpmQb9GKpjbzPfJj4rJ8hJTenk3EWOhb1eTAp0qEtcV4YunYvHbZoU95RxHMlctF-ziBqf-f--_N3n9hzw0EGwHeFEBuqZbmuGRu4JiNo4xsdL5p68YBJDLxYyOIx8YplhlPVYkfauw0g678ZFxBbi1uHNwWKp5R8XWww1S2hbBk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 200A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8yDA4cEkej7q1cKSkb7aAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNW_GdJkpmQb9GKpjbzPfJj4rJ8hJTenk3EWOhb1eTAp0qEtcV4YunYvHbZoU95RxHMlctF-ziBqf-f--_N3n9hzw0EGwHeFEBuqZbmuGRu4JiNo4xsdL5p68YBJDLxYyOIx8YplhlPVYkfauw0g678ZFxBbi1uHNwWKp5R8XWww1S2hbBk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEnQFhtTo1tqzer1zvLJuU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 200A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECG3VE7C_WsGaPKcBXQQIVo&google_cver=1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECG3VE7C_WsGaPKcBXQQIVo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNW_GdJkpmQb9GKpjbzPfJj4rJ8hJTenk3EWOhb1eTAp0qEtcV4YunYvHbZoU95RxHMlctF-ziBqf-f--_N3n9hzw0EGwHeFEBuqZbmuGRu4JiNo4xsdL5p68YBJDLxYyOIx8YplhlPVYkfauw0g678ZFxBbi1uHNwWKp5R8XWww1S2hbBk

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:47 GMT
AN-X-Request-Uuid: 5f49c104-aa42-45fa-8f1d-1bd03465a1ef
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECG3VE7C_WsGaPKcBXQQIVo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 200A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1MzU1MjY4MzEzODQ4MzAzNA%3D%3D

170 B
243 B

33ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1MzU1MjY4MzEzODQ4MzAzNA%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 36c4697e-41ed-44ca-a3e8-7b1229ece176
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1MzU1MjY4MzEzODQ4MzAzNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 1909749546699948304
s0.2mdn.net/simgad/ Frame AF7E 259 KB
259 KB 101ms
40ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1909749546699948304

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cca3db544bb753d29f058bea7ec72ba176df1e475329c92148cb2ff3b13083d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 08:49:03 GMT
x-content-type-options: nosniff
age: 401924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264836
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 16:37:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 08:49:03 GMT

GET
H2 200 454658287837689781
s0.2mdn.net/simgad/ Frame AF7E 80 KB
80 KB 76ms
14ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/454658287837689781

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b84495e0e00851129198a3d9676758e12767ab5315e82635cb900ddb46c41fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 08:49:03 GMT
x-content-type-options: nosniff
age: 401924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81586
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 16:37:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 08:49:03 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFEC 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2575017175101&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFEC 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2575017175101&version=m202209210101&ct=76&x=1&cor=2141554535208709400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AFEC 68 KB
32 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bi6pVm2oBxlNjtHhsv8nx1NP825NrB0j0iADwmcffBiovrWj8rdiqHEftkNrNXGynRRKJ2UgARKYP781Igi1EDwNH29A&cry=1&dbm_d=AKAmf-DYpFgT9mb9euiYqLbpW7ctMUfRV98Z5zSeGJQElpfUu00vxj2-2irICjV1f-31Foq61Igw6FLq8OZrYooBNaSjNeieDdY7gn-Q1bxkWz2_mFWPXbZOFXTiscAk0q1d-Klg5tTYcVpP8Nr5tC3Hkuheqk2LID-2ToWaFyeUEMGoBXSRcxLM7Tm_Xei4dM-e5-7CXusfl1NdKMnnpn8opBReFnMhB7w_IE2zizqT3vIUVOm0R-vkdDu4AcmKnRc25yj5eOqsprivnzc3hWr6BDNp3DQ0S8YiQVErCZ_6u9cebsc8TUg50oQ_0TxKNYxVedQ9VLnrYcHwrULdoBQNh1hcGPShLcGvVCIQBdTaYRxzpn3lO0ZmW_Fps-mnmcZ9rMDCSBsQrgSku1KpSkZQASKnC4SZTXFVEJhrstUOHr3K7mhDOMjMtrr9ffuYUje4PrUcmFLcM5Adj2D7NMWiVpPRmzSu069tVNPbinoW5lBxbD5izjmJICpnqEusbO5RPcZCL1QO_XZzZjoseg7MFpp5xr_C7EeQlqCGSaz_ga-z3gnNoYpqBB6NNHwTwfKtZ7Vhpj-uBUQNqDiO8F9t9xy7aXVY0jCDc_5io7bRldzY1kTn7e08iiOH0dvvOx0yc6kUBlH234bhtocWLHRkbJbJqs8elcCSDzDmCsJZ-dlY6jb74naB3SX_CTkuvAjKt7zmpBI_FzgqDcO-2ELQHG9RC_9apqOVrvTsLASdjNdJwJ5QKQQ0DsEWzamJIcAKcX1hKd8I-350mA6rSei2zXRVVeej0UOt7Akb5JyL0mv2uu-N-IE3sAeufJgAQNryOIH_lgpi2RpHIXDvR6Nh110JpTFaqLpAECGwUG12tfr94G3MPdxVtYG7OB9ZAE1_xNhSlif6CycjAEc2OgNzXwJxXbgtt8Lz0s30u4dk0geu9eaQC6IasvkHFFkMTbN0b6hdADxnIDoTwJXoOfQU2YKCS4Ch7LhRS_wLipCRD-AYGsiwYRDno4jG9A2gTY7patElM4jJ6ucqUn9JvvljZEewffCgEq7Yl9aciY6eihUIdcDbyGXsJvPnTUZn0nljbVe-XRuTjgu2PCX-3JuSxQ4aU-s4It8muKvCE0r768xhQ8t3Fs40v3SyGddcYt2WntXBUeuQ5c07a2ichmiPYvrPmS2YcBZezsn5UX0z4oUtNda9IGgzyRgZeWLAsGm7Asip3fVNS5QfkVCvbvYeqlEabBiJwbktikfdqS0YqGiS3QYaXkZQfC4ofivJuYg2Vaz0Syv7F5ZjSIZTsWXB4Va41RT_l1R69GisIRt5RJm_8ZVp13U1XglXqyClnlQgQ49aHNQNYYR4khpGtt4koRbncvVKI22Nl2mc724PdKHnNDNK4YulHI3EPVjhSUMuBiKxydlLMZO6j1x9jb9kGmGY7BGe4Q59AkWaxx7clMVjic86PZLtYGQT8RaaOITDjOwqWA8j7dPi6rYMzX03Jive0xJGWaaRp2cObXUf1mAzoZXsVOYfP0JBHw2a1FNvtuA0QYRgcbBpPZ_Sf8iEuIxOwrDXLezq46Q-VT0BIZ15ICOk0A9Oxks_Pbv28qsprJDbpIX0Gv_kkmTp10TFDNQ_qlf1vIO6ksSLQowifUQ8OQ7WTyWs9u8_5vy-SRcO1w4E6JYB6NtQgUQejgnqIVycIICwjkEphg8hosIzI4cuPhOMLAAYmck1l_n37UWzinT8gpVTgeQxnJTvuykTc3HMjyyNBmOUZKmV1HXZQ8257_cdcOqjenr6lscc8d0UPfskGjXgt6HVJFkrdsaWtTUeuUohaaQaRSJGzzWePX-QFhBKBxQkb8gOHclV32dz60EmLurUc9-XT0bjAde_r5wUMkud_8IpWfEQ2EnmBGTelM2puT0OP9W4K-K0ggPCYnICv7fF-SwBak-JhQSS9505ayNPRxJio6FHALrZWbcKaWPHCUjhEyFXZu8jrCSSURbm32g1PIUV_6-PME-7Af-QL-ZbOHep-ppI1yT_EAnLuNKP5ThGpo_5HDYJ9nQpJTnF9vOPregrcp_AIvkseqW2p7K96H2yWEGNdY-HN40uYOe107Lo2cepRxXSgI_KmVF57JlH6ze7BmGIu78mwJizxbxJtmVia8CMCGGs_7MTm471RZ5kLKuex6NYY2UAYpvC0ZdbTjasdUTu56fIXj_nAj8alalLF8D4WDlqeMdffxXw27-5-nw8enGf171-Z3Ds5QG5aLInI-80h6k9m7lZeJ18NLd9MxuyuHhl6JW_0HDZm8dJPIyywlq0OhMqpup_nbbU5HXEptVXBx7KPgvovmPEkadOmwK5LoXYgS17gt7SZTmrf4Z6Qj49oE9n0U59nkqc7JHIGPo7XD2tu3jbMKIyasWuA58dMkZBneuCut00zbYfTiQpiNJMsfBTW7YY1X3wCdMf3xb2WRWyRmUhjDEDmA8himNQACPkxLBL1sESkmjCYaqu921LXdB3UoP0N1yVy-Fz_S251IJO2Y2sLeudrGy-7hzoiKophI8tthSNNKYyO5C22wCK3dTFIm4apdj71bI_-NRtnu3Vn1sYYVY_COQKDh22oh27BX7ZQwnzysp_UWEFQyTGezugkz1FfWyBSPrzq7gPZ6YJ8s0QkSZzSZZQIzo_HXFj-J_YGma0zL5p1jufJb4yjPLyWFtZltgt2DqI8lcrzBGkq-27MxTb6bcYBFQnCfn7fHUgtf5bYaCuUbHNqAxj-o_T6HK4nambKefamn73ScLGVa_ZcRIynMxtfARcRJNz1ck8zQ2sUVyyEOo7gUqzml83X2pMbI8RoyobqfnkkPjvxGXtHVuA4aMLMvGDTILsIZ9y0XvyaXCVMDAgodPvInFLPRvV5QoYAAf-JsHub4inzXuLD5hjUjKM47xqreV-JlPGIVOdGotPVosaAPGrxky9ZUy5DffK0EZnxdvtVnFCmVnYcq4rV9p4RUKpsNjGFHKrdX3rbEwcOtc7Ng9LLmDCOUxX_vv_IQchVIIsN5yNr5lWYUA4RFz6M1NKbEMYH_DmorFvddujY-lyAOpyST0RTzgoq94NF01lc0ifkEb-QKAE1Gr2jNs_c0HgJt3RP0x0eAihsV4&cid=CAQSOwDq26N9v7qd2qJUWuFOgeLfg6wQdhrLkawVjWnNLm0M3TgDoVobBrtp1vh3ahVQJj9zaztOLPoYW26JGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fiplogger.org%2F&ds=l&xdt=1&iif=1&cor=2141554535208709400&adk=1964084972&idt=50&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27bb84f2385305326b108901cc366406c277fbfb9aca9f44ad3d0a99f1478cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33160
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2769 143 B
166 B 14ms
12ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:51:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0C52 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 12:19:16 GMT
etag: 48472445140208031
expires: Sun, 22 Jan 2023 12:19:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK s2gk7r78n0fa Show response
hal9000.redintelligence.net/zone/ Frame 0E51 10 KB
4 KB 44ms
13ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/s2gk7r78n0fa?subid=&gdpr=1&gdpr_consent=li&rnd=6381398374219463805&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqQ-RnB9WGahjnrM3z_M_jQ%26exch_seat%3D20035004448%26mt_aid%3D6381398374219463805%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_cid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%2526client%253Dca-pub-4148412233530777%2526adurl%253D%26redirect%3D
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a47a9bed5704fa09480990932cb9713a5bb1e45b50dd731906012a818fdb8d62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3399
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 0E51 49 B
330 B 69ms
43ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6381398374219463805&node_id=3289&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURJM04yWmtaV010WlRVeE5pMDNNR0l3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODEzOTgzNzQyMTk0NjM4MDUvNjYyMjMzNS80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3REhJaXZGb2NuV0M1OW5GX1hOU19Jby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzgxMzk4Mzc0MjE5NDYzODA1L2Ftcy8wLzE0MC82Lzk5OS8zMjIvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2NzQzNDcyNjYvMTY3NDM1OTg2Ni80L3B1Yi00MTQ4NDEyMjMzNTMwNzc3Lw/27-UtHNcpacVnrt70r7K4VYYc4g&nodeid=3289&group=cdg&auctionid=6381398374219463805&pbs_auctionid=6381398374219463805&shardkey=6381398374219463805&sid=4562306&cid=6622335&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%26client%3Dca-pub-4148412233530777%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.377.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Server: MMBD/3.377.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x76, cdg-bidder-x145
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 22 Jan 2023 00:27:46 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 0E51 43 B
404 B 49ms
18ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6381398374219463805&v3=651871&v4=4562306&v5=6622335&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURJM04yWmtaV010WlRVeE5pMDNNR0l3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODEzOTgzNzQyMTk0NjM4MDUvNjYyMjMzNS80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3REhJaXZGb2NuV0M1OW5GX1hOU19Jby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzgxMzk4Mzc0MjE5NDYzODA1L2Ftcy8wLzE0MC82Lzk5OS8zMjIvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2NzQzNDcyNjYvMTY3NDM1OTg2Ni80L3B1Yi00MTQ4NDEyMjMzNTMwNzc3Lw/27-UtHNcpacVnrt70r7K4VYYc4g&nodeid=3289&group=cdg&auctionid=6381398374219463805&pbs_auctionid=6381398374219463805&shardkey=6381398374219463805&sid=4562306&cid=6622335&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%26client%3Dca-pub-4148412233530777%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 357 2feb0b5 master cdg-pixel-x15 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Server: MT3 357 2feb0b5 master cdg-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 22 Jan 2023 00:27:46 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 0E51 49 B
330 B 71ms
45ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6381398374219463805&st=4562306&time=1674347267&nodeid=3289
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURJM04yWmtaV010WlRVeE5pMDNNR0l3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODEzOTgzNzQyMTk0NjM4MDUvNjYyMjMzNS80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3REhJaXZGb2NuV0M1OW5GX1hOU19Jby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzgxMzk4Mzc0MjE5NDYzODA1L2Ftcy8wLzE0MC82Lzk5OS8zMjIvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2NzQzNDcyNjYvMTY3NDM1OTg2Ni80L3B1Yi00MTQ4NDEyMjMzNTMwNzc3Lw/27-UtHNcpacVnrt70r7K4VYYc4g&nodeid=3289&group=cdg&auctionid=6381398374219463805&pbs_auctionid=6381398374219463805&shardkey=6381398374219463805&sid=4562306&cid=6622335&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%26client%3Dca-pub-4148412233530777%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.377.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Server: MMBD/3.377.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x25, cdg-bidder-x145
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 22 Jan 2023 00:27:46 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3DA2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

22ms
22ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H3
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Sun, 22 Jan 2023 00:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame AFEC 28 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bi6pVm2oBxlNjtHhsv8nx1NP825NrB0j0iADwmcffBiovrWj8rdiqHEftkNrNXGynRRKJ2UgARKYP781Igi1EDwNH29A&cry=1&dbm_d=AKAmf-DYpFgT9mb9euiYqLbpW7ctMUfRV98Z5zSeGJQElpfUu00vxj2-2irICjV1f-31Foq61Igw6FLq8OZrYooBNaSjNeieDdY7gn-Q1bxkWz2_mFWPXbZOFXTiscAk0q1d-Klg5tTYcVpP8Nr5tC3Hkuheqk2LID-2ToWaFyeUEMGoBXSRcxLM7Tm_Xei4dM-e5-7CXusfl1NdKMnnpn8opBReFnMhB7w_IE2zizqT3vIUVOm0R-vkdDu4AcmKnRc25yj5eOqsprivnzc3hWr6BDNp3DQ0S8YiQVErCZ_6u9cebsc8TUg50oQ_0TxKNYxVedQ9VLnrYcHwrULdoBQNh1hcGPShLcGvVCIQBdTaYRxzpn3lO0ZmW_Fps-mnmcZ9rMDCSBsQrgSku1KpSkZQASKnC4SZTXFVEJhrstUOHr3K7mhDOMjMtrr9ffuYUje4PrUcmFLcM5Adj2D7NMWiVpPRmzSu069tVNPbinoW5lBxbD5izjmJICpnqEusbO5RPcZCL1QO_XZzZjoseg7MFpp5xr_C7EeQlqCGSaz_ga-z3gnNoYpqBB6NNHwTwfKtZ7Vhpj-uBUQNqDiO8F9t9xy7aXVY0jCDc_5io7bRldzY1kTn7e08iiOH0dvvOx0yc6kUBlH234bhtocWLHRkbJbJqs8elcCSDzDmCsJZ-dlY6jb74naB3SX_CTkuvAjKt7zmpBI_FzgqDcO-2ELQHG9RC_9apqOVrvTsLASdjNdJwJ5QKQQ0DsEWzamJIcAKcX1hKd8I-350mA6rSei2zXRVVeej0UOt7Akb5JyL0mv2uu-N-IE3sAeufJgAQNryOIH_lgpi2RpHIXDvR6Nh110JpTFaqLpAECGwUG12tfr94G3MPdxVtYG7OB9ZAE1_xNhSlif6CycjAEc2OgNzXwJxXbgtt8Lz0s30u4dk0geu9eaQC6IasvkHFFkMTbN0b6hdADxnIDoTwJXoOfQU2YKCS4Ch7LhRS_wLipCRD-AYGsiwYRDno4jG9A2gTY7patElM4jJ6ucqUn9JvvljZEewffCgEq7Yl9aciY6eihUIdcDbyGXsJvPnTUZn0nljbVe-XRuTjgu2PCX-3JuSxQ4aU-s4It8muKvCE0r768xhQ8t3Fs40v3SyGddcYt2WntXBUeuQ5c07a2ichmiPYvrPmS2YcBZezsn5UX0z4oUtNda9IGgzyRgZeWLAsGm7Asip3fVNS5QfkVCvbvYeqlEabBiJwbktikfdqS0YqGiS3QYaXkZQfC4ofivJuYg2Vaz0Syv7F5ZjSIZTsWXB4Va41RT_l1R69GisIRt5RJm_8ZVp13U1XglXqyClnlQgQ49aHNQNYYR4khpGtt4koRbncvVKI22Nl2mc724PdKHnNDNK4YulHI3EPVjhSUMuBiKxydlLMZO6j1x9jb9kGmGY7BGe4Q59AkWaxx7clMVjic86PZLtYGQT8RaaOITDjOwqWA8j7dPi6rYMzX03Jive0xJGWaaRp2cObXUf1mAzoZXsVOYfP0JBHw2a1FNvtuA0QYRgcbBpPZ_Sf8iEuIxOwrDXLezq46Q-VT0BIZ15ICOk0A9Oxks_Pbv28qsprJDbpIX0Gv_kkmTp10TFDNQ_qlf1vIO6ksSLQowifUQ8OQ7WTyWs9u8_5vy-SRcO1w4E6JYB6NtQgUQejgnqIVycIICwjkEphg8hosIzI4cuPhOMLAAYmck1l_n37UWzinT8gpVTgeQxnJTvuykTc3HMjyyNBmOUZKmV1HXZQ8257_cdcOqjenr6lscc8d0UPfskGjXgt6HVJFkrdsaWtTUeuUohaaQaRSJGzzWePX-QFhBKBxQkb8gOHclV32dz60EmLurUc9-XT0bjAde_r5wUMkud_8IpWfEQ2EnmBGTelM2puT0OP9W4K-K0ggPCYnICv7fF-SwBak-JhQSS9505ayNPRxJio6FHALrZWbcKaWPHCUjhEyFXZu8jrCSSURbm32g1PIUV_6-PME-7Af-QL-ZbOHep-ppI1yT_EAnLuNKP5ThGpo_5HDYJ9nQpJTnF9vOPregrcp_AIvkseqW2p7K96H2yWEGNdY-HN40uYOe107Lo2cepRxXSgI_KmVF57JlH6ze7BmGIu78mwJizxbxJtmVia8CMCGGs_7MTm471RZ5kLKuex6NYY2UAYpvC0ZdbTjasdUTu56fIXj_nAj8alalLF8D4WDlqeMdffxXw27-5-nw8enGf171-Z3Ds5QG5aLInI-80h6k9m7lZeJ18NLd9MxuyuHhl6JW_0HDZm8dJPIyywlq0OhMqpup_nbbU5HXEptVXBx7KPgvovmPEkadOmwK5LoXYgS17gt7SZTmrf4Z6Qj49oE9n0U59nkqc7JHIGPo7XD2tu3jbMKIyasWuA58dMkZBneuCut00zbYfTiQpiNJMsfBTW7YY1X3wCdMf3xb2WRWyRmUhjDEDmA8himNQACPkxLBL1sESkmjCYaqu921LXdB3UoP0N1yVy-Fz_S251IJO2Y2sLeudrGy-7hzoiKophI8tthSNNKYyO5C22wCK3dTFIm4apdj71bI_-NRtnu3Vn1sYYVY_COQKDh22oh27BX7ZQwnzysp_UWEFQyTGezugkz1FfWyBSPrzq7gPZ6YJ8s0QkSZzSZZQIzo_HXFj-J_YGma0zL5p1jufJb4yjPLyWFtZltgt2DqI8lcrzBGkq-27MxTb6bcYBFQnCfn7fHUgtf5bYaCuUbHNqAxj-o_T6HK4nambKefamn73ScLGVa_ZcRIynMxtfARcRJNz1ck8zQ2sUVyyEOo7gUqzml83X2pMbI8RoyobqfnkkPjvxGXtHVuA4aMLMvGDTILsIZ9y0XvyaXCVMDAgodPvInFLPRvV5QoYAAf-JsHub4inzXuLD5hjUjKM47xqreV-JlPGIVOdGotPVosaAPGrxky9ZUy5DffK0EZnxdvtVnFCmVnYcq4rV9p4RUKpsNjGFHKrdX3rbEwcOtc7Ng9LLmDCOUxX_vv_IQchVIIsN5yNr5lWYUA4RFz6M1NKbEMYH_DmorFvddujY-lyAOpyST0RTzgoq94NF01lc0ifkEb-QKAE1Gr2jNs_c0HgJt3RP0x0eAihsV4&cid=CAQSOwDq26N9v7qd2qJUWuFOgeLfg6wQdhrLkawVjWnNLm0M3TgDoVobBrtp1vh3ahVQJj9zaztOLPoYW26JGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fiplogger.org%2F&ds=l&xdt=1&iif=1&cor=2141554535208709400&adk=1964084972&idt=50&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 16:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 10713822464293745175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 16:47:55 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame AFEC 8 KB
3 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 16:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 16:47:06 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AFEC 0
0 128ms
66ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQMSJFvr3shJsbj8CjOeoIagGrUyLXMvBAfDVY9UQIw5WNbIOV5smJnhG18hm85cjsY15AlLSveGWG9KX3ygP8WreeCuH_QZYGnrsIHQybrvvEc8wQsGkaD2ySC1S4Gb0KGFmMWkkomOWrtrdPCTawqOV7mOY2PhqZy1gGg0lfX64MVpgoZ_FJMpRXGFXDGWXc3me670b2xopU9UO9TAJMW0LZbQnC4ZiT5rQMzZP414tt1evFMqv_7_8CxGtGsfhMhDG87c_-VDygYQrK6SNAXImZ3WcK-KVG1TsnObjgmTaxv13MsgS7v-mhmdAGpsGihvuzDKR1RJR8Ezse742pkZkzn_FgPlaszrcCzw3OsU2mIiidldq75fSbeIyJk8rDkcZvfc_fRR05JRosv-6Aby1REdSZfIgJL-xlPoQlxX9CnW0hHdsOtiprfbUk1h4_TvIQvnOK_w9SjkjtCtxEZcmfLmnWPZFi6dSXyAO_wQ5XVgZ20mH97Z6B2m_v9u5o1rov4w3MeAHL5C4YB67ZHCBW_gHkq2MyMvFzlRQxaJ5pEjjVsH5qDyXplC9IfeJDOA8IgVaVgvdiG_UOsEmKglhq8mhwVH-K6kXpVoCFD54c5i8pYZNpJa1lTgs0UJlbTTwAyPwr0d18sHc8jHKkF_VppnTXL98YyoefneY3KgGrZysdi5gf6MU0k1b5EWnLvxZApFSDH6ds9KKB--BqOYq45IP3_xaHRveKBixzKegLtnqXJQKZ3dtPexo82fKAlrzEzzPaztmSdofUKjUHvzPaCmFmg1RKcW_IjncyNLTaROLW421fmXg758JzRilzCCTQsf54cRJsdCDxxDn5-QVGJEHA5pAe5cronSO5PWLvTgcZc2TA4WXsHpmYYzGT4E0V7KCXVqGWNNWsoR4NHdzdgaToTCcsAT4pYm1JG1U5UO_A51Bw6A4AP_GCHnkktBTmcSO_HQ70_fQu-WMrWco3GEHpwTkZGhoG3-SwVvYyRH-_CVjSP7eyj1TQSMuERMrd_O-YKvIpXRiCVJ132RNlsapGAQCh6nsAd-4tMt7EXbw_8GZXiGQEllJC8XWVByL5SOuVekch2SjqJdF-Wh5H8wwr2oop1ngs0t65MgkflqXqV4j-TW9nA6fgY8PlqVH4Z1Zi7TdniUBrK8DZUNEH97RRbkAQ9wyO99Osy0bZHHnH&sai=AMfl-YSvfIpiCNHRZsVGR24AwA1diHLIXW0ncUkMUbz-Pqrv4-4OHkcTBt5DDAOZVLGbhRgi5sNFAEjRHMIVhYV5ks_Vc9FZlmhONzmhLZI_371eGqCpvUiuRq_U98I9lDfNYgoLUPS-BJhKVOReLJAVMWh9XdffNCiPiBKAVtJcFW91DbUW_B962E8i0UFN3ZtZbnrQTvRO0SGRSTqgy5hOvn_8MUgmx1h1Uj6zDYURzMkx5feDKR7vk5HJeEqCRbCH4CJnxNgVas4&sig=Cg0ArKJSzAEYWdmQhYh_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20230118.43197&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 22 Jan 2023 00:27:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 22 Jan 2023 00:27:47 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AFEC 41 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 18:29:42 GMT

GET
H2 200 18122660957918268753
s0.2mdn.net/simgad/ Frame AFEC 29 KB
30 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/18122660957918268753

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81943eaaed3d4739c31bd71d834b6d2597d7ae14e0114757c35d03f5449b1dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 23:42:55 GMT
x-content-type-options: nosniff
age: 175492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30144
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 07:05:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 23:42:55 GMT

GET
H3 200 17151093467137003493
tpc.googlesyndication.com/simgad/ Frame 3DA2 41 KB
41 KB 17ms
17ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17151093467137003493?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkQT6g87GIQz2OMFp4cw6IJOSl3YQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022301041800000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a55836eea57e7407140855fef88ad78d2235d3826f651e5621f80f9d8dbaa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:35:50 GMT
x-content-type-options: nosniff
age: 204717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42302
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 15:58:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jan 2024 15:35:50 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3DA2 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022301041800000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 05:07:54 GMT
x-content-type-options: nosniff
server: cafe
age: 69593
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 22 Jan 2023 05:07:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3DA2 295 B
319 B 21ms
21ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022301041800000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 09:50:10 GMT
x-content-type-options: nosniff
server: cafe
age: 52657
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 22 Jan 2023 09:50:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C52
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMNUiIfpNsfxn0x1SF-KbCY&google_cver=1&google_push=AavPq0P78BNSsvY4iI79P0WetLpFvorwRJq3eACLpKLLsjIsAbpBIIXTQpIh9dbMRHVMdsGoHrf0BNOr_CSPhh99...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=5eZjzIMDQwG14P6_lSgLGA&google_push=AavPq0P78BNSsvY4iI79P0WetLpFvorwRJq3eACLpKLLsjIsAbpBIIXTQpIh9dbMRHVMdsGoHrf0BNOr_CSPhh991qSGQjycsiM

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=5eZjzIMDQwG14P6_lSgLGA&google_push=AavPq0P78BNSsvY4iI79P0WetLpFvorwRJq3eACLpKLLsjIsAbpBIIXTQpIh9dbMRHVMdsGoHrf0BNOr_CSPhh991qSGQjycsiM

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Server: MT3 357 2feb0b5 master zrh-pixel-x26 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=5eZjzIMDQwG14P6_lSgLGA&google_push=AavPq0P78BNSsvY4iI79P0WetLpFvorwRJq3eACLpKLLsjIsAbpBIIXTQpIh9dbMRHVMdsGoHrf0BNOr_CSPhh991qSGQjycsiM
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 22 Jan 2023 00:27:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C52
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_push=AavPq0Pf6TA6FpIDllQp4TgXCkBH8_Cqh8pKYo2EL2Tgglc-dWswBKpkWV...

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_push=AavPq0Pf6TA6FpIDllQp4TgXCkBH8_Cqh8pKYo2EL2Tgglc-dWswBKpkWV0APqEjvG6XnT5cmchE84mRftMO-UGDDmba2yp6hfE

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220072-HHN
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674347267.295763,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_push=AavPq0Pf6TA6FpIDllQp4TgXCkBH8_Cqh8pKYo2EL2Tgglc-dWswBKpkWV0APqEjvG6XnT5cmchE84mRftMO-UGDDmba2yp6hfE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0C52 70 B
265 B 135ms
36ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKesWLR0CpTPeSTnicVQq2s&google_cver=1&google_push=AavPq0Oy4aejnyLnHTY0-ctaW6-Pwda2NXnLo4QaITNab0k1IBI4R2mE46HTrJaxgkKwV2z_QdLwLlbIQNBzq9G8XbX_Ba0ekoI
Requested by: Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C52
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGY09DGY83MPCGabjTcEwcM&google_cver=1&google_push=AavPq0PH-2KMzFeizXnlmrhqDYMr4bpUnt-Vd562LuwslLym20wNGjD7R5y1DSjoRSH1nCOzpTHFBtPQm4ecmh36...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oxQTURXFSWCWH9ccuCHc1A2&google_push=AavPq0PH-2KMzFeizXnlmrhqDYMr4bpUnt-Vd562LuwslLym20wNGjD7R5y1DSjoRSH1nCOzpTHFBtPQm4ecmh36PLNVXu5_32g

170 B
188 B

25ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oxQTURXFSWCWH9ccuCHc1A2&google_push=AavPq0PH-2KMzFeizXnlmrhqDYMr4bpUnt-Vd562LuwslLym20wNGjD7R5y1DSjoRSH1nCOzpTHFBtPQm4ecmh36PLNVXu5_32g

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 22 Jan 2023 00:27:47 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oxQTURXFSWCWH9ccuCHc1A2&google_push=AavPq0PH-2KMzFeizXnlmrhqDYMr4bpUnt-Vd562LuwslLym20wNGjD7R5y1DSjoRSH1nCOzpTHFBtPQm4ecmh36PLNVXu5_32g
x-host: tde-deliveryengine-production-fb497649f-w5kqd
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C52
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENfAAw7iZJE5SEEeKEYjwEg&google_cver=1&google_push=AavPq0NA5wtHt44Tj4FZg7APIoQ1uQ220QvDhN8zrcgE7oh4IouycfY9pbJWtsyWrRhxrVqC-qAlgxlyUddaSbot...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NA5wtHt44Tj4FZg7APIoQ1uQ220QvDhN8zrcgE7oh4IouycfY9pbJWtsyWrRhxrVqC-qAlgxlyUddaSbot34ciLbnRtg

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NA5wtHt44Tj4FZg7APIoQ1uQ220QvDhN8zrcgE7oh4IouycfY9pbJWtsyWrRhxrVqC-qAlgxlyUddaSbot34ciLbnRtg

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 22 Jan 2023 00:27:47 GMT
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NA5wtHt44Tj4FZg7APIoQ1uQ220QvDhN8zrcgE7oh4IouycfY9pbJWtsyWrRhxrVqC-qAlgxlyUddaSbot34ciLbnRtg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: F4T-NfgxW2PYanX6MXl-epjceKK8sZk--R9n33pJg1NOm0h5Vi_yiA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C52
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEElHcIQdUCNLfdXUvxHHc_c&google_cver=1&google_push=AavPq0PIjRV55SLioQ1eXQBL0TZAXwNJMs6Kr7dP7wlj3vZgiEfe6TldfW71p4q4iFDV9mNCtxsHa-fXjCWf...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PIjRV55SLioQ1eXQBL0TZAXwNJMs6Kr7dP7wlj3vZgiEfe6TldfW71p4q4iFDV9mNCtxsHa-fXjCWfKznJqxByLOadM70

170 B
188 B

27ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PIjRV55SLioQ1eXQBL0TZAXwNJMs6Kr7dP7wlj3vZgiEfe6TldfW71p4q4iFDV9mNCtxsHa-fXjCWfKznJqxByLOadM70

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PIjRV55SLioQ1eXQBL0TZAXwNJMs6Kr7dP7wlj3vZgiEfe6TldfW71p4q4iFDV9mNCtxsHa-fXjCWfKznJqxByLOadM70
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 0C52
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOdB-M-nTp1mFTDLwJrHPsg&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0Ple_4RUwycdl2Qx7ct1tkXpxAym0irRGFaLV-IZtDIWw7_VsSyYX49rgmS9hj_V9C1St2PNj58wOFmkinSCcKKxJ4pHhuv
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

32ms
32ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Sun, 22 Jan 2023 00:27:47 GMT
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0C52 0
50 B 26ms
21ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8NE1M1AYYT7CoblGRl8XH1l0zHVBUHIvlWPaWjZT2pwedZs7WQFSaLbYboqHobBRSfEeBzg

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2769
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
25ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:47 GMT
expires: Sun, 22 Jan 2023 00:27:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AFEC 0
0 91ms
54ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQMSJFvr3shJsbj8CjOeoIagGrUyLXMvBAfDVY9UQIw5WNbIOV5smJnhG18hm85cjsY15AlLSveGWG9KX3ygP8WreeCuH_QZYGnrsIHQybrvvEc8wQsGkaD2ySC1S4Gb0KGFmMWkkomOWrtrdPCTawqOV7mOY2PhqZy1gGg0lfX64MVpgoZ_FJMpRXGFXDGWXc3me670b2xopU9UO9TAJMW0LZbQnC4ZiT5rQMzZP414tt1evFMqv_7_8CxGtGsfhMhDG87c_-VDygYQrK6SNAXImZ3WcK-KVG1TsnObjgmTaxv13MsgS7v-mhmdAGpsGihvuzDKR1RJR8Ezse742pkZkzn_FgPlaszrcCzw3OsU2mIiidldq75fSbeIyJk8rDkcZvfc_fRR05JRosv-6Aby1REdSZfIgJL-xlPoQlxX9CnW0hHdsOtiprfbUk1h4_TvIQvnOK_w9SjkjtCtxEZcmfLmnWPZFi6dSXyAO_wQ5XVgZ20mH97Z6B2m_v9u5o1rov4w3MeAHL5C4YB67ZHCBW_gHkq2MyMvFzlRQxaJ5pEjjVsH5qDyXplC9IfeJDOA8IgVaVgvdiG_UOsEmKglhq8mhwVH-K6kXpVoCFD54c5i8pYZNpJa1lTgs0UJlbTTwAyPwr0d18sHc8jHKkF_VppnTXL98YyoefneY3KgGrZysdi5gf6MU0k1b5EWnLvxZApFSDH6ds9KKB--BqOYq45IP3_xaHRveKBixzKegLtnqXJQKZ3dtPexo82fKAlrzEzzPaztmSdofUKjUHvzPaCmFmg1RKcW_IjncyNLTaROLW421fmXg758JzRilzCCTQsf54cRJsdCDxxDn5-QVGJEHA5pAe5cronSO5PWLvTgcZc2TA4WXsHpmYYzGT4E0V7KCXVqGWNNWsoR4NHdzdgaToTCcsAT4pYm1JG1U5UO_A51Bw6A4AP_GCHnkktBTmcSO_HQ70_fQu-WMrWco3GEHpwTkZGhoG3-SwVvYyRH-_CVjSP7eyj1TQSMuERMrd_O-YKvIpXRiCVJ132RNlsapGAQCh6nsAd-4tMt7EXbw_8GZXiGQEllJC8XWVByL5SOuVekch2SjqJdF-Wh5H8wwr2oop1ngs0t65MgkflqXqV4j-TW9nA6fgY8PlqVH4Z1Zi7TdniUBrK8DZUNEH97RRbkAQ9wyO99Osy0bZHHnH&sai=AMfl-YSvfIpiCNHRZsVGR24AwA1diHLIXW0ncUkMUbz-Pqrv4-4OHkcTBt5DDAOZVLGbhRgi5sNFAEjRHMIVhYV5ks_Vc9FZlmhONzmhLZI_371eGqCpvUiuRq_U98I9lDfNYgoLUPS-BJhKVOReLJAVMWh9XdffNCiPiBKAVtJcFW91DbUW_B962E8i0UFN3ZtZbnrQTvRO0SGRSTqgy5hOvn_8MUgmx1h1Uj6zDYURzMkx5feDKR7vk5HJeEqCRbCH4CJnxNgVas4&sig=Cg0ArKJSzAEYWdmQhYh_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=25&vt=11&dtpt=25&dett=2&cstd=0&cisv=r20230118.43197&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 22 Jan 2023 00:27:47 GMT

GET
H/1.1 200
OK request.php Show response
hal90007.redintelligence.net/ Frame 0E51 3 KB
2 KB 153ms
116ms Script
application/x-javascript 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=ff30742779&subid=&uid=5e6388b9e2d93780&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqQ-RnB9WGahjnrM3z_M_jQ%26exch_seat%3D20035004448%26mt_aid%3D6381398374219463805%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_cid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%2526client%253Dca-pub-4148412233530777%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7365703828384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/s2gk7r78n0fa?subid=&gdpr=1&gdpr_consent=li&rnd=6381398374219463805&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqQ-RnB9WGahjnrM3z_M_jQ%26exch_seat%3D20035004448%26mt_aid%3D6381398374219463805%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_cid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%2526client%253Dca-pub-4148412233530777%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a991e8251e44bab71b802f997b78dd068396ec7896d36dc8611a07d1c6c227b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 52342200008717900951403012212007
Connection: close
Content-Length: 1163
Expires: Sun, 22 Jan 2023 00:27:47 +0100

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 64BE 1 KB
643 B 18ms
17ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 12:19:16 GMT
etag: 48472445140208031
expires: Sun, 22 Jan 2023 12:19:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AFEC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b2c43596b04fbe1be7ffe41967587555489d3a5698919a6901c26d4c3ecf365

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 371E 22 KB
8 KB 15ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 18:29:42 GMT
expires: Thu, 18 Jan 2024 18:29:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 64BE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-uU...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-...

43 B
414 B

169ms
160ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-uUA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-uUA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78d42a764de79b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 120
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-uUA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NRiTIs9M-eaSzt5t1_K-Y3ahvnQE3Y6Ur4GUgm_oG3YNRlxtvdSovRCGcZnunrJ2GwLpc_MgDlyoZQ7_itFYzLxEBM4R-uUA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78d42a751bbc9b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 64BE 70 B
264 B 40ms
37ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKesWLR0CpTPeSTnicVQq2s&google_cver=1&google_push=AavPq0PbiR9F1LpoYpBDb7v9_0KrzFcjLi9xlQc0ONHPCfhoqvqyzty6kwHkiE9WVkwfjPnt2SuSCjPKyyjGLncyEulffOZ87nLGdA
Requested by: Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 64BE 0
174 B 55ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEI6O3I7dcw1FMKwAJ72J1zE&google_cver=1&google_push=AavPq0M7JfME6QSj6b6BZZ4QlKHHVs_Tu3E5JR49rZmmKaEtZyH0Asn4TOqFy5oR2M5bXk33V-yi6GwtdbG20Ai3QMDbX1zCfOmQ
Requested by: Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64BE
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGY09DGY83MPCGabjTcEwcM&google_cver=1&google_push=AavPq0NjaIPxIRS-h3ksBY_YyHobyRplP-4IjMJXb71w7fq10Kc7NSjbVLH3SJ8JVLTiElF-kbRr4prn4p_paJ1k...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oxQTURXFSWCWH9ccuCHc1A2&google_push=AavPq0NjaIPxIRS-h3ksBY_YyHobyRplP-4IjMJXb71w7fq10Kc7NSjbVLH3SJ8JVLTiElF-kbRr4prn4p_paJ1kEg-kfbTrEm2I5w

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oxQTURXFSWCWH9ccuCHc1A2&google_push=AavPq0NjaIPxIRS-h3ksBY_YyHobyRplP-4IjMJXb71w7fq10Kc7NSjbVLH3SJ8JVLTiElF-kbRr4prn4p_paJ1kEg-kfbTrEm2I5w

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 22 Jan 2023 00:27:47 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oxQTURXFSWCWH9ccuCHc1A2&google_push=AavPq0NjaIPxIRS-h3ksBY_YyHobyRplP-4IjMJXb71w7fq10Kc7NSjbVLH3SJ8JVLTiElF-kbRr4prn4p_paJ1kEg-kfbTrEm2I5w
x-host: tde-deliveryengine-production-fb497649f-rzfph
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64BE
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEK0L1CpsOimEV4utYXelZfg&google_cver=1&google_push=AavPq0N2KbsqYhOPt-pVTPlUmEsGVuyrQADg2HxCDmDP4dZcSS9tmWd43UQHN4WDU4PWXhrfvxsd8SbyUl9eq5hJhTEOzcivhK...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0N2KbsqYhOPt-pVTPlUmEsGVuyrQADg2HxCDmDP4dZcSS9tmWd43UQHN4WDU4PWXhrfvxsd8SbyUl9eq5hJhTEOzcivhKn...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgzNzE2NTU3NDAzODI0NTkyMDY3NA%3D%3D&google_push=AavPq0N2KbsqYhOPt-pVTPlUmEsGVuyrQADg2HxCDmDP4dZcSS9tmWd4...

170 B
188 B

24ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgzNzE2NTU3NDAzODI0NTkyMDY3NA%3D%3D&google_push=AavPq0N2KbsqYhOPt-pVTPlUmEsGVuyrQADg2HxCDmDP4dZcSS9tmWd43UQHN4WDU4PWXhrfvxsd8SbyUl9eq5hJhTEOzcivhKnY_g

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgzNzE2NTU3NDAzODI0NTkyMDY3NA%3D%3D&google_push=AavPq0N2KbsqYhOPt-pVTPlUmEsGVuyrQADg2HxCDmDP4dZcSS9tmWd43UQHN4WDU4PWXhrfvxsd8SbyUl9eq5hJhTEOzcivhKnY_g
date: Sun, 22 Jan 2023 00:27:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64BE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBv31IcNDNaXIfjv1SrESys&google_cver=1&google_push=AavPq0OssPnHpVX21zmRxd5l2LxEHwPn4-E3CnyVsuyGHAT4RWguBVsG6T92PS_yAFoXjO9bpB...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBv31IcNDNaXIfjv1SrESys&google_cver=1&google_push=AavPq0OssPnHpVX21zmRxd5l2LxEHwPn4-E3CnyVsuyGHAT4RWguBVsG6T92PS_yAFoXjO9bpB...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WMzVLZWtORTJ1SFRqNkttX1oyRGFRZHg2aU5fYXZNU35B&google_push=AavPq0OssPnHpVX21zmRxd5l2LxEHwPn4-E3CnyVsuyGHAT4RWguBVsG6...

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WMzVLZWtORTJ1SFRqNkttX1oyRGFRZHg2aU5fYXZNU35B&google_push=AavPq0OssPnHpVX21zmRxd5l2LxEHwPn4-E3CnyVsuyGHAT4RWguBVsG6T92PS_yAFoXjO9bpBoVt2zGOoUGkFQN0JrVBomhgNK2OlI

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WMzVLZWtORTJ1SFRqNkttX1oyRGFRZHg2aU5fYXZNU35B&google_push=AavPq0OssPnHpVX21zmRxd5l2LxEHwPn4-E3CnyVsuyGHAT4RWguBVsG6T92PS_yAFoXjO9bpBoVt2zGOoUGkFQN0JrVBomhgNK2OlI
date: Sun, 22 Jan 2023 00:27:47 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64BE
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFO-hMAK7...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFO...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ff081c61-2dcd-423c-94dd-afd2058741d0&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

24ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ff081c61-2dcd-423c-94dd-afd2058741d0&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ff081c61-2dcd-423c-94dd-afd2058741d0&%%GOOGLE_PUSH_PAIR%%
date: Sun, 22 Jan 2023 00:27:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 64BE 0
12 B 22ms
21ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_ySO6juBAsvMl2Q14c0twv14IaVPifsLOnZiTOUnScvyc4U7F-4rVBnYjulZeeF7PRA-VMUE

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 371E 36 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 18:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 18:35:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011801&jk=801493282996564&bg=!NzSlNHDNAAYDMoyoIzI7ACkAdvg8WmAyzgO_O9EelNJ5_gaRXByJJxkgnNaghLVQll2OQ2j2Yj-ixgIAAABJUgAAAANoAQcKAPaIMztlGnEgJmaHBilsYS_52DgisVc21NSllatf5_IkQGq5pU060YD0SZ9N2l7tpb1vJ3tEwlkdevw7528Ik6Q95djjolYU7Ghub6Tqq1bYbF1yZuBYXq-mWILbveK0DN3D4tn23kARPJhvsbdymYmzSrhQNE_BqZOFoJg9-sgHO8Xjl_CYEVxhgKOuxdh4K8uY4k2k9G81_D2OE5UdoU1G-g8-26KcGGakqPGaM61MZrpbuf2eqbJJsd5HOYU3uv7qVFUh3w_pQD70djdnVxbhLtrWs7MwruINPiUhOblpBmmuomprYElPjDIfUaAUcIitYGR6PVKZAp0VwVJYwlXtf9JhBhbSN8xm_E7_80lNjFAAPW1vGAYsYQ0OFaE-ZTZuSY9LZfscDBJCM4fpsS9BSq1qgFCh9bYW61jOCTbKLfOZS98zmTz6rVR_Rt04s8qxbiAw-NVVYj7yo9qAoaJimPb2Og1h6rWaMlBlz9kk5uc-MYVqvePtSfdb0c_jmzdaUgHZoVNlAi_AtwQUovg1zE7M83hJGCqmrVjnFRXjyCvUu-WqgBtqnpjyftAIliPvqAulNX-2EGi5GyeihqTPkKKWFEPjmxAViXNEIOoEv794NYHUfmt2SsNky-88qJMbbwkZaiN6ocUy0oGgf6CtIfApIK1Lmdy9dx31Um3ovsqsCndu1bBQk0ycHxr1R__Uy7I1NztGZ4xq7l9Oa1LGXarKYZ_Tr5AterFDXYNAlshwQXRcUPWWlaqB8QXDdkZXP6sC8yUTDeRCueIl7lMT6EH-vrrhACj8l_W-pKyXgir0k4S4Kg7DFBNb1RjBQ-pqOuAsMhmv9sPwktEvYQ4N666Dfbz4qE16uMQGcrZTYcJwC_xBaHBQfZNcdCWH2J1RBo3PvWXmF3EqTDGhWKWHymQXWS51p_w_D3OYniFFU5a64Fmp9KIcRL1CSnEPdXn-8XcKGLdZkbUxC49_ZltQ5V5FnOlHzVJJUntn2XdwYoXJA9WP59DSGf72GSSWw5HBsIUrveSDbzOCorHRpdTcjrZLY40PK8Nay7Sf1u1XNU3j_CR1KsC0GocMZ17iTBFf2zqZ-8AT1l3Ubt4LHSLCFs5J36OQkXz1kWIc3JUJe3WXThyGVPkuElv6TanqUdmXdki8Y2m8uFSAqGS7w-urWfoNk_NbxutcSLyesOSDg_taQsLkkY6XVz7HQRE3Yf5bq76GN9k
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 54AA
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=52342200008717900951403012212007&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52342200008717900951403012212007&actionid=981741&produktid=&dt_url=

0
606 B

61ms
22ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52342200008717900951403012212007&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=ff30742779&subid=&uid=5e6388b9e2d93780&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqQ-RnB9WGahjnrM3z_M_jQ%26exch_seat%3D20035004448%26mt_aid%3D6381398374219463805%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_cid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%2526client%253Dca-pub-4148412233530777%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7365703828384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 Jan 2023 00:27:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 22 Jan 2023 01:27:47 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Sun, 22 Jan 2023 00:27:47 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52342200008717900951403012212007&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: B2A2D183:A458_91EFC182:01BB_63CC8303_FD97723:11271

GET
H2 200 / Show response
adv.office-partner.de/ Frame 8D09 930 B
931 B 90ms
24ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=ff30742779&subid=&uid=5e6388b9e2d93780&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqQ-RnB9WGahjnrM3z_M_jQ%26exch_seat%3D20035004448%26mt_aid%3D6381398374219463805%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_cid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%2526client%253Dca-pub-4148412233530777%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7365703828384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 22 Jan 2023 00:27:47 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 29 Jan 2023 00:27:47 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

htlp Show response
futalis.de/ Frame 74CD
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=52342200008717900951403012212007&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2114838770

350 B
409 B

49ms
17ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2114838770
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=ff30742779&subid=&uid=5e6388b9e2d93780&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqQ-RnB9WGahjnrM3z_M_jQ%26exch_seat%3D20035004448%26mt_aid%3D6381398374219463805%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_cid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%2526client%253Dca-pub-4148412233530777%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7365703828384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 22 Jan 2023 00:27:47 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2114838770
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 0E51 2 KB
2 KB 139ms
64ms Script
text/html 35.176.33.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=52342200008717900951403012212007&nw=1
Requested by: Host: iplogger.org
URL: https://iplogger.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 75bfecfbe28a59e2e73cd4dc63a85587280247f037fbd8775d269d853f10c416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
last-modified: Sun, 22 Jan 2023 00:27:47 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 22 Jan 2023 00:28:47 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame 1F7E 7 KB
2 KB 35ms
12ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=52342200008717900951403012212007&a=e58f3b65
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=ff30742779&subid=&uid=5e6388b9e2d93780&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqQ-RnB9WGahjnrM3z_M_jQ%26exch_seat%3D20035004448%26mt_aid%3D6381398374219463805%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_cid%3De5e663cc-8303-4301-b5e0-febf95280b18%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCm3ijAoPMY4acKbvO7_UPmsu1yA3Ph46bXMCG2YLGAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MTQ4NDEyMjMzNTMwNzc3yAEJ4AIAqAMBqgT7AU_QMgWX68eXn697RCRyD1yAB3Zwk7RzkCMq0plDOQSGOyXx0zogL0aHD0Js63Ege2KQ_y5a7apR2at7TNrEdPUJYqnpSJfCkPDasrZBHBxj4-ToIMgrotoisa39DLRhnjSk0-0bjK90jWnUxjliDnLmUUXGRA6PWKfVJInvh9D4gFFFKcGY36_gKNQ8autTENy_D2yBnO4rFDTZsK2en1aRMN2EmKh3oHBXl3SHrOgon4O4chDGQ1APeWgqBCAUxPZAV7qLFrx3DJtgQkHTc64NZ-hTNJMjZDl_9Yxkm4mrfHWJ-ueCMeO_xYCAvMalisylK-kTQ7c7ctHE4AQBgAaM58221bibjdIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zNKDQR6-jx7sL_bk2PTEVryXY0A%2526client%253Dca-pub-4148412233530777%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7365703828384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8a30eef52853e7f41aa56139757a10606edf9ebe473c4d75a2784833db27e5e4

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2173
Content-Type: text/html; charset=utf-8
Date: Sun, 22 Jan 2023 00:27:47 GMT
Expires: Sun, 22 Jan 2023 00:27:47 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 0E51
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=52342200008717900951403012212007
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=52342200008717900951403012212007
https://ad-server.eu/wm/pb/native.png

68 B
312 B

158ms
31ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:30:46 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D183:A46E_91EFC182:01BB_63CC8303_FD7FB83:2BF9
X-IPLB-Instance: 40027
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0E51 43 B
703 B 71ms
37ms Image
image/gif 23.67.134.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=52342200008717900951403012212007&pv=1

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-134-223.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:47 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4E74 1 KB
643 B 14ms
14ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 12:19:16 GMT
etag: 48472445140208031
expires: Sun, 22 Jan 2023 12:19:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0E51 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da30aac687ffe6cbac0183bfee168f6bfed1c89e219de0af57d668e9277f8075

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 1F7E 4 KB
747 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=52342200008717900951403012212007&a=e58f3b65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 22 Jan 2023 00:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 22:47:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 Jan 2023 00:27:47 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1F7E 66 KB
66 KB 41ms
18ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=52342200008717900951403012212007&a=e58f3b65
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 865bc8a864316f8a423f6f60c744ce803b276141c5745d29f97ba8c89679dc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1F7E 56 KB
56 KB 51ms
24ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=52342200008717900951403012212007&a=e58f3b65
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ad78c8244b7823c2cd2053d3b59dc455e80e26f5b92b37500f3bd40b5286e984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 57510
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1F7E 46 KB
46 KB 47ms
19ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=52342200008717900951403012212007&a=e58f3b65
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b324d2ac4eb24e6a2954d88dbf38f5350aec5c77d1af9ddb0bee580837d0e4cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 47194
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1F7E 64 KB
64 KB 52ms
24ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627.png
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=52342200008717900951403012212007&a=e58f3b65
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: dec3240d0881a5216582b88d2e9a0995d7b81b92d37cc37d73d0830db41329f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 65181
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4E74
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE...

43 B
389 B

161ms
161ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78d42a770efe9b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 407
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHNu85kKQbVejzd6Y54QcU8&google_cver=1&google_push=AavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N9M7LVTDDcGJiaN7NutY_C-BwfjYpxmk8KozXxYONltu6sBabw5Pb-4hFqt2xLkAPfWQkSHS2KbFjcXADFLdQgTTZ2ZoE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78d42a75fd289b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E74
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTh5REF3QUFBYVU2Q2dBRg==&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_cver=1&google_push=AavPq0MTJNOGP8QbwohLDgxpMn-qoCdYel...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTh5REF3QUFBYVU2Q2dBRg==&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_cver=1&google_push=AavPq0MTJNOGP8QbwohLDgxpMn-qoCdYelVUu1cvEmtOCfnOEXn2jZTi62_soa0fjnaigzd_78wlTgA3qD8fpJ4_pUTaLnC_wwM

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220072-HHN
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1674347268.515652,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTh5REF3QUFBYVU2Q2dBRg==&google_gid=CAESEDOxMl7gYgMJNBPnH55FXso&google_cver=1&google_push=AavPq0MTJNOGP8QbwohLDgxpMn-qoCdYelVUu1cvEmtOCfnOEXn2jZTi62_soa0fjnaigzd_78wlTgA3qD8fpJ4_pUTaLnC_wwM
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E74
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEI0UsxtlRxNrmmPX12-U8Ko&google_cver=1&google_push=AavPq0OFRjoZmowm3TUF3TthwLaJw8OHnoc5RPWlLkjDO3kA4imyguIwpy6aXBTspcpmTWezv-5Nv7yOQpJNWiPnJii-z1JJnJ8
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3DB24F7857A440528675C0D52567F986&google_push=AavPq0OFRjoZmowm3TUF3TthwLaJw8OHnoc5RPWlLkjDO3kA4imyguIwpy6aXBTspcpmTWezv-5Nv7yOQpJNWiP...

170 B
188 B

24ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3DB24F7857A440528675C0D52567F986&google_push=AavPq0OFRjoZmowm3TUF3TthwLaJw8OHnoc5RPWlLkjDO3kA4imyguIwpy6aXBTspcpmTWezv-5Nv7yOQpJNWiPnJii-z1JJnJ8

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 22 Jan 2023 00:27:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3DB24F7857A440528675C0D52567F986&google_push=AavPq0OFRjoZmowm3TUF3TthwLaJw8OHnoc5RPWlLkjDO3kA4imyguIwpy6aXBTspcpmTWezv-5Nv7yOQpJNWiPnJii-z1JJnJ8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 21 Jan 2023 00:27:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E74
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENPfBEOIP_s5LmLXMTpwSGU&google_cver=1&google_push=AavPq0O4_CmnP8miAwEWfpdooNT9rVmMrBl0iMbpl9IJ3t9xqaB0LkTlc5vT151NiJ7FvFaJcZtfIgIp...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENPfBEOIP_s5LmLXMTpwSGU&google_cver=1&google_push=AavPq0O4_CmnP8miAwEWfpdooNT9rVmMrBl0iMbpl9IJ3t9xqaB0LkTlc5vT151NiJ7FvFaJcZt...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI0OTg2Mjg5MDk2ODE0ODg4NA&google_push=AavPq0O4_CmnP8miAwEWfpdooNT9rVmMrBl0iMbpl9IJ3t9xqaB0LkTlc5vT151NiJ7FvFaJcZtfIg...

170 B
188 B

26ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI0OTg2Mjg5MDk2ODE0ODg4NA&google_push=AavPq0O4_CmnP8miAwEWfpdooNT9rVmMrBl0iMbpl9IJ3t9xqaB0LkTlc5vT151NiJ7FvFaJcZtfIgIp994bwnMz-xVAhN4k1TE

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI0OTg2Mjg5MDk2ODE0ODg4NA&google_push=AavPq0O4_CmnP8miAwEWfpdooNT9rVmMrBl0iMbpl9IJ3t9xqaB0LkTlc5vT151NiJ7FvFaJcZtfIgIp994bwnMz-xVAhN4k1TE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E74
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VgfX8h5VR66KWegm5_bydw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VgfX8h5VR66KWegm5_bydw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0M2YO68FuKlK8_GzRDgpNKa1BezRaN8Z2QHPZnMvaguB01bGN7DEA1gsB1q4YRwvo2yTsD6guCNdyajw8fR7zcxtut3bVc

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VgfX8h5VR66KWegm5_bydw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0M2YO68FuKlK8_GzRDgpNKa1BezRaN8Z2QHPZnMvaguB01bGN7DEA1gsB1q4YRwvo2yTsD6guCNdyajw8fR7zcxtut3bVc
date: Sun, 22 Jan 2023 00:27:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E74
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMPQ7Jk3Fw-9ovjKMzTrcgY&google_cver=1&google_push=AavPq0NxGhY9MUZ7sKPGJSuNqevDxrBpiJpRUod4xRRz_tClsLVhxl83cG7zb5hQmfN76Q1kqRG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ2TjRTMVgtUy1LVEk0&google_push=AavPq0NxGhY9MUZ7sKPGJSuNqevDxrBpiJpRUod4xRRz_tClsLVhxl83cG7zb5hQmfN76Q1kqRGP7nZ6fqxn9RBuJANlrDf2gI8

170 B
188 B

25ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ2TjRTMVgtUy1LVEk0&google_push=AavPq0NxGhY9MUZ7sKPGJSuNqevDxrBpiJpRUod4xRRz_tClsLVhxl83cG7zb5hQmfN76Q1kqRGP7nZ6fqxn9RBuJANlrDf2gI8

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ2TjRTMVgtUy1LVEk0&google_push=AavPq0NxGhY9MUZ7sKPGJSuNqevDxrBpiJpRUod4xRRz_tClsLVhxl83cG7zb5hQmfN76Q1kqRGP7nZ6fqxn9RBuJANlrDf2gI8
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 4E74
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEElHcIQdUCNLfdXUvxHHc_c&google_cver=1&google_push=AavPq0Mwh00Tj9yKKAti0Yu-TTlVdtST8TVhdZ4hX7oceva4or2VMFPZHePHY1DC6-P-USk_ANdjUGRBlqI...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Mwh00Tj9yKKAti0Yu-TTlVdtST8TVhdZ4hX7oceva4or2VMFPZHePHY1DC6-P-USk_ANdjUGRBlqIU1AkNNvIIsqS7oCud
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

16ms
15ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4E74 0
12 B 23ms
21ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIKgTGDrd8Ptzm_sR-dE_TP1E0XjWcbJQROf0b1U0_mVVyeanjvDZpkD_wEmKYiyueaPU4hQ

Requested by

Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 371E 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoxWhA4PMY8fwCNSY-gbmn4-oBgAAAAA4AeAEAg&bg=!GRqlGl7NAAYDMoyoIzI7ACkAdvg8WvrJKiDxLl84kOfoos_5uREcha0PKrsfSnDOFzWaXigY_wuB7QIAAAB5UgAAAANoAQeZAuwddnqUPhMnIUWU8yM33bWT1_5nb3V-YDMn1DZkFqtuLhN4_Fik58f6oCdC2V6lD9rVzYNkUYaQwBN2ooyt_1eWK7LjfF5mrtq2tDZScV3Cj7poiVNXF_h2R881cMMuVGf0iySkzcXc38aF5-QszNZp6V7Nsw8gLvQEekE6y9dv7Z6lasyXyaOqSxnN_b_lLlRSvPIzzBjTNGqK05u9FBaXe-fDy35ATOPyE5Gl4J0AMgQPd0Kw9ZbHfoV42R8pPIUWT95a0q8axLUcAylyIwmlTUj8_pIe9XxQOFMC54-_ssKvRk5T8wy0VUm2ocgcM7PWDVCRMcCXAVrR_DlGNI0K7HEiuFVgbOKLtstMDELmLbQdU1TQTyO-jqpLjxPEKwPuWSde5MXLCGw3CR3C6BKH9UA-3NleY5U9TaqSyBusSsta5GtRy80PD1aS740cDjzhIREAxCCHrP66inbSDoPpnPcHupoI3-e1M1whpyPFvQj64mDUv3u02-oBs-afMygZ0WTxcCm6o8cTsuGmAghBWQXEc75e9N224OGMqxWPfpsKGR7VTHGn5gku_mHgDEEzkbX2J5Fshpv6Ly2gojUK_EHmA5ufRdBux-Cs8NmMUpW0-xHsvClF8vO6NMQg1sZfCqCEwfm8S8NUDlu685u3SNPwWxA2n_AYK5VMJCRA2shPaXf95hxAZyx_CShGh9SEwspasgRxTRt9Y6QKuhbxnpH8D8dPp83RVjv_C5zKwvkr1NG4UNzzqumFVsgQ0fWF4Oxb8_sFS4wn-9Sz2_-9WQ4ROTNhGqRgswbWBp903a05azjOclf-rNZ94BtTzDMihWgpXmcLrv6UsWwvAIQ4Oz4QlK1kQTNnQqHZl-GqbU-gXG-YsO4s01iVTOca-cTooKjou7F5nvDKEP8XcWh1yWwbKfaqzPqF11WTLpYLqw1kJppV05EvU34w9_P-y4K_QErchNj-s4bNGd5NcP-mAEMTrb6KP_6ML7oM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame 1F7E 0
150 B 36ms
13ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=52342200008717900951403012212007&a=bd2ad09c&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=52342200008717900951403012212007&a=e58f3b65
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=52342200008717900951403012212007&a=e58f3b65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:47 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1F7E 13 KB
13 KB 18ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:24:52 GMT
x-content-type-options: nosniff
age: 277375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 19:24:52 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1F7E 13 KB
13 KB 20ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 13:30:55 GMT
x-content-type-options: nosniff
age: 39412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 13:30:55 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 74CD 5 KB
5 KB 11ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2114838770
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 8D09 103 KB
40 KB 129ms
51ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d22322b72c6544ca1b5dd7f06f430a9f3bfb461fd634f2361f1b0514a43bdb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40767
x-xss-protection: 0
last-modified: Sun, 22 Jan 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 Jan 2023 00:27:47 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 0E51 85 KB
31 KB 49ms
9ms Script
application/javascript 13.224.189.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=52342200008717900951403012212007&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-29.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 15:31:22 GMT
content-encoding: gzip
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 32186
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: OxISTnW5SAzAuAumXjA8fVT2uDi7oyIbjf2JH3vl_n31-gmYQXdCDg==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 0E51 3 KB
3 KB 34ms
8ms Image
image/png 13.225.78.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1674347567&Signature=QSzzmxt-epeO58k6NeQMg2GvYfXhEncI0jxOAVyDytuW124GsYH4CohGgSlSDWauxrfU~ONrbNhy5Nn7k6wmUA7gVyxAKIEkJrs9EkPWl7TEuNUkE~aTkibSWYpZitXo55opZFLCU7RGSpbOpwy3t9fEf7ae0HU3rxYoup1E9bPdKmUPQAIHEwPOwnCoA0VXjFFaXBbcX2ioaStpP2yy6AdF6ojK1JtQixCnVSeI75Wax-GMZUuRwk9ZfVCrdLeuMc-bPSEkRJnojxy9HF-7DHJHrCns0s483vSoj4ulE14b3n5VxhSbIv8B~N~~TrfouUYfp7otA41r2uPKCUxwJw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
URL: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 21 Jan 2023 08:11:20 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 58588
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: zqlFf-GhJaenJO5e9UmcN52GjvAfoBfMoZWLqfHboKF2t8YeTsayDw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFEC 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3jiQArAwdayBND6-8avOGLoseP6QeDtPgpG3ju9-za6clogF4OQ1cksB70-gBYbNUUZjSNh_MVtpQAib3zH9bCtO35gPMfB_-NEWtdQmPUkpzqKRBFOQNIp4sfqazPZMAT8MqtA&sai=AMfl-YQ8cn_ztUTNhVffv85bgAfwX4SWIJInbGo91WJJh9ik0GxbBwgdseLDi3MD6Iqifi2uUKU0-lD0mSJv54tODS3z__P4YYCWehz1oczk8OyJ9uzvfcD5OoaS9xjq2g&sig=Cg0ArKJSzOtbfe88WXrpEAE&cid=CAQSOwDq26N9v7qd2qJUWuFOgeLfg6wQdhrLkawVjWnNLm0M3TgDoVobBrtp1vh3ahVQJj9zaztOLPoYW26JGAEgEw&id=lidar2&mcvt=1023&p=1110,436,1200,1164&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=608699878&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674347266996&rpt=290&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 0E51 16 B
232 B 125ms
125ms Fetch
application/json 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-112-14.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 Jan 2023 00:27:48 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 76ms
21ms Preflight 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-112-14.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 22 Jan 2023 00:27:48 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFEC 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2575017175101&version=m202209210101&ct=76&x=1&cor=2141554535208709400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 71ms
31ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Jan 2023 00:27:48 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 503D 15 KB
6 KB 51ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=iplogger.org

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 660684
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 62ms
30ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iplogger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Jan 2023 22:25:06 GMT
server: nginx
etag: W/"63bde5c2-162a9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Jan 2023 00:27:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 503D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=iplogger.org&sn=ChromeSyncframe&so=0&topUrl=iplogger.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=I8WfQnx5TEFzZzRIcFpsK2hzcGwxK2RtQXliYzRkVGxqSFpwc2VZenhFRW1BeCtGb3hYWTJZNmoyUHkzdk43TnZyb3cvRUJETWwwOXlvZ0FzTlBxUytXWTZNYVB0dVo3UDNORWxjcnZ2djVNd3dkOVN2b1FVWkN6Y25uWG...

439 B
669 B

72ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=I8WfQnx5TEFzZzRIcFpsK2hzcGwxK2RtQXliYzRkVGxqSFpwc2VZenhFRW1BeCtGb3hYWTJZNmoyUHkzdk43TnZyb3cvRUJETWwwOXlvZ0FzTlBxUytXWTZNYVB0dVo3UDNORWxjcnZ2djVNd3dkOVN2b1FVWkN6Y25uWGJiZlJmcnBDTjh0L1ExelZzMWxSRmQxTzZkV0NYejdrdmt0U0ZNVmhWdUErVS82ajR0QitlcXlQemc3WFoyL1R3Z3J0alJaeUNJelJuaDNJZFZIK0h0QjBXRUhKbHBoV0lnWGEyVDVQUUNIOWtTbmNSMTN0enEzWGlqMVlZanFUeElXNW9mV0p0dGxmVkR4Vi9VUW41cUVDY0lGeXdVdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c873691d40fa2f3884e24cf12e658b004eed382fd6f21c1fde88af854bd2eed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2339577
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=I8WfQnx5TEFzZzRIcFpsK2hzcGwxK2RtQXliYzRkVGxqSFpwc2VZenhFRW1BeCtGb3hYWTJZNmoyUHkzdk43TnZyb3cvRUJETWwwOXlvZ0FzTlBxUytXWTZNYVB0dVo3UDNORWxjcnZ2djVNd3dkOVN2b1FVWkN6Y25uWGJiZlJmcnBDTjh0L1ExelZzMWxSRmQxTzZkV0NYejdrdmt0U0ZNVmhWdUErVS82ajR0QitlcXlQemc3WFoyL1R3Z3J0alJaeUNJelJuaDNJZFZIK0h0QjBXRUhKbHBoV0lnWGEyVDVQUUNIOWtTbmNSMTN0enEzWGlqMVlZanFUeElXNW9mV0p0dGxmVkR4Vi9VUW41cUVDY0lGeXdVdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 519822
content-length: 0
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D721 52 KB
17 KB 39ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 63782
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 22 Jan 2023 00:27:49 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 745856
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220064-HHN
X-Timer: S1674347270.632426,VS0,VE0

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame A4F6 8 KB
4 KB 49ms
7ms Document
text/html 13.224.189.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35998
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Sat, 21 Jan 2023 14:27:52 GMT
etag: W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified: Thu, 01 Dec 2022 19:37:41 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-id: rGKU5y5CxTRO13moEBPuuuCFFOQ36bYGo_GE8eBzRAXPLOKedNRVCw==
x-amz-cf-pop: FRA2-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5: 86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256: 7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache: Hit from cloudfront

GET
H2 200 iframe Show response
mantodea.mantisadnetwork.com/prebid/ Frame E2D4 257 B
496 B 100ms
100ms Document
text/html 52.205.2.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1674347266589&secure=true&version=9&title=IP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses&url=https%3A%2F%2Fiplogger.org%2F
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.2.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-2-35.compute-1.amazonaws.com
Software: / Express
Resource Hash: f678c8982c17018890e2bcb3bd061402cec13f256ed11f951c1bb4804f0a7be1

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
content-length: 257
content-type: text/html; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
etag: W/"101-phSpk+uM4SH5Z9D5FctjGFnUlKQ"
expires: -1
pragma: no-cache
vary: Origin
x-powered-by: Express

GET
H2 204 /
onetag-sys.com/usync/ Frame 6C2D 0
0 14ms
14ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1674347266310

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 750A 16 KB
6 KB 36ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=47330
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: Sun, 22 Jan 2023 13:36:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame A59E 21 KB
8 KB 43ms
19ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/iplogger.js?1674346800000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

961d2776cd22fff16aa7921234104666fe4755c8ceb37cf2c4af5ab2734ee434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7825
content-type: text/html; charset=UTF-8
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: Tue, 24 Jan 2023 00:27:49 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D721 0
864 B 15ms
15ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:49 GMT
AN-X-Request-Uuid: 8793130c-6ca5-4ea6-acba-eb2a7475a814
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 750A 5 KB
6 KB 18ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94781146&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: de81153a6b9ed335ee5bd1afcab8d5667c8d710a47ff34498315d8bb54b0c132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 22 Jan 2023 00:27:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame BDE3 5 KB
2 KB 105ms
27ms Document
text/html 54.154.84.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.84.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-84-112.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 82e82fc925ae247d5aebf2da027972bebacd6f564b9499d85913272532484eb9

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 22 Jan 2023 00:27:49 GMT
etag: W/"0b582f91627cfdc1e937509d06fb4d0ac"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 235E 0
0 14ms
14ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 9874 721 B
971 B 133ms
20ms Document
text/html 185.86.137.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 2e56b32de514b03264659df45a47f999ca1fe12a891da5c06945d4f0db50c71d

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 721
content-type: text/html
date: Sun, 22 Jan 2023 00:27:49 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 256C 2 KB
1 KB 64ms
28ms Document
text/html 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d5e31d78faf7f19db1cdecb9d7636885d8a99e34a57d0e5ae5cab00fb720442

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78d42a83cd976933-FRA
content-encoding: br
content-type: text/html
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMNI9rPqBVxFiNE%2F93IHcs%2FKcVJeQxfnEjpWU0uC9BF3i6b9RA0mmwcKGQUrBORaL7OsOvLWP2hAHDpc4faUP0sGXM6Nd9EWNTuTNzL%2FuabnuKAmAEUu%2F4dea28weiZ8TifwwfoiRIL%2Fag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame EBB5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

45ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 22 Jan 2023 00:27:49 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 22 Jan 2023 00:27:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B7BE 16 KB
6 KB 10ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=47330
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: Sun, 22 Jan 2023 13:36:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame E1D7 0
484 B 235ms
189ms Document
text/html 2600:9000:21f3:4200:1f:4c18:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Sun, 22 Jan 2023 00:27:49 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
x-amz-cf-id: 4u4bddFAk-AMIDCDNrcU7UiyZDzqqchsWGv5NsLVtZ4RDUyY2BfSAw==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2

200

sync
ads.servenobid.com/ Frame A4F6
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=8053552683138483034

0
344 B

43ms
38ms

Image
image/avif

52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=8053552683138483034
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Sun, 22 Jan 2023 00:27:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d0af13d7-8cbc-4a92-9f0c-b92a6346ea02
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.servenobid.com/sync?pid=312&uid=8053552683138483034
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame A4F6
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=GBq7uRZHi0XwF0YdSM-_mHpJ

0
350 B

35ms
30ms

Image
image/avif

52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=GBq7uRZHi0XwF0YdSM-_mHpJ
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:49 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=GBq7uRZHi0XwF0YdSM-_mHpJ
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame A4F6 0
277 B 61ms
15ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 22 Jan 2023 00:27:49 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame A4F6
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1674347269737
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5903503077

70 B
264 B

37ms
37ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5903503077
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
etag: RXcb613d9a8f344b0ab61b3d84e4fef762003
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5903503077
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame A4F6
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5108559725999380087

0
344 B

31ms
31ms

Image
image/avif

52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5108559725999380087
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5108559725999380087
Date: Sun, 22 Jan 2023 00:27:49 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame A4F6 0
498 B 387ms
95ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-30
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame A4F6
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=3b2b2daa-daf0-464b-be66-01aacbc57504&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
356 B

36ms
32ms

Image
image/avif

52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=3b2b2daa-daf0-464b-be66-01aacbc57504&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=3b2b2daa-daf0-464b-be66-01aacbc57504&gdpr=0&gdpr_consent=&us_privacy=1YN-
date: Sun, 22 Jan 2023 00:27:48 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame A4F6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A

0
367 B

39ms
38ms

Image
image/avif

52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A
date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

user-sync
sync.adkernel.com/ Frame A4F6
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS03NmNkMTdhMy0xZWQwLTNlMGItYjNhNi1iOTQ5YjdmNTJhZjMQ____________ASpTaHR0cHM6Ly...

0
109 B

52ms
15ms

Image
text/plain

77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS03NmNkMTdhMy0xZWQwLTNlMGItYjNhNi1iOTQ5YjdmNTJhZjMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS03NmNkMTdhMy0xZWQwLTNlMGItYjNhNi1iOTQ5YjdmNTJhZjMyAhsMOAE=%26buyeruid%3D%7BUID%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:50 GMT
Server: nginx
Connection: close
Content-Length: 0

Redirect headers

location: http://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS03NmNkMTdhMy0xZWQwLTNlMGItYjNhNi1iOTQ5YjdmNTJhZjMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS03NmNkMTdhMy0xZWQwLTNlMGItYjNhNi1iOTQ5YjdmNTJhZjMyAhsMOAE=%26buyeruid%3D%7BUID%7D
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:50 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame A4F6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A

0
367 B

32ms
32ms

Image
image/avif

52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A
date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 16B0 35 B
477 B 22ms
22ms Document
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5567
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=

42 B
325 B

68ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:49 GMT
Expires: Sun, 22 Jan 2023 00:27:48 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 357 2feb0b5 master zrh-pixel-x31 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C5C9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2624905517755670101

42 B
195 B

26ms
21ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2624905517755670101
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2624905517755670101
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1EE6
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

14ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: Sun, 22 Jan 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1975130
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 26CF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5607D7F2-1E55-47AE-8A59-E826E7F6F277&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5607D7F2-1E55-47AE-8A59-E826E7F6F277&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

189ms
189ms

Document
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5607D7F2-1E55-47AE-8A59-E826E7F6F277&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:50 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: W933TN19G98XNG9NRQPP

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 22 Jan 2023 00:27:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5607D7F2-1E55-47AE-8A59-E826E7F6F277&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: MGD8XG5QAQYNJVV217VP

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AB45
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A-GV2Q3hxo8YsMXcAOLb3FTgx4oY5cOJA-D5llCB

42 B
337 B

79ms
21ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A-GV2Q3hxo8YsMXcAOLb3FTgx4oY5cOJA-D5llCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=A-GV2Q3hxo8YsMXcAOLb3FTgx4oY5cOJA-D5llCB
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A6E1
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8053552683138483034&gdpr=0&gdpr_consent=

42 B
218 B

16ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8053552683138483034&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 57a83e4c-8254-4927-8484-125aa354175f
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 22 Jan 2023 00:27:49 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8053552683138483034&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6B25
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7191266762519148699&gdpr=0&gdpr_consent=

42 B
243 B

14ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7191266762519148699&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Sun, 22 Jan 2023 00:27:49 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7191266762519148699&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1054
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWMbvp5oT_ZRm-DPq5fMDrKi0YM

42 B
299 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWMbvp5oT_ZRm-DPq5fMDrKi0YM
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Sun, 22 Jan 2023 00:27:50 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWMbvp5oT_ZRm-DPq5fMDrKi0YM

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2D16
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=

1 B
239 B

65ms
14ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 22 Jan 2023 00:27:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sun, 22 Jan 2023 00:27:49 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220072-HHN
x-timer: S1674347270.710240,VS0,VE0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 05C4
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHcENrN0htUVlBQUItc0NobW9JUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGpCk7HmQYAAB-sChmoIQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8546324679899167549&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGpCk7HmQYAAB-sChmoIQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8546324679899167549%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8546324679899167549&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGpCk7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGpCk7HmQYAAB-sChmoIQ&gdpr=0&gdpr_consent=

42 B
199 B

19ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGpCk7HmQYAAB-sChmoIQ&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 22 Jan 2023 00:27:50 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGpCk7HmQYAAB-sChmoIQ&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 0F94
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1674347269737
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8955436945

70 B
264 B

40ms
37ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8955436945
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 22 Jan 2023 00:27:49 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sun, 22 Jan 2023 00:27:49 GMT
etag: RXcb613d9a8f344b0ab61b3d84e4fef762003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8955436945
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H2 200 i.match Show response
a.tribalfusion.com/ Frame 8991 43 B
462 B 170ms
163ms Document
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 78d42a83bcd79b98-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 71D9
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

15ms
14ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 22 Jan 2023 00:27:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Sun, 22 Jan 2023 00:27:49 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 67F5 43 B
279 B 121ms
30ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:49 GMT
Vary: Accept-Encoding
X-adserver-worker: avatar-aae2858065dd@version_1.533v2
X-core-time: 0ms
X-server-arch: v2

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 922A 0
0 295ms
95ms Document
text/plain 5.161.47.120
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),

Reverse DNS

static.120.47.161.5.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Sun, 22 Jan 2023 00:27:49 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3AAC
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=b84729aac5b82fe8f084624d01c77fab&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTSbUQTXVQaXnjnY

42 B
280 B

18ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTSbUQTXVQaXnjnY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTSbUQTXVQaXnjnY

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame B772 43 B
283 B 143ms
14ms Document
image/gif 72.251.245.181
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-8

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 750A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VgfX8h5VR66KWegm5_bydw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

7ms
6ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=47330
accept-ranges: bytes
content-length: 5554
expires: Sun, 22 Jan 2023 13:36:39 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=07816d725d02ece3/gdpr=0/ Frame 750A
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=5607D7F2-1E55-47AE-8A59-E826E7F6F277&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=07816d725d02ece3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...

49 B
265 B

119ms
32ms

Image
image/gif

52.18.161.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=07816d725d02ece3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 52.18.161.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-161-122.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.34
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=07816d725d02ece3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 750A
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&addseg=19,36,42

0
0

84ms
20ms

Image
application/json

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Sun, 22 Jan 2023 00:27:49 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 750A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTYwN0Q3RjItMUU1NS00N0FFLThBNTktRTgyNkU3RjZGMjc3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

84ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 750A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAdLMACFaOLV3BvoKdHuqwg&google_cver=1

42 B
529 B

83ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAdLMACFaOLV3BvoKdHuqwg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAdLMACFaOLV3BvoKdHuqwg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 750A 43 B
409 B 23ms
15ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 21 Jan 2023 00:27:49 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 750A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2249862890968148884

42 B
448 B

42ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2249862890968148884
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2249862890968148884
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 750A 70 B
264 B 46ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 750A
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ff081c61-2dcd-423c-94dd-afd2058741d0
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ff081c61-2dcd-423c-94dd-afd2058741d0
https://x.bidswitch.net/sync?dsp_id=4&user_id=2b81921a-4428-48c9-a7d0-075c4c8d0912&ssp=pubmatic&expires=30&user_group=5&bsw_param=ff081c61-2dcd-423c-94dd-afd2058741d0
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

16ms
15ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=&gdpr_consent=&gdpr_pd=
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 5607D7F2-1E55-47AE-8A59-E826E7F6F277
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 750A 43 B
603 B 119ms
36ms Image
image/gif 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/5607D7F2-1E55-47AE-8A59-E826E7F6F277?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 750A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NcC_iD1E2uV6SKdaK3MmUv1B9PTdPY4-~A&gdpr=0

0
260 B

91ms
19ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NcC_iD1E2uV6SKdaK3MmUv1B9PTdPY4-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:47 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NcC_iD1E2uV6SKdaK3MmUv1B9PTdPY4-~A&gdpr=0
date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 750A 0
104 B 107ms
25ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=5607D7F2-1E55-47AE-8A59-E826E7F6F277&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 750A 0
191 B 68ms
13ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:48 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 750A
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2c4792ad-5de7-4ef5-bdf5-b8d5ab5d6d21&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2c4792ad-5de7-4ef5-bdf5-b8d5ab5d6d21&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2c4792ad-5de7-4ef5-bdf5-b8d5ab5d6d21&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sun, 22 Jan 2023 00:27:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 750A
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4426469066683050377&gdpr=0&gdpr_consent=&us_privacy=

1 B
255 B

20ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4426469066683050377&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4426469066683050377&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 750A
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8053552683138483034

42 B
95 B

20ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8053552683138483034
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 22 Jan 2023 00:27:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 22 Jan 2023 00:27:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d387ca89-3143-49fc-9ca1-3b28b97d7a82
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8053552683138483034
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame E2D4 2 KB
1 KB 50ms
13ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=iplogger.org
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1674347266589&secure=true&version=9&title=IP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses&url=https%3A%2F%2Fiplogger.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
server: cloudflare
age: 370
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 78d42a83fb9fbbb5-FRA
content-length: 1168
expires: Sun, 22 Jan 2023 02:27:49 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E2D4 70 B
264 B 38ms
38ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1674347266589&secure=true&version=9&title=IP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses&url=https%3A%2F%2Fiplogger.org%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 256C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK46A8IfKgYBjQ9joGTVwTk&google_cver=1

43 B
334 B

28ms
27ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK46A8IfKgYBjQ9joGTVwTk&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPG50zGAC3p%2B7kt8JOUsLgR6j4Mn8PZICvsEa4YYJgakHIkmhQ2hYync3uvo0lH6Y92x9yg85YCzfYrB4KMqQ8DbIw7cLcinWd1uDIH65JGVcF5ypA7X0NB4Mi9VfiM3OxS5jdjBAfYEEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 78d42a844e046933-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEK46A8IfKgYBjQ9joGTVwTk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 256C 70 B
264 B 41ms
36ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 256C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB&dcc=t

43 B
855 B

108ms
108ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4STG5JA05BTV7Q9F0FMP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YD882WWNPPQTFZS75Z8K
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 256C 43 B
604 B 65ms
36ms Image
image/gif 2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 256C 43 B
433 B 135ms
33ms Image
image/gif 52.51.57.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.57.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-57-10.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 256C
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=85f5001f-6e54-4202-8b85-0d755b77f889&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
632 B

23ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=85f5001f-6e54-4202-8b85-0d755b77f889&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=85f5001f-6e54-4202-8b85-0d755b77f889&us_privacy=null&gdpr_consent=null&gdpr=null
date: Sun, 22 Jan 2023 00:27:49 GMT
server: _
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 256C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2249862890968148884&expiration=1675556869

43 B
632 B

24ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2249862890968148884&expiration=1675556869
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2249862890968148884&expiration=1675556869
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 256C
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8053552683138483034

43 B
632 B

25ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8053552683138483034
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Sun, 22 Jan 2023 00:27:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f717b69b-c42d-41fe-8793-c9f763ed721b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8053552683138483034
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 256C 0
356 B 33ms
31ms Image
image/avif 52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame E2D4 31 KB
24 KB 17ms
14ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1674347269776&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=04vm5evo19us&cid=1041
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=iplogger.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
server: cloudflare
age: 768
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 78d42a841bc4bbb5-FRA
content-length: 24223
expires: Sun, 22 Jan 2023 02:27:49 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EBB5 34 KB
10 KB 217ms
216ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6e1bc570bb7ab3171f88d44c0084f41abbec0e88f02a822e3a9a6143eb87931f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:50 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Jan 2023 05:35:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18438
Connection: keep-alive
Content-Length: 10037
Expires: Sun, 22 Jan 2023 05:35:08 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=8053552683138483034

35 B
250 B

136ms
31ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=8053552683138483034
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Sun, 22 Jan 2023 00:27:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6be5d0f8-ea5a-4d10-b1be-f72450dba197
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=8053552683138483034
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_768052c1-227c-4c79-a24f-728209555c14&gdpr=0&gdpr_consent=&us_privacy=1---
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
https://x.bidswitch.net/sync?dsp_id=283&user_id=781c75fb-8de1-46a8-9e88-5ad672d0b57b&expires=1&user_group=2&ssp=gumgum2&bsw_param=ff081c61-2dcd-423c-94dd-afd2058741d0
https://usersync.gumgum.com/usersync?b=bsw&i=ff081c61-2dcd-423c-94dd-afd2058741d0

35 B
250 B

31ms
31ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=ff081c61-2dcd-423c-94dd-afd2058741d0
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=ff081c61-2dcd-423c-94dd-afd2058741d0
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-42bee812-60b9-40f0-70f9-4d580690a9b9$ip$178.162.209.131

35 B
250 B

34ms
34ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-42bee812-60b9-40f0-70f9-4d580690a9b9$ip$178.162.209.131
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-42bee812-60b9-40f0-70f9-4d580690a9b9$ip$178.162.209.131
Date: Sun, 22 Jan 2023 00:27:50 GMT
Connection: keep-alive
Content-Length: 129
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_768052c1-227c-4c79-a24f-728209555c14&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=uIrTmnRYfQfCJs4It5Kn&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25KJOJKG23SSLFTFCZSDJJZTISLUGVFW4...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=uIrTmnRYfQfCJs4It5Kn&us_privacy=1---

35 B
250 B

31ms
31ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=uIrTmnRYfQfCJs4It5Kn&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=uIrTmnRYfQfCJs4It5Kn&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame BDE3
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8155127988

70 B
264 B

37ms
36ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8155127988
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
etag: RXcb613d9a8f344b0ab61b3d84e4fef762003
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8155127988
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=45uRdGmv2zsc&ev=1&pid=558355

35 B
250 B

33ms
32ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=45uRdGmv2zsc&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://usersync.gumgum.com/usersync?b=pln&i=45uRdGmv2zsc&ev=1&pid=558355
content-language: de-DE
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-64ccb75b9-p7lr4
expires: -1

GET
H/1.1

500
Internal Server Error

syncPartner
sync.outbrain.com/ Frame BDE3
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28YQKaU8jppQ_1mLAHGP4B2txxT70qLOytkPXq230hfJs6n_QB-T6GN_QZBCf9leSO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_768052c1-227c-4c79-a24f-728209555c14&obuid=ENC(YQKaU8jppQ_1mLAHGP4B2txxT70qLOytkPXq230hfJs6n_QB-T6GN_QZBCf9leSO)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

11 B
191 B

91ms
91ms

Image
image/avif

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: f6c96b4b5b62c1dadd244bb3ca51f82f7960034c9e3bd8dca35cb7db5a5661a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:50 GMT
X-TraceId: 83b43960d3163872bb20623fb60983f1
Content-Length: 11
Content-Type: image/avif;charset=UTF-8

Redirect headers

Location: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Sun, 22 Jan 2023 00:27:50 GMT
X-TraceId: 8cdc13412ddef212ede4e1b58ff652bf
Content-Length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=6f252cfe-1be5-46f8-a54e-b82d2651eafd

35 B
250 B

31ms
31ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=6f252cfe-1be5-46f8-a54e-b82d2651eafd
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Sun, 22 Jan 2023 00:27:49 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=6f252cfe-1be5-46f8-a54e-b82d2651eafd
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-RNnH31dE2pcQzpMHBlo_a2Fz8NuC.Tw27pr.~A

35 B
250 B

86ms
34ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-RNnH31dE2pcQzpMHBlo_a2Fz8NuC.Tw27pr.~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Sun, 22 Jan 2023 00:27:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-RNnH31dE2pcQzpMHBlo_a2Fz8NuC.Tw27pr.~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=d38e5500-da3f-4589-86f5-ca9c4b3d8da4

35 B
250 B

31ms
30ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=d38e5500-da3f-4589-86f5-ca9c4b3d8da4
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=d38e5500-da3f-4589-86f5-ca9c4b3d8da4
Date: Sun, 22 Jan 2023 00:27:50 GMT
Connection: keep-alive
X-CI-RTID: 13558e5e-97b0-4c68-8710-d82b3bff4a28
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 204 services
sync.technoratimedia.com/ Frame BDE3 0
293 B 307ms
97ms Image
text/plain 132.226.41.106
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:50 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 862499897
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame BDE3 0
44 B 316ms
94ms Image
text/plain 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=495e0559-5a86-4c60-aaa8-be15cf3ca6b6

35 B
250 B

31ms
31ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=495e0559-5a86-4c60-aaa8-be15cf3ca6b6
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=495e0559-5a86-4c60-aaa8-be15cf3ca6b6
access-control-allow-origin: *
date: Sun, 22 Jan 2023 00:27:50 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BDE3
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=8546324679899167549

35 B
250 B

35ms
34ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=8546324679899167549
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=8546324679899167549
date: Sun, 22 Jan 2023 00:27:49 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame BDE3 0
357 B 41ms
31ms Image
image/avif 52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_768052c1-227c-4c79-a24f-728209555c14
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200

0.gif Show response
id5-sync.com/i/495/ Frame 1779
Redirect Chain

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D

43 B
1 KB

52ms
14ms

Document
image/gif

162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 22 Jan 2023 00:27:49 GMT
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length: 332
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sun, 22 Jan 2023 00:27:50 GMT
expect-ct: max-age=0
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F4B4 16 KB
6 KB 18ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=47330
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: Sun, 22 Jan 2023 13:36:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 3FE0 70 B
264 B 47ms
36ms Document
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 22 Jan 2023 00:27:49 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame A323
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=

35 B
250 B

98ms
32ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:49 GMT
Expires: Sun, 22 Jan 2023 00:27:48 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 357 2feb0b5 master zrh-pixel-x25 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=e5e663cc-8303-4301-b5e0-febf95280b18&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame E87A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=

35 B
250 B

105ms
32ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sun, 22 Jan 2023 00:27:49 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220072-HHN
x-timer: S1674347270.840583,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 8C85 170 B
188 B 35ms
28ms Document
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NjgwNTJjMS0yMjdjLTRjNzktYTI0Zi03MjgyMDk1NTVjMTQ=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 129C
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
https://cs.emxdgt.com/umcheck?apnxid=8053552683138483034&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
https://usersync.gumgum.com/usersync?b=emx&i=8053552683138483034brt50781674347269874879f1

35 B
250 B

61ms
33ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=emx&i=8053552683138483034brt50781674347269874879f1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

content-length: 0
content-type: text/html
date: Sun, 22 Jan 2023 00:27:48 GMT
location: https://usersync.gumgum.com/usersync?b=emx&i=8053552683138483034brt50781674347269874879f1

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 7C4E
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=Y8yDBsCo8X8AAC1OEvQAAAAA

35 B
250 B

31ms
31ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=Y8yDBsCo8X8AAC1OEvQAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:50 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Sun, 22 Jan 2023 00:27:50 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=Y8yDBsCo8X8AAC1OEvQAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 1
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40198.dc2p.scaleout.jp
X-SO-IP: 178.162.209.131
X-SO-Key: Y8yDBsCo8X8AAC1OEvQAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y8yDBsCo8X8AAC1OEvQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40198"}
X-SO-LB-Hostname: m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID: a-ad40198

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 73A0
Redirect Chain

https://cs.admanmedia.com/sync/gumgum?puid=e_768052c1-227c-4c79-a24f-728209555c14&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
https://usersync.gumgum.com/usersync?b=aad&i=846c9b2f-6575-4a88-8b20-4f5bd60cddb8

35 B
250 B

30ms
30ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=aad&i=846c9b2f-6575-4a88-8b20-4f5bd60cddb8
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:50 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Sun, 22 Jan 2023 00:27:50 GMT
Expires: 0
Location: https://usersync.gumgum.com/usersync?b=aad&i=846c9b2f-6575-4a88-8b20-4f5bd60cddb8
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: DENY

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame CE2B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://usersync.gumgum.com/usersync?b=iex&i=Y8yDA4cEkej7q1cKSkb7aAAA%262155

35 B
250 B

93ms
35ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=iex&i=Y8yDA4cEkej7q1cKSkb7aAAA%262155
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78d42a847cd290b2-FRA
content-length: 0
date: Sun, 22 Jan 2023 00:27:49 GMT
expires: 0
location: https://usersync.gumgum.com/usersync?b=iex&i=Y8yDA4cEkej7q1cKSkb7aAAA%262155
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBXEwqPXXHSNQlT9ua7OlQTeMXG0VwJExoef37VPYaxlWbTXmW3HjFO0AOMaRf%2Bwn32Dj7mlaAN9dLGQYyDzSpvpkXHGFGH8qmz5%2BsRV5ILJcl93RkRT%2FMXHCNJh8YLU4ACpX%2FFAFVpNLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 2FE1
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=MVuPCXWSbF1EeGM1smqp&pi=gumgum&tc=1

35 B
250 B

75ms
30ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=MVuPCXWSbF1EeGM1smqp&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 22 Jan 2023 00:27:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sun, 22 Jan 2023 00:27:49 GMT Sun, 22 Jan 2023 00:27:49 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=MVuPCXWSbF1EeGM1smqp&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AFF2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

26ms
8ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 22 Jan 2023 00:27:49 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 22 Jan 2023 00:27:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 sync
ads.servenobid.com/ Frame 9874 0
345 B 33ms
31ms Image
image/avif 52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=8546324679899167549&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 9874
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=s...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=smartadserver
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=&gdpr_consent=

43 B
163 B

52ms
17ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=ff081c61-2dcd-423c-94dd-afd2058741d0&gdpr=&gdpr_consent=
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 9874 0
239 B 9ms
8ms Image
text/plain 2600:9000:20eb:1000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-cache, must-revalidate
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: RUI1fEPUZ6Y0HpygfY4I3trzagzUbizrSn1cDKJpb2ovA-Y6gxujUQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9874 70 B
264 B 38ms
37ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 9874
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=

43 B
405 B

85ms
17ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by: cache-hhn-etou8220072-HHN
pragma: no-cache
date: Sun, 22 Jan 2023 00:27:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1674347270.892697,VS0,VE0
x-cache: HIT
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y8yDAwAAAaU6CgAF&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AFF2 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6e1bc570bb7ab3171f88d44c0084f41abbec0e88f02a822e3a9a6143eb87931f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 00:27:49 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Jan 2023 05:35:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18439
Connection: keep-alive
Content-Length: 10037
Expires: Sun, 22 Jan 2023 05:35:08 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame E2D4 26 B
231 B 39ms
13ms Image
image/gif 2606:4700::6810:77c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1674347269937&rnd=04vm5evo19us&ifm=1&uai=1&cid=1041&s=iplogger.org&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:77c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:31:54 GMT
server: cloudflare
age: 6026
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 78d42a855fa890ec-FRA
content-length: 26
expires: Sun, 22 Jan 2023 02:27:49 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame E2D4 26 B
86 B 40ms
15ms Image
image/gif 2606:4700::6810:77c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=167434726992792&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=iplogger.org&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=04vm5evo19us&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=822ebe420a9a56df76d687f1f90f2b5b&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=25&icp=https%253A//iplogger.org/&irfl=25&irf=https%253A//iplogger.org/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-12-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9.6_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:77c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:49 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:31:54 GMT
server: cloudflare
age: 521
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 78d42a855fa990ec-FRA
content-length: 26
expires: Sun, 22 Jan 2023 02:27:49 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame AFF2 284 B
536 B 42ms
8ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame EBB5 284 B
536 B 15ms
8ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D721 0
864 B 7ms
7ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Jan 2023 00:27:50 GMT
AN-X-Request-Uuid: e75b41c3-0b85-489c-a048-82f803eafa44
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.131; 178.162.209.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 750A 0
128 B 74ms
19ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=161102&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B7BE 1 KB
2 KB 18ms
17ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71523055&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 12c63918253fe10a9399047c4f266814bc6adc6a1c7a1854a0cce9a7b71fcdcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 22 Jan 2023 00:27:52 GMT
content-length: 1113
content-type: text/html; charset=UTF-8

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame BA02 0
0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 7E0D 43 B
369 B 54ms
18ms Document
image/gif 35.186.193.173

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Sun, 22 Jan 2023 00:27:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 94DE
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3DB24F7857A440528675C0D52567F986&gdpr=0&gdpr_consent=

1 B
53 B

13ms
13ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3DB24F7857A440528675C0D52567F986&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 22 Jan 2023 00:27:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Sun, 22 Jan 2023 00:27:52 GMT
expires: Sat, 21 Jan 2023 00:27:52 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3DB24F7857A440528675C0D52567F986&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 sync Show response
ads.servenobid.com/ Frame 2C08 0
357 B 31ms
31ms Document
text/html 52.210.29.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/sync?pid=316&uid=5607D7F2-1E55-47AE-8A59-E826E7F6F277
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/html;charset=ISO-8859-1
date: Sun, 22 Jan 2023 00:27:52 GMT

GET info
uipglob.semasio.net/pubmatic/1/ Frame B7BE 0
0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame B7BE 95 B
382 B 57ms
25ms Image
image/png 2606:4700:10::6816:1857

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=5607D7F2-1E55-47AE-8A59-E826E7F6F277
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 78d42a96edaf690f-FRA
access-control-allow-headers: *
content-length: 95

GET match
a.audrte.com/ Frame B7BE 0
0

GET

cr
cr.frontend.weborama.fr/ Frame B7BE
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2721278266

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5607D7F2-1E55-47AE-8A59-E826E7F6F277&sInitiator=external&gdpr=0&gdpr_consent=

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=5607D7F2-1E55-47AE-8A59-E826E7F6F277

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2721278266

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

133 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iplogger.org/	1969-12-31 23:59:59	Name: cursor Value: s3WlY5z6U2L7r4b3A427b661T3rAiQop
.iplogger.org/	1969-12-31 23:59:59	Name: turnback Value: main%2F
iplogger.org/	1970-01-20 17:51:23	Name: clhf03028ja Value: 178.162.209.131
iplogger.org/	1970-01-20 17:51:23	Name: 375263812997014915 Value: 2
iplogger.org/	1970-01-20 17:51:23	Name: integrity Value: F9WIopMIUbNS7TqthWVn75n2
.yadro.ru/	1970-01-20 17:51:10	Name: FTID Value: 1Zp8C10JZ7uU1Zp8C1001R6v
.iplogger.org/	1970-01-20 18:41:47	Name: _ga Value: GA1.2.1714088005.1674347266
.iplogger.org/	1970-01-20 09:07:13	Name: _gid Value: GA1.2.594596954.1674347266
.iplogger.org/	1970-01-20 09:05:47	Name: _gat Value: 1
.yadro.ru/	1970-01-20 17:51:10	Name: VID Value: 2TAaVQ2e3JuU1Zp8C1001R7F
.adnxs.com/	1970-01-20 11:15:23	Name: icu Value: ChgIvahBEAoYASABKAEwgoayngY4AUABSAEQgoayngYYAA..
.adnxs.com/	1970-01-20 11:15:23	Name: uuid2 Value: 8053552683138483034
.servenobid.com/	1970-01-20 09:07:13	Name: cap_559 Value: 10
.doubleclick.net/	1970-01-20 18:27:23	Name: IDE Value: AHWqTUlPZSi0SdTUxIkfLXkDw7yc18zdXZSbncptLy9KurBuhu0IeuXTPZXnJHuGXZg
.iplogger.org/	1970-01-20 18:27:23	Name: __gads Value: ID=13cb402e2b4c987c:T=1674347266:S=ALNI_MaGbXrU8LbFPC7ZQI2wtkFzZvK2SA
.iplogger.org/	1970-01-20 18:27:23	Name: __gpi Value: UID=00000ba704e08720:T=1674347266:RT=1674347266:S=ALNI_MbPa-2tpNpQhJRwO5YjdM1i-cmy1A
.mathtag.com/	1970-01-20 17:51:23	Name: uuid Value: e5e663cc-8303-4301-b5e0-febf95280b18
.adnxs.com/	1970-01-20 11:15:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb^t72Er!1yIE`fS1ueD1W-044)d+]UgYHF1jVrQr@Xr'/)TWf:'(+!Ho)3D<PdFheeL9RFMZ9T5_m!ww^*)_P.U
.casalemedia.com/	1970-01-20 17:51:23	Name: CMID Value: Y8yDA4cEkej7q1cKSkb7aAAA
.casalemedia.com/	1970-01-20 11:15:23	Name: CMPS Value: 2155
.casalemedia.com/	1970-01-20 11:15:23	Name: CMPRO Value: 2155
.travelaudience.com/	1970-01-20 18:36:01	Name: _tracker Value: %7B%22UUID%22%3A%22A3141351-15C5-4960-961F-D71CB821DCD4%22%7D
.mathtag.com/	1970-01-20 09:48:59	Name: mt_mop Value: 4:1674347267
.doubleclick.net/	1970-01-20 09:05:50	Name: DSID Value: NO_DATA
ads.travelaudience.com/	1970-01-20 18:36:01	Name: _tracker Value: %7B%22UUID%22%3A%22A3141351-15C5-4960-961F-D71CB821DCD4%22%7D
.3lift.com/	1970-01-20 11:15:23	Name: tluid Value: 2837165574038245920674
.everesttech.net/	1970-01-20 17:51:23	Name: everest_g_v2 Value: g_surferid~Y8yDAwAAAaU6CgAF
.blismedia.com/	1970-01-20 17:51:27	Name: b Value: 63CC8303075B2C7EFC750CDBBLIS
.yahoo.com/	1970-01-20 17:51:44	Name: A3 Value: d=AQABBAODzGMCEBzF8IpL6cxNzY942gMY1U4FEgEBAQHUzWPWYwAAAAAA_eMAAA&S=AQAAAsTI8z_ZZZLj7UaZirzlytw
.bidswitch.net/	1970-01-20 17:51:23	Name: tuuid Value: ff081c61-2dcd-423c-94dd-afd2058741d0
.bidswitch.net/	1970-01-20 17:51:23	Name: c Value: 1674347267
.bidswitch.net/	1970-01-20 17:51:23	Name: tuuid_lu Value: 1674347267
.retailads.net/	1970-01-20 09:48:59	Name: ppb2172 Value: 2114838770
.awin1.com/	1970-01-20 09:08:40	Name: awpv11830 Value: 296283\|1674347267\|9899e460-99eb-11ed-aa07-22628fe8bc67
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357066:2338577
.futalis.de/	1970-01-20 10:32:11	Name: raSIDb Value: 2114838770
.simpli.fi/	1970-01-20 17:52:49	Name: suid Value: 3DB24F7857A440528675C0D52567F986
.pubmatic.com/	1970-01-20 17:51:23	Name: KADUSERCOOKIE Value: 5607D7F2-1E55-47AE-8A59-E826E7F6F277
.adform.net/	1970-01-20 09:50:25	Name: C Value: 1
.adform.net/	1970-01-20 10:32:11	Name: uid Value: 2249862890968148884
pb.media01.eu/	1970-01-20 18:41:47	Name: DTU Value: 3F14C4A8472CBFFA449467DB33F894A7
.office-partner.de/	1970-01-20 18:41:47	Name: source Value: {"webgains_webgains":{"timestamp":1674347267728,"clickCookie":false}}
.criteo.com/	1970-01-20 18:27:23	Name: uid Value: 0ab9275b-c6d2-4a2f-848e-0418e649b107
.iplogger.org/	1970-01-20 18:27:23	Name: cto_bundle Value: dW3xp191NkhrWHFva0tWT09BJTJCWjdZbzJEJTJCTWZ1bExMVDByaUdpcnVtcER6dEl2TlU1eHF3R1E4WTlHOUFUJTJCTmpyODZ1QyUyQlRmZ1RhVlBmSDd1b3A3Q25GcjlwbUclMkIlMkJGR0xNcHFsNE1UdzYwYzhYREElMkZ0ZzlJakpzenFhRXdJTmQzVEVKRlhMdjA1cVA0VFVWdmxwdDU2dVcyUSUzRCUzRA
.ads.pubmatic.com/	1970-01-20 09:07:13	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 11:15:23	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 09:07:13	Name: pi Value: 161102:3
.pubmatic.com/	1970-01-20 11:15:23	Name: DPSync3 Value: 1675555200%3A221_201_197_219
.pubmatic.com/	1970-01-20 11:15:23	Name: SyncRTB3 Value: 1675555200%3A251_99_234_220_7_54_71_233_55_81_176_21_3_204_8_238_88_165_56_22_166_13_161_243%7C1676937600%3A203%7C1674950400%3A223_15_2%7C1675209600%3A63%7C1675641600%3A35
.analytics.yahoo.com/	1970-01-20 17:51:23	Name: IDSYNC Value: "18yx~29k0:196n~29k0:18z8~29k0"
.quantserve.com/	1970-01-20 11:15:23	Name: d Value: EOYBCwGOKPijAA
.quantserve.com/	1970-01-20 18:36:01	Name: mc Value: 63cc8305-b3f50-fa210-75362
.servenobid.com/	1970-01-20 09:15:52	Name: pid_339 Value: y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A
.lijit.com/	1970-01-20 17:51:23	Name: ljt_reader Value: GBq7uRZHi0XwF0YdSM-_mHpJ
.servenobid.com/	1970-01-20 09:15:52	Name: pid_312 Value: 8053552683138483034
.servenobid.com/	1970-01-20 09:15:52	Name: pid_337 Value: y-1Ob6vDxE2uFNhmZwYCRayZ4uwI1Qv13.I6nQLRE-~A
.adsby.bidtheatre.com/	1970-01-20 09:15:52	Name: __kuid Value: 2c4792ad-5de7-4ef5-bdf5-b8d5ab5d6d21.443561269
.lijit.com/	1970-01-20 17:51:23	Name: _ljtrtb_273657 Value: 273657
.onaudience.com/	1970-01-20 17:51:23	Name: cookie Value: 07816d725d02ece3
.onaudience.com/	1970-01-20 09:07:13	Name: done_redirects104 Value: 1
.adfarm1.adition.com/	1970-01-20 11:15:23	Name: UserID1 Value: 7191266762519148699
.pubmatic.com/	1970-01-20 09:48:59	Name: KRTBCOOKIE_391 Value: 22924-2249862890968148884&KRTB&23263-2249862890968148884
.pubmatic.com/	1970-01-20 11:15:23	Name: KRTBCOOKIE_218 Value: 4056-Y8yDAwAAAaU6CgAF&KRTB&22978-Y8yDAwAAAaU6CgAF&KRTB&23194-Y8yDAwAAAaU6CgAF&KRTB&23209-Y8yDAwAAAaU6CgAF
.pubmatic.com/	1970-01-20 11:15:23	Name: KRTBCOOKIE_27 Value: 16735-uid:e5e663cc-8303-4301-b5e0-febf95280b18&KRTB&16736-uid:e5e663cc-8303-4301-b5e0-febf95280b18&KRTB&23019-uid:e5e663cc-8303-4301-b5e0-febf95280b18&KRTB&23114-uid:e5e663cc-8303-4301-b5e0-febf95280b18
.fiftyt.com/	1970-01-20 17:51:23	Name: fifid Value: 9aecce58-f743-433b-6347-77775ac4f8c2
.fiftyt.com/	1970-01-20 17:51:23	Name: cs Value: MTY3NDM0NzI2OXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fDFGVhBLS__eRWqpu-r6rsPfenAn3Q_qx4EHC4yaAKAJ
ads.playground.xyz/	1970-01-20 09:14:56	Name: connect.sid Value: s%3AdO3LnIkJRhOZSt-SUYCMnV2st-F1x18F.yIfH20lnuiBaSXT6MB0MWO%2F5tzEhCyP%2FaQDhl%2BHMhbw
.gumgum.com/	1970-01-20 17:51:23	Name: vst Value: e_768052c1-227c-4c79-a24f-728209555c14
.pubmatic.com/	1970-01-20 09:48:59	Name: KRTBCOOKIE_1101 Value: 23040-7191266762519148699&KRTB&23278-7191266762519148699&KRTB&23369-7191266762519148699
.servenobid.com/	1970-01-20 09:15:52	Name: pid_333 Value: Y8yDA4cEkej7q1cKSkb7aAAACGsAAAIB
.servenobid.com/	1970-01-20 09:15:52	Name: pid_327 Value: 3b2b2daa-daf0-464b-be66-01aacbc57504
.de17a.com/	1970-01-20 17:44:11	Name: guid Value: 1.2624905517755670101
.csync.loopme.me/	1970-01-20 11:15:23	Name: viewer_token Value: 082fd92e-2317-4f49-ad90-a93934035738
.servenobid.com/	1970-01-20 09:15:52	Name: pid_310 Value: GBq7uRZHi0XwF0YdSM-_mHpJ
.turn.com/	1970-01-20 13:24:59	Name: uid Value: 4426469066683050377
.pubmatic.com/	1970-01-20 11:15:23	Name: KRTBCOOKIE_57 Value: 22776-8053552683138483034&KRTB&23339-8053552683138483034
.smartadserver.com/	1970-01-20 18:36:01	Name: pid Value: 8546324679899167549
.fiftyt.com/	1970-01-20 09:15:52	Name: fppm Value: 20230122002749
.pubmatic.com/	1970-01-20 11:15:23	Name: KRTBCOOKIE_80 Value: 16514-CAESEAdLMACFaOLV3BvoKdHuqwg&KRTB&22987-CAESEAdLMACFaOLV3BvoKdHuqwg&KRTB&23025-CAESEAdLMACFaOLV3BvoKdHuqwg&KRTB&23386-CAESEAdLMACFaOLV3BvoKdHuqwg
.pubmatic.com/	1970-01-20 11:15:23	Name: KRTBCOOKIE_153 Value: 1923-A-GV2Q3hxo8YsMXcAOLb3FTgx4oY5cOJA-D5llCB&KRTB&19420-A-GV2Q3hxo8YsMXcAOLb3FTgx4oY5cOJA-D5llCB&KRTB&22979-A-GV2Q3hxo8YsMXcAOLb3FTgx4oY5cOJA-D5llCB&KRTB&23403-A-GV2Q3hxo8YsMXcAOLb3FTgx4oY5cOJA-D5llCB
.pubmatic.com/	1970-01-20 09:48:59	Name: SPugT Value: 1674347267
.onaudience.com/	1970-01-20 09:07:13	Name: done_redirects161 Value: 1
.pubmatic.com/	1970-01-20 09:48:59	Name: KRTBCOOKIE_22 Value: 14911-4426469066683050377&KRTB&23150-4426469066683050377
.1rx.io/	1970-01-20 17:51:23	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cb613d9a-8f34-4b0a-b61b-3d84e4fef762-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.pubmatic.com/	1970-01-20 09:48:59	Name: KRTBCOOKIE_336 Value: 5844-2624905517755670101
.creative-serving.com/	1970-01-20 18:27:23	Name: tuuid Value: 2b81921a-4428-48c9-a7d0-075c4c8d0912
.creative-serving.com/	1970-01-20 18:27:23	Name: c Value: 1674347269
.creative-serving.com/	1970-01-20 18:27:23	Name: tuuid_lu Value: 1674347269
.servenobid.com/	1970-01-20 09:15:52	Name: pid_309 Value: e_768052c1-227c-4c79-a24f-728209555c14
.rfihub.com/	1970-01-20 18:27:23	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MrW0tDS2MDCwMBfiM9QNyjeuSiw1z8w09CoDANjr_NAlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MrW0tDS2MDCwMBfiM9QNyjeuSiw1z8w09CoDANjr_NAlAAAA
.rfihub.com/	1970-01-20 18:27:23	Name: eud Value: H4sIAAAAAAAA_zslzmtoZm5ibGJuZGZpYWYBAM4qyVkQAAAA
.tribalfusion.com/	1970-01-20 11:15:23	Name: ANON_ID Value: a7nvYxwyEojpuMNpbZaFJZbV9Gelow7nGSY05Nhg5MCvdHFVHJtZdw3JP654kU6txnHt3Yka2md1JZatZcP40JwjtZcwXVIAb7GaEIV00U6yZc9g752tCtK
.emxdgt.com/	1970-01-20 09:48:59	Name: euid Value: 50781674347269874879f1
.servenobid.com/	1970-01-20 09:15:52	Name: pid_317 Value: 8546324679899167549
.creativecdn.com/	1970-01-20 17:51:23	Name: u Value: MVuPCXWSbF1EeGM1smqp
.creativecdn.com/	1970-01-20 17:51:23	Name: ts Value: 1674347269
.emxdgt.com/	1970-01-20 09:48:59	Name: eapn_id Value: 8053552683138483034
.openx.net/	1970-01-20 17:51:23	Name: i Value: 4bb4b7d7-9a77-4159-98e3-60288a26d846\|1674347269
.bidr.io/	1970-01-20 18:34:17	Name: bito Value: AAGpCk7HmQYAAB-sChmoIQ
.bidr.io/	1970-01-20 18:34:17	Name: bitoIsSecure Value: ok
.nrich.ai/	1970-01-20 18:41:47	Name: _nauid Value: 781c75fb-8de1-46a8-9e88-5ad672d0b57b
.servenobid.com/	1970-01-20 09:15:52	Name: pid_324 Value: 5108559725999380087
.rqtrk.eu/	1970-01-20 09:15:52	Name: browser_id Value: 1:e2ce5e3f-d597-4f17-821a-6601b26490ce
.360yield.com/	1970-01-20 11:15:23	Name: tuuid Value: 495e0559-5a86-4c60-aaa8-be15cf3ca6b6
.360yield.com/	1970-01-20 11:15:23	Name: tuuid_lu Value: 1674347269
.pubmatic.com/	1970-01-20 11:15:23	Name: KRTBCOOKIE_466 Value: 16530-ff081c61-2dcd-423c-94dd-afd2058741d0
.smartadserver.com/	1970-01-20 17:51:23	Name: csync Value: 94:Y8yDAwAAAaU6CgAF
.amazon-adsystem.com/	1970-01-20 18:41:47	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 09:48:59	Name: KRTBCOOKIE_409 Value: 22966-39puKE4JaTSbUQTXVQaXnjnY
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8530\|Y8yDC
.admanmedia.com/	1970-01-20 09:25:56	Name: admtr Value: 846c9b2f-6575-4a88-8b20-4f5bd60cddb8
.admanmedia.com/	1970-01-20 09:25:56	Name: ac_r Value: CS71
.pubmatic.com/	1970-01-20 11:15:23	Name: KRTBCOOKIE_860 Value: 16335-AWMbvp5oT_ZRm-DPq5fMDrKi0YM&KRTB&23334-AWMbvp5oT_ZRm-DPq5fMDrKi0YM&KRTB&23417-AWMbvp5oT_ZRm-DPq5fMDrKi0YM&KRTB&23426-AWMbvp5oT_ZRm-DPq5fMDrKi0YM
.pubmatic.com/	1970-01-20 09:48:59	Name: PugT Value: 1674347269
.technoratimedia.com/	1970-01-20 18:41:47	Name: tads_uid Value: GDPR
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 7df1c9bedbfee055
.outbrain.com/	1970-01-20 11:15:23	Name: obuid Value: 8ec90415-10ec-4428-990a-917b480a02cf
.zemanta.com/	1970-01-20 17:51:23	Name: zuid Value: uIrTmnRYfQfCJs4It5Kn
.disqus.com/	1970-01-20 17:51:23	Name: zeta-ssp-user-id Value: ua-76cd17a3-1ed0-3e0b-b3a6-b949b7f52af3
sync.srv.stackadapt.com/	1970-01-20 17:51:23	Name: sa-user-id Value: s%3A0-42bee812-60b9-40f0-70f9-4d580690a9b9.zr3PjrOCoFhbOm4YMbrZ7ozx0Z%2FYcVfnRhO1xhB9rB0
.srv.stackadapt.com/	1970-01-20 17:51:23	Name: sa-user-id-v2 Value: s%3AQr7oEmC5QPBw-U1YBpCpubKi0YM.LCxGzq4NBvJ8E0oXcZPdrJ8ZxMYAsLXFxGP4XAnbuiI
.id5-sync.com/	1970-01-20 09:05:47	Name: cf Value:
.id5-sync.com/	1970-01-20 09:05:47	Name: cip Value:
.id5-sync.com/	1970-01-20 09:05:47	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:05:47	Name: car Value:
.id5-sync.com/	1970-01-20 09:05:47	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:05:47	Name: callback Value:
.pubmatic.com/	1970-01-20 11:15:23	Name: KRTBCOOKIE_699 Value: 22727-AAGpCk7HmQYAAB-sChmoIQ
.ipredictive.com/	1970-01-20 17:51:23	Name: cu Value: d38e5500-da3f-4589-86f5-ca9c4b3d8da4\|1674347270184
.amazon-adsystem.com/	1970-01-20 15:08:40	Name: ad-id Value: A38ARNeHl0NkkH9Tgh6fKmY
.bluekai.com/	1970-01-20 13:26:25	Name: bku Value: ikG999Seps1VbQAL
.bluekai.com/	1970-01-20 13:26:25	Name: bkpa Value: KJhz0XarQM9R9mY73E5NdkezCuhmSvstGnjx8qJQyRtGpnuyhel2LLLmmld883TqtMkTiIUpu2KWRtgPg5X4pfFpZMAdc4YZ72itbVpT1xhlCfyP9Gv97Oqr6jFj5lrgIbsKZzXq9MvbNgocqhYx6lPLnlVcQJMbKMlP8FnfwB/QnXoK/D72uYUoxxSRvNaVYxNTnLuO8oC79G1sg3/1blIINwsVQ0iNaODdi30QS6XkGQM6lt13W4+MWZdjn3TvOUMezgSCTW7JiunguAS1Pu3PFv9k6E8Ejj8+e0+4LqpSSHGyEs1+QSKE2Ijryb4JbBfr+Fr3puBzEv4E7yW93djKJ9==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1674347266245&secure=true&version=9&title=IP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses&url=https%3A%2F%2Fiplogger.org%2F&measurable=true&bids[0][bidId]=65400b643724699&bids[0][config][property]=iplogger&bids[0][config][zone]=iplogger_S2S_FixedFooter_ROS&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=468&bids[0][sizes][2][height]=60&bids[0][sizes][3][width]=980&bids[0][sizes][3][height]=90&bids[0][sizes][4][width]=990&bids[0][sizes][4][height]=90&property=iplogger&foo Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://cdn.ampproject.org/rtv/022301041800000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=07816d725d02ece3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; report-uri https://iplogger.org/csp.php;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2add24536cc01c209df8373909080c94.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad-server.eu
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.btloader.com
api.webgains.io
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btloader.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.ampproject.org
cdn.iplogger.org
cdn.retailads.net
cdn.track.production.webgains.team
cdn4.buysellads.net
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
counter.yadro.ru
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hal9000.redintelligence.net
hal90007.redintelligence.net
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
iplogger.org
loada.exelator.com
m.servedby-buysellads.com
mantodea.mantisadnetwork.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
medialead.de
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pb.media01.eu
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
pv.medialead.de
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
tags.mathtag.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.fiftyt.com
ws.rqtrk.eu
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.iplogger.org
x.bidswitch.net
a.audrte.com
cm-supply-web.gammaplatform.com
cr.frontend.weborama.fr
uipglob.semasio.net
104.109.78.125
104.111.217.14
104.111.217.42
104.16.201.58
104.18.33.19
124.146.215.43
13.224.189.29
13.224.189.79
13.225.78.30
130.211.23.194
132.226.41.106
134.209.56.195
138.201.220.30
138.201.63.157
141.94.170.64
141.94.171.215
141.95.171.142
141.95.97.231
142.250.181.226
142.250.186.70
145.239.193.130
147.75.85.234
148.251.234.83
15.197.193.217
151.101.130.49
151.101.65.108
151.139.128.10
162.19.138.116
172.217.18.98
178.250.0.157
178.250.0.163
178.62.202.251
18.156.32.70
18.203.20.80
185.184.8.90
185.255.84.151
185.29.132.241
185.29.132.246
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.87
185.80.39.216
185.86.137.122
185.86.137.131
193.0.160.128
195.5.165.20
198.148.27.139
2.18.233.201
2.18.235.93
2.19.35.65
20.127.253.7
2001:678:cb4:bbbb::11
213.155.156.165
213.19.147.44
216.52.2.30
23.23.131.203
23.35.236.201
23.67.134.223
2600:9000:20eb:1000:1b:5138:8a40:93a1
2600:9000:21f3:4200:1f:4c18:bd40:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:20::ac43:4bf1
2606:4700::6810:77c3
2606:4700::6812:18ad
2606:4700::6812:272
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a00:1450:400d:807::2004
2a00:1450:400d:807::2008
2a01:4f8:d0a:2321::2
2a02:2638:1::1a
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:12::1370
2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
2a0b:4d07:401::1
3.120.51.163
3.126.56.137
3.208.37.196
3.68.131.77
3.88.253.42
3.9.112.14
34.102.253.54
34.107.148.139
34.247.233.198
34.254.143.3
34.91.62.186
34.96.105.8
35.176.33.61
35.186.193.173
35.190.0.66
35.201.96.126
35.214.223.115
35.244.159.8
37.157.4.41
37.252.171.21
37.252.171.84
49.12.22.42
5.161.47.120
51.68.39.188
51.89.9.254
52.18.161.122
52.205.2.35
52.210.29.120
52.28.203.152
52.46.128.147
52.51.57.10
54.154.84.112
54.76.176.197
64.202.112.127
67.220.226.238
69.166.1.10
69.173.144.139
70.42.32.191
72.251.245.181
76.223.111.18
77.245.57.72
8.18.47.7
80.77.87.161
85.114.159.118
88.198.250.30
88.212.201.198
94.23.99.218
98.98.134.241
00044bc22caa4b65bb3cd2172e23151b1a28821f281455415823ab313f4378ca
0114ab589ce42ed402ce67254aa06f725f6b53e4a04d2f79b4b01fc92501dcf1
01462b63fbefe928e58dba70375d3d581d8ab63cdb2678defb876652657c2191
02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0752ff93178a60132a85d765063ab749d7a7fa70613075abd8e7b085734a1fe9
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9034d3d0ce2266c93bc321a0c1c6592df5839a9957e57b54af115536bea623
0d8ff4fca5c6f7537ffba3c55c92a44adaec6ef252844a1bfb981a4c2f80728f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c63918253fe10a9399047c4f266814bc6adc6a1c7a1854a0cce9a7b71fcdcf
12f837d9ae8765fa4cdd6bcb8072b94b3850cf3cc455c92dd43f1edcd0a39240
17ff79820dca4fb785baec7023d40ff31e25f01fde915615c06142340c3f7ac5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d5e31d78faf7f19db1cdecb9d7636885d8a99e34a57d0e5ae5cab00fb720442
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
245b3adca012ced70efbce757209886d7c5928065942d181b3de3e8320321ab3
27bb84f2385305326b108901cc366406c277fbfb9aca9f44ad3d0a99f1478cf2
2b2c43596b04fbe1be7ffe41967587555489d3a5698919a6901c26d4c3ecf365
2d77d16bf1dfe855d98b6046bfff2e6bce42650c4e52ad01ed03cfd0f578de63
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2e56b32de514b03264659df45a47f999ca1fe12a891da5c06945d4f0db50c71d
2ec6225a4e15fce914847fb3a4ac496b393c23cf38f0a614293b0e7311b7c33b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304ab1e1dd7c5e0fb69c9cde58290b5e2bc9bfd8a4171038c24f5966418b9733
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
366625d97f7aa2fbee7a230694b0e3012a559ca9d1102ca1be32a91758f92b3a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d2a007bb491e30905ffd3ffba60b4b00977a84c32517733da7a8b35d53808b4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b628e24a3da030d8cceb6e61adbe19a86ed857b6a9261bd9ae744a2a204f62
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
427e00362ad6cde3343c2622e56e69952b671507e038d7d88e6bd007755969e1
43f6b1980c1890cee1e51039a40b023bf8688c1fe44b361fb20d50287bfa6d63
450c6ad62f1d38659faa4d1808028d4a3bdf23224cca8ceb6c20addab7fa19dc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a39cbd135ff150a5dd1f9c77446340b8b08b6912ed231f53438f16529154c44
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5352720a5ffb778e42dbb1d4b81c975c02018dd660e1fe9c430cbf13dba78762
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
56fdcfd42941f5cdf5a51c1a2b8c928ca33103b571fde7f599aa7a364c8e78b1
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c9248e89892c7df957267e2dd48e86cad650b9a95fd0cf97e09813e023f5d6a
5ca5ce4a4016c724e9b6126d554089acc219b45c03ff8c94a3e7ed68ca05b31c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6794402f4ce1f6e854461259a40105b16f31974a3ae60502d3780b064276554b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbdb6448d685ab2364231c5973f1d58ed65868ddcb96e6744bedd304b0ab025
6cca3db544bb753d29f058bea7ec72ba176df1e475329c92148cb2ff3b13083d
6e1bc570bb7ab3171f88d44c0084f41abbec0e88f02a822e3a9a6143eb87931f
711bf4aac9a4d90f349f2ae4aeb7dfef78c181ef84cd201d82a7fa5ad20dbe9f
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
75bfecfbe28a59e2e73cd4dc63a85587280247f037fbd8775d269d853f10c416
79a55836eea57e7407140855fef88ad78d2235d3826f651e5621f80f9d8dbaa6
79ef3b24be098db722380c42c08c9ebaa16d432021a1674f6f1889ae98a5722f
7ada7815727017ccdded1630ef926d14ea0f78c901442d3ed1e92145105d0c21
7b363d2d49f05ad7611c76b29615fc21c18316c6d4dee18d37fe958869e7d912
7b50d4213e57b3e6892fe2e7d02d7ee15561b5c9bcf59f65eec6b4bb8cd2d376
7c927779281c20f99508a03a44b0962d308b0740ab337b4d6b0a7cd3597e284a
7cd0f94808f330ada1174fbb1d5c20aece930c6cd03dabbc5d1fd6842d93c565
7cd44063d6dc5d01b4bad392f7fab3f7cfecd425ea195144eb28818a443f62ea
7dc30d6928e58f058f551f23e6dcaf155a06a771c2de6a270ba089ce1fc2c9fa
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81943eaaed3d4739c31bd71d834b6d2597d7ae14e0114757c35d03f5449b1dfc
829416046a1f4c95b98b95b1d8806039685a7e0c418649d2299963c7029c990d
82e82fc925ae247d5aebf2da027972bebacd6f564b9499d85913272532484eb9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8352e02d89ad51ae66a63c1a10f6aba4e2003f7737bbdc440eec9a1effe7d2f4
8445acb70fad20246e3ebd86e27a7ccfd41ff60a7c1a88108bf6cf427a448b4f
84cf569fc6c79862aaf9727156a2d9fa077e6cb264b2f8e8f58c1551ef7597a3
853f15008ae6a86c8629a7facce2e184069ea8992ad2b5f2ad28d54633f2cf77
865bc8a864316f8a423f6f60c744ce803b276141c5745d29f97ba8c89679dc4a
8765d40288f84fdc8b14b18a891c3f055fdc24a78f573c8a7bbf7ed0e28c95d0
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a30eef52853e7f41aa56139757a10606edf9ebe473c4d75a2784833db27e5e4
8ac2358bf1a5388fd9b09e458ef26da4cac7d06e4bdf8f8574b3bc0d9a1616a1
8b84495e0e00851129198a3d9676758e12767ab5315e82635cb900ddb46c41fe
8c6b59cdfd55642b52b5e3bf0c6c47464cf783c2cf9b6e3d28b3097a42f99b09
8d3178bbbb291c3cc04de9c5b25f3ef94e16ee5a8b1ada7b7823137e83241138
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8d90003b25bc7f663b891e428288306c5fc4ef282020982c0d18dcf8ddcd1d
9242ba850c58937db36bec11db95ab59c01651bc2ca7889d55a35fdcdae3511e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
961d2776cd22fff16aa7921234104666fe4755c8ceb37cf2c4af5ab2734ee434
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a5d99fd75c48b76123888c176165debdf2d63db9efca2141532e914837d70ee
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f8b4c21adc1635b2b7a42b6a7e04d37b6ddc677efce940c5fcdc7fc1bbbd777
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0b6ecbcf7ae100aee6f5a3401d8f18af6ae61b2fa129f1a84a3cb889fdcd94d
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a47a9bed5704fa09480990932cb9713a5bb1e45b50dd731906012a818fdb8d62
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ab47e7f3e708016110c92bdea07b44ec3306ba0ce504bd3b5a7c7536a5ca2e
a79e3626d51ab8c22091e73a0f380f4c0085361900355d6a3faf53622e7327cb
a991e8251e44bab71b802f997b78dd068396ec7896d36dc8611a07d1c6c227b8
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
ac75206f4edacb92ce51672d1cad2bea9a9f1eda3d75c18eea09f0b01861a94c
ace6b45669402ffdcbfa20bf1640728c48693f33496cad02c6b8822e29751a4d
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad78c8244b7823c2cd2053d3b59dc455e80e26f5b92b37500f3bd40b5286e984
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af656b55e32f8662fafd8f8d7e513d4051d24b96084c6d99e5ec0fa04e0bca97
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b324d2ac4eb24e6a2954d88dbf38f5350aec5c77d1af9ddb0bee580837d0e4cc
b328b80a033e87926e4d9c7963e8bdc071b4051c55144489ad1569d1213986da
b3a679344ad3e4e554ab4462a108cbd76ef8d0c3c6ede5d269ef3bafb85f8863
b5218a3d297274b51a2f0c3c48ee85a94a20b8563d1cce820499aac7aa5f22bd
b94a38239b592aed3cebbcb6b558f5df7f993229e7dba16c157aec0fb0b65456
bb0156027e0d7be3c6e896d0d1c33226709615cf4a13e3e358d336544ba75000
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd7b039d14ed94dc5f4d093327eaf1defee0c94bdfb6665721e0f3c65a27a8b8
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
c873691d40fa2f3884e24cf12e658b004eed382fd6f21c1fde88af854bd2eed3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
cb14b7d8111dc00ed5145ca7d5fb514dd151c8c26a220a9d989f5d4ee7c60d51
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d22322b72c6544ca1b5dd7f06f430a9f3bfb461fd634f2361f1b0514a43bdb03
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da30aac687ffe6cbac0183bfee168f6bfed1c89e219de0af57d668e9277f8075
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de81153a6b9ed335ee5bd1afcab8d5667c8d710a47ff34498315d8bb54b0c132
dec3240d0881a5216582b88d2e9a0995d7b81b92d37cc37d73d0830db41329f5
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e0695d487d92393f8d9380a8178772da3aaeddaa6156d3b0b400a7b3a0e47cce
e2a02af7a5124bf8ad985a63f4df0446ba9121183805090cf8b3c3749e91bf30
e3390a0cbc75c5489838827a5313fed9494e98b02a3b95318b1349993477c95e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8c26c91f1a9304986a94fc7ad14c29c576751009cf6c27117b859add08dd5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e6df2ba3d275bc4faee29a6a9bf7bd8c36100c264049e2caa441705e84e5dbe5
e8458f8bbc73845f2967ea9ac79e3295d779c1a29cde49c9157bfa68620ac3c7
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f1951dc4d97622d6e0b06dcdf996cf54f67193f2e567abc6e5db5490ff1da797
f1c399c04e7cd66dabcf07c81687d08d0aca9b66c54b848d5b7d9b18c269c1bb
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f678c8982c17018890e2bcb3bd061402cec13f256ed11f951c1bb4804f0a7be1
f68c43f158a42c60bfd2f29f2b397b2cabde9ed43a1aec3ef1296770d1f8df7e
f6c96b4b5b62c1dadd244bb3ca51f82f7960034c9e3bd8dca35cb7db5a5661a8
f82d00e4896a9aee107123f1ae51a9699c49d38563b118cabbe1bcda49795099
f878cac46f254fdec5d7a5f097470ea7753e52b213f57a9f42492cc96f669a24
f984462d59de30bf81be1b98729ecd9d4b404f19db99c2a596820c4fac22b0e3
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
fa7d44e632f0650d83d97fe99bc33f08783b0948aa261f252862652614ffb4aa
fc868906b9c6da83202bd4cfa1685ca822b8d1606f6a11d0e6483f26eeb64c6c
fcc95a2016c336ce5ea23bbdb3436e99a61d8feed49cbdc749437516aeda27f1
fd3b62f1c4f188c40237a6234ce56981efaa64c22eea9c462aa57fd7d1bf8829
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

iplogger.org Open in urlscan Pro 148.251.234.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

360 Requests

81 %HTTPS

24 %IPv6

110 Domains

153 Subdomains

101 IPs

16 Countries

2540 kBTransfer

5535 kBSize

133 Cookies

17 Outgoing links

Page URL History

Redirected requests

360 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

iplogger.org Open in urlscan Pro
148.251.234.83 Public Scan

Screenshot
Live screenshot

Full Image

360
Requests

81 %
HTTPS

24 %
IPv6

110
Domains

153
Subdomains

101
IPs

16
Countries

2540 kB
Transfer

5535 kB
Size

133
Cookies

360 HTTP transactions
3 data transactions