urlscan.io logo urlscan.io
SecurityTrails logo

www.jackpocket.com Open in urlscan Pro
2606:4700::6812:1251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.jackpocket.com/referrals/ak97er
Submission: On May 02 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 7 countries across 30 domains to perform 43 HTTP transactions. The main IP is 2606:4700::6812:1251, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.jackpocket.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 14th 2023. Valid for: a year.
This is the only time www.jackpocket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:3::e 44788 (ASN-CRITE...)
4 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
1 3 178.250.1.9 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 2 3.122.168.250 16509 (AMAZON-02)
2 2 142.250.185.98 15169 (GOOGLE)
2 2 185.89.210.122 29990 (ASN-APPNEX)
1 2 185.89.211.116 29990 (ASN-APPNEX)
1 2.18.235.93 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 3.123.239.103 16509 (AMAZON-02)
1 185.86.139.104 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 104.111.217.42 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 2 3.71.149.231 16509 (AMAZON-02)
1 37.157.2.234 198622 (ADFORM)
1 185.255.84.152 200271 (IGUANE-)
1 2 23.201.251.199 16625 (AKAMAI-AS)
1 2 34.243.155.182 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
1 2 34.242.12.188 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 52.59.73.150 16509 (AMAZON-02)
1 70.42.32.63 13789 (INTERNAP-...)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.215.16.120 16625 (AKAMAI-AS)
1 63.35.86.73 16509 (AMAZON-02)
1 54.229.82.2 16509 (AMAZON-02)
1 3.141.217.184 16509 (AMAZON-02)
43 34
7    2606:4700::6812:1251 (United States)

ASN13335 (CLOUDFLARENET, US)
www.jackpocket.com
jackpocket.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6812:1351 (United States)

ASN13335 (CLOUDFLARENET, US)
jackpocket.com
1    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
2    3.122.168.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-168-250.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
2    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    3.123.239.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-103.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    23.201.251.199 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-251-199.deploy.static.akamaitechnologies.com
r.casalemedia.com
2    34.243.155.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-155-182.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    34.242.12.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-12-188.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    52.59.73.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-73-150.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4200:c281:cce8:5ab8:dc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    63.35.86.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-86-73.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    54.229.82.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-82-2.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.141.217.184 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-217-184.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
11 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3191
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
sslwidget.criteo.com — Cisco Umbrella Rank: 1930
widget.us.criteo.com — Cisco Umbrella Rank: 17390
dis.criteo.com — Cisco Umbrella Rank: 941
29 KB
10 jackpocket.com
www.jackpocket.com
jackpocket.com — Cisco Umbrella Rank: 339192
201 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
4 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
875 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
2 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1838
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
507 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
874 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2576
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 807
338 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2613
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3632
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 19048
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2806
400 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 976
584 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 987
145 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1620
882 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2879
274 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1151
235 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1622
162 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 535
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2185
172 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1472
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
114 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
363 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
239 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 838
801 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
55 KB
43 30

This site contains no links.

Subject Issuer Validity Valid
jackpocket.com
Cloudflare Inc ECC CA-3		 2023-04-14 -
2024-04-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
itm.ivitrack.com
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01		 2023-02-11 -
2023-08-04		 6 months crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.jackpocket.com/referrals/ak97er
Frame ID: 87A2DB4D096FB7561C100E02D6FB9F36
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.jackpocket.com&origin=onetag
Frame ID: 87AD664748E67E2A90AB386714DB6832
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-XOthkSvmqD4pq1cEqbs4gDRRMyCnOAm5EH6G4Q&expires=30
Frame ID: 813723936042D6B37C3B34DB121D3F5D
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mobile Lottery App - Jackpocket

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

43
Requests

72 %
HTTPS

17 %
IPv6

30
Domains

37
Subdomains

34
IPs

7
Countries

293 kB
Transfer

617 kB
Size

40
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://gum.criteo.com/sid/json?origin=onetag&domain=jackpocket.com&sn=ChromeSyncframe&so=0&topUrl=www.jackpocket.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=KBuKeXwrZjZIZnJza3hVc0xSenY5YVhGU2hzUE9jREEwZkFYS3I3ZitTelhOV3JPNkRPaXAwenVZdDIyN05BUlM5TDM0VVkxTURoNmRpR3BocDczSDhib2Q5UHd3VFVoY3ZpM2hmdFpndUZFZE9hbFhhVlpCWU41a1NtZEZYOGhpbEl0V0JKRTFFQ1RxenhUYlZiZWxJV2hLemdXbThvZ2FQUURKQUhyaXMrYWlGdmpjOHFwVVE0QmlacUtOTU9hMFM5Wno3bHoydUV5K3F1dVBZMEpzY01Qc2szOGFTaFdBMzh2WDJoWVl2TGUvUDl2akpjZmpOaUNLODlKS3VPcXpxV1BMa1BTVXVIUS9SYVpDQmtva0tmSDIybTRHVDlqSVg5UWM3Tzc4Z1RDeHZGdz18&cppv=2
Request Chain 13
  • https://sslwidget.criteo.com/event?a=94492&v=5.15.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zip%2520Code%2523%2523%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=qCfSL19xRnJZJTJGdkRZUkI4Y2tqN1Q2OEJvUTR6WCUyQm9ld1dhMExkWExoV3pmcDIxaHV4MHNlR3hFV1JRa1FjWFRWM0ozVkdIV1lvVjJZT0F1R0ZFMmklMkZCMTdzNmdscU02TlN6ckZ1Q2xxMFdvNUduUWF5REJ0NW1FejBhOTI1TENVOEwyQWxTJTJCNExYb2g0OURyOE9hOVBsTjlYUSUzRCUzRA&tld=jackpocket.com&dy=1&fu=https%253A%252F%252Fwww.jackpocket.com%252Freferrals%252Fak97er&ceid=edbd5af4-dab1-46e7-8393-cab778971de6&dtycbr=73230 HTTP 302
  • https://widget.us.criteo.com/event?a=94492&v=5.15.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zip%2520Code%2523%2523%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=qCfSL19xRnJZJTJGdkRZUkI4Y2tqN1Q2OEJvUTR6WCUyQm9ld1dhMExkWExoV3pmcDIxaHV4MHNlR3hFV1JRa1FjWFRWM0ozVkdIV1lvVjJZT0F1R0ZFMmklMkZCMTdzNmdscU02TlN6ckZ1Q2xxMFdvNUduUWF5REJ0NW1FejBhOTI1TENVOEwyQWxTJTJCNExYb2g0OURyOE9hOVBsTjlYUSUzRCUzRA&tld=jackpocket.com&dy=1&fu=https%253A%252F%252Fwww.jackpocket.com%252Freferrals%252Fak97er&ceid=edbd5af4-dab1-46e7-8393-cab778971de6&dtycbr=73230
Request Chain 14
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-XOthkSvmqD4pq1cEqbs4gDRRMyCnOAm5EH6G4Q&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-XOthkSvmqD4pq1cEqbs4gDRRMyCnOAm5EH6G4Q&expires=30
Request Chain 15
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GK0FrSvmqD4pq1cEqbs4gDRRMyDDDtsqpBdMCQ&google_cm&google_hm=ay1HSzBGclN2bXFENHBxMWNFcWJzNGdEUlJNeURERHRzcXBCZE1DUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-GK0FrSvmqD4pq1cEqbs4gDRRMyDDDtsqpBdMCQ&google_cm=&google_hm=ay1HSzBGclN2bXFENHBxMWNFcWJzNGdEUlJNeURERHRzcXBCZE1DUQ&google_tc= HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GK0FrSvmqD4pq1cEqbs4gDRRMyDDDtsqpBdMCQ&google_gid=CAESEBrrvvoZRHHz2qttDjWeAwY&google_cver=1&google_ula=913071,0
Request Chain 16
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7393558310583702949
Request Chain 17
  • https://secure.adnxs.com/setuid?entity=52&code=k-iqJLLivmqD4pq1cEqbs4gDRRMyBteX_ewVROLA HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-iqJLLivmqD4pq1cEqbs4gDRRMyBteX_ewVROLA
Request Chain 25
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VWojOivmqD4pq1cEqbs4gDRRMyD-N8bbTJ5MZw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VWojOivmqD4pq1cEqbs4gDRRMyD-N8bbTJ5MZw&verify=true
Request Chain 28
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cf72vyvmqD4pq1cEqbs4gDRRMyD4tqFsGwiT1A HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cf72vyvmqD4pq1cEqbs4gDRRMyD4tqFsGwiT1A&C=1
Request Chain 29
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=O91mtn4GEeJVH90E3h2fq6OszgMWkx4q HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=O91mtn4GEeJVH90E3h2fq6OszgMWkx4q
Request Chain 31
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-y6DlFCvmqD4pq1cEqbs4gDRRMyCc3Lv-aN2oCQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y6DlFCvmqD4pq1cEqbs4gDRRMyCc3Lv-aN2oCQ
Request Chain 40
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=933LvqP6-b9cKPptuSbB7odhrwU81S-b
Request Chain 41
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=iL3Ozd8qT7lypFF8RPD8_omQGANaH37p

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ak97er
www.jackpocket.com/referrals/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jackpocket.com/referrals/ak97er
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011d2f3b46e4d9bbc9cf9bd092cf9cae003cccbd73fbe1cc0266eb2a38380274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store
cf-cache-status
DYNAMIC
cf-ray
7c109996b89503dc-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 02 May 2023 13:27:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
37d8d89d9ad21b81ca9e28b34cf6b267
x-runtime
0.027212
x-xss-protection
1; mode=block
application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
jackpocket.com/assets/ 		102 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jackpocket.com/assets/application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
Requested by
Host: www.jackpocket.com
URL: https://www.jackpocket.com/referrals/ak97er
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4acaf397c9be790e4020e6ebabc411375c8181c67f95b184d8c427e1c27d7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jackpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Apr 2023 21:08:44 GMT
server
cloudflare
cf-cache-status
HIT
vary
Accept-Encoding, Origin
content-type
text/css
accept-ranges
bytes
cf-ray
7c10999afe4603dc-FRA
content-length
16888
application-a7f8679789a5e37232ca2117ad9498c14414193ed6fbad0e6a6c1900b9f09b2b.js
jackpocket.com/assets/ 		157 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jackpocket.com/assets/application-a7f8679789a5e37232ca2117ad9498c14414193ed6fbad0e6a6c1900b9f09b2b.js
Requested by
Host: www.jackpocket.com
URL: https://www.jackpocket.com/referrals/ak97er
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
178652e27f7f8f6599a7d58b5159eb8658fdeefdc1ce0a1cfd1ac9dc55a02793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jackpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Apr 2023 21:08:44 GMT
server
cloudflare
cf-cache-status
HIT
vary
Accept-Encoding, Origin
content-type
application/javascript
accept-ranges
bytes
cf-ray
7c10999afe4a03dc-FRA
content-length
46097
referrals-e56271c683a69500109eebf79770934c57c9f419d5b62dd931d6da071b253d13.js
jackpocket.com/assets/ 		1 KB
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jackpocket.com/assets/referrals-e56271c683a69500109eebf79770934c57c9f419d5b62dd931d6da071b253d13.js
Requested by
Host: www.jackpocket.com
URL: https://www.jackpocket.com/referrals/ak97er
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dc9ec533d528173634b2608f98ea477819fea53aec58afb35f1cc8bdbef96fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jackpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Apr 2023 21:08:44 GMT
server
cloudflare
cf-cache-status
HIT
vary
Accept-Encoding, Origin
content-type
application/javascript
accept-ranges
bytes
cf-ray
7c10999afe4b03dc-FRA
content-length
392
jackpocket-logo-852bb12e80c92c0d3efbe131828b183dee270933fb7276b2119c1c8afd890d01.svg
jackpocket.com/assets/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jackpocket.com/assets/jackpocket-logo-852bb12e80c92c0d3efbe131828b183dee270933fb7276b2119c1c8afd890d01.svg
Requested by
Host: www.jackpocket.com
URL: https://www.jackpocket.com/referrals/ak97er
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce49ffa31508753f19b045b867ae1984d8f7aca7e9ae0e9dd62adc17ac995865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jackpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 21:08:44 GMT
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cf-ray
7c10999bff8003dc-FRA
referrals-coin-272a5cc41dd1044321cc56db548d74f488a3455a3666208cde9a3ab6598414cf.svg
jackpocket.com/assets/ 		2 KB
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jackpocket.com/assets/referrals-coin-272a5cc41dd1044321cc56db548d74f488a3455a3666208cde9a3ab6598414cf.svg
Requested by
Host: www.jackpocket.com
URL: https://www.jackpocket.com/referrals/ak97er
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c4d71838403fa3b39ec08192311f24c417339c4ccf58bafc81ccd51182949c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jackpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 21:08:44 GMT
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cf-ray
7c10999ce8c103dc-FRA
gtm.js
www.googletagmanager.com/ 		146 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N6JVLL
Requested by
Host: www.jackpocket.com
URL: https://www.jackpocket.com/referrals/ak97er
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
430fdbf85cca8a6f1495ae4d51f5209d9534ed3fb223b3a0f3071ac9bea92c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jackpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55852
x-xss-protection
0
last-modified
Tue, 02 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 13:27:09 GMT
shapes-bg-d3092a6c45453d9b8a672d775b90c967d3803a3461b821f4a90b9b1f0c14f10e.png
jackpocket.com/assets/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jackpocket.com/assets/shapes-bg-d3092a6c45453d9b8a672d775b90c967d3803a3461b821f4a90b9b1f0c14f10e.png
Requested by
Host: jackpocket.com
URL: https://jackpocket.com/assets/application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4d38261a80ed37e154e21e3f258771060349a8e1120d6c43a36a5c8360cc2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jackpocket.com/assets/application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 21:08:44 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
7c10999e0a2903dc-FRA
content-length
49851
grotasans-extrabold-440760d463534ca5e570f83b59c8ad0ed0b11f8cd5448bb6ee7ca4edd2f54d6d.woff2
jackpocket.com/assets/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jackpocket.com/assets/grotasans-extrabold-440760d463534ca5e570f83b59c8ad0ed0b11f8cd5448bb6ee7ca4edd2f54d6d.woff2
Requested by
Host: jackpocket.com
URL: https://jackpocket.com/assets/application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1351 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43eb7aa912d990405acd7f9c9c64e3b8c0b6319c5f2be947d21c9cef2d44caae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://jackpocket.com/assets/application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
Origin
https://www.jackpocket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 21:08:44 GMT
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
accept-ranges
bytes
cf-ray
7c10999e2c4f9b7a-FRA
content-length
34648
proximanova-regular-aed6b663943fd79a084c4cf3b72f06383149203653172b06e9058886e01b103b.woff
jackpocket.com/assets/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jackpocket.com/assets/proximanova-regular-aed6b663943fd79a084c4cf3b72f06383149203653172b06e9058886e01b103b.woff
Requested by
Host: jackpocket.com
URL: https://jackpocket.com/assets/application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1351 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d6b73a36cc9388e350a4636795d7596951b2fe9f2eb1bc28935f4dbd6838b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://jackpocket.com/assets/application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
Origin
https://www.jackpocket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 21:08:44 GMT
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-ray
7c10999e2c509b7a-FRA
proximanova-bold-19d9046892fc815bdc04f9c733dbbc591c8f0f2f4b6f1bfdd2616f0685e9d726.woff
jackpocket.com/assets/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jackpocket.com/assets/proximanova-bold-19d9046892fc815bdc04f9c733dbbc591c8f0f2f4b6f1bfdd2616f0685e9d726.woff
Requested by
Host: jackpocket.com
URL: https://jackpocket.com/assets/application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1351 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8eb8ee27e4b35264453ce2f37a3c3b6f2c26ce135e24fa239fdc445ae99ea72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://jackpocket.com/assets/application-b314c3f9b272640578a94fc8aaefce9b1c4d9c7a9b080a638b61ac15cfd4e0b4.css
Origin
https://www.jackpocket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 21:08:44 GMT
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-ray
7c10999e2c529b7a-FRA
ld.js
dynamic.criteo.com/js/ld/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=94492
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6JVLL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5323c8725b71de58853a131a5e58358782b2edda51c69083d6573904d3e325c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jackpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
syncframe
gum.criteo.com/ Frame 87AD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.jackpocket.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=94492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.jackpocket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 13:27:09 GMT
server
Kestrel
server-processing-duration-in-ticks
469576
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 87AD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=jackpocket.com&sn=ChromeSyncframe&so=0&topUrl=www.jackpocket.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=KBuKeXwrZjZIZnJza3hVc0xSenY5YVhGU2hzUE9jREEwZkFYS3I3ZitTelhOV3JPNkRPaXAwenVZdDIyN05BUlM5TDM0VVkxTURoNmRpR3BocDczSDhib2Q5UHd3VFVoY3ZpM2hmdFpndUZFZE9hbFhhVlpCWU41a1NtZE...
428 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=KBuKeXwrZjZIZnJza3hVc0xSenY5YVhGU2hzUE9jREEwZkFYS3I3ZitTelhOV3JPNkRPaXAwenVZdDIyN05BUlM5TDM0VVkxTURoNmRpR3BocDczSDhib2Q5UHd3VFVoY3ZpM2hmdFpndUZFZE9hbFhhVlpCWU41a1NtZEZYOGhpbEl0V0JKRTFFQ1RxenhUYlZiZWxJV2hLemdXbThvZ2FQUURKQUhyaXMrYWlGdmpjOHFwVVE0QmlacUtOTU9hMFM5Wno3bHoydUV5K3F1dVBZMEpzY01Qc2szOGFTaFdBMzh2WDJoWVl2TGUvUDl2akpjZmpOaUNLODlKS3VPcXpxV1BMa1BTVXVIUS9SYVpDQmtva0tmSDIybTRHVDlqSVg5UWM3Tzc4Z1RDeHZGdz18&cppv=2
Requested by
Host: www.jackpocket.com
URL: https://www.jackpocket.com/referrals/ak97er
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5fd3207d0717e6073e16ae490bb48768fbe0dd56172ef760582623c0aecd2e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 13:27:09 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1274665
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 13:27:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=KBuKeXwrZjZIZnJza3hVc0xSenY5YVhGU2hzUE9jREEwZkFYS3I3ZitTelhOV3JPNkRPaXAwenVZdDIyN05BUlM5TDM0VVkxTURoNmRpR3BocDczSDhib2Q5UHd3VFVoY3ZpM2hmdFpndUZFZE9hbFhhVlpCWU41a1NtZEZYOGhpbEl0V0JKRTFFQ1RxenhUYlZiZWxJV2hLemdXbThvZ2FQUURKQUhyaXMrYWlGdmpjOHFwVVE0QmlacUtOTU9hMFM5Wno3bHoydUV5K3F1dVBZMEpzY01Qc2szOGFTaFdBMzh2WDJoWVl2TGUvUDl2akpjZmpOaUNLODlKS3VPcXpxV1BMa1BTVXVIUS9SYVpDQmtva0tmSDIybTRHVDlqSVg5UWM3Tzc4Z1RDeHZGdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
430781
content-length
0
expires
0
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=94492&v=5.15.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zi...
  • https://widget.us.criteo.com/event?a=94492&v=5.15.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zi...
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=94492&v=5.15.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zip%2520Code%2523%2523%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=qCfSL19xRnJZJTJGdkRZUkI4Y2tqN1Q2OEJvUTR6WCUyQm9ld1dhMExkWExoV3pmcDIxaHV4MHNlR3hFV1JRa1FjWFRWM0ozVkdIV1lvVjJZT0F1R0ZFMmklMkZCMTdzNmdscU02TlN6ckZ1Q2xxMFdvNUduUWF5REJ0NW1FejBhOTI1TENVOEwyQWxTJTJCNExYb2g0OURyOE9hOVBsTjlYUSUzRCUzRA&tld=jackpocket.com&dy=1&fu=https%253A%252F%252Fwww.jackpocket.com%252Freferrals%252Fak97er&ceid=edbd5af4-dab1-46e7-8393-cab778971de6&dtycbr=73230
Requested by
Host: www.jackpocket.com
URL: https://www.jackpocket.com/referrals/ak97er
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e6e5f9d7d40c5c740dbab8a03024c1ba0640acd6d51566678894815f5a38d4d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jackpocket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 13:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
16716273
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 13:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://widget.us.criteo.com/event?a=94492&v=5.15.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zip%2520Code%2523%2523%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=qCfSL19xRnJZJTJGdkRZUkI4Y2tqN1Q2OEJvUTR6WCUyQm9ld1dhMExkWExoV3pmcDIxaHV4MHNlR3hFV1JRa1FjWFRWM0ozVkdIV1lvVjJZT0F1R0ZFMmklMkZCMTdzNmdscU02TlN6ckZ1Q2xxMFdvNUduUWF5REJ0NW1FejBhOTI1TENVOEwyQWxTJTJCNExYb2g0OURyOE9hOVBsTjlYUSUzRCUzRA&tld=jackpocket.com&dy=1&fu=https%253A%252F%252Fwww.jackpocket.com%252Freferrals%252Fak97er&ceid=edbd5af4-dab1-46e7-8393-cab778971de6&dtycbr=73230
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
13791404
timing-allow-origin
*
content-length
0
expires
0
sync
x.bidswitch.net/ul_cb/ Frame 8137
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-XOthkSvmqD4pq1cEqbs4gDRRMyCnOAm5EH6G4Q&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-XOthkSvmqD4pq1cEqbs4gDRRMyCnOAm5EH6G4Q&expires=30
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-XOthkSvmqD4pq1cEqbs4gDRRMyCnOAm5EH6G4Q&expires=30
Protocol
H2
Server
3.122.168.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-168-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-XOthkSvmqD4pq1cEqbs4gDRRMyCnOAm5EH6G4Q&expires=30
date
Tue, 02 May 2023 13:27:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 8137
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GK0FrSvmqD4pq1cEqbs4gDRRMyDDDtsqpBdMCQ&google_cm&google_hm=ay1HSzBGclN2bXFENHBxMWNFcWJzNGdEUlJNeURERHRzc...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-GK0FrSvmqD4pq1cEqbs4gDRRMyDDDtsqpBdMCQ&google_cm=&google_hm=ay1HSzBGclN2bXFENHBxMWNFcWJzNGdEUlJNeURERHR...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GK0FrSvmqD4pq1cEqbs4gDRRMyDDDtsqpBdMCQ&google_gid=CAESEBrrvvoZRHHz2qttDjWeAwY&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GK0FrSvmqD4pq1cEqbs4gDRRMyDDDtsqpBdMCQ&google_gid=CAESEBrrvvoZRHHz2qttDjWeAwY&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 13:27:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
821796
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 13:27:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GK0FrSvmqD4pq1cEqbs4gDRRMyDDDtsqpBdMCQ&google_gid=CAESEBrrvvoZRHHz2qttDjWeAwY&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 8137
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7393558310583702949
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7393558310583702949
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 13:27:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1093377
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 02 May 2023 13:27:10 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
04695d81-4fd1-400e-80f0-9b3a08f60732
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7393558310583702949
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame 8137
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-iqJLLivmqD4pq1cEqbs4gDRRMyBteX_ewVROLA
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-iqJLLivmqD4pq1cEqbs4gDRRMyBteX_ewVROLA
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-iqJLLivmqD4pq1cEqbs4gDRRMyBteX_ewVROLA
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 13:27:10 GMT
AN-X-Request-Uuid
3b846991-f9ee-4cb9-932c-7101092d134d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 May 2023 13:27:10 GMT
AN-X-Request-Uuid
f659c8c2-3842-45b2-a9d9-f91e39d5d3e5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-iqJLLivmqD4pq1cEqbs4gDRRMyBteX_ewVROLA
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 8137 		61 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Ya1GxivmqD4pq1cEqbs4gDRRMyD_CsBggPwaEA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 May 2023 13:27:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Tue, 02 May 2023 13:27:10 GMT
tap.php
pixel.rubiconproject.com/ Frame 8137 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-fSbkqivmqD4pq1cEqbs4gDRRMyAbz8im4uaWnw&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 8137 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-7ehF8SvmqD4pq1cEqbs4gDRRMyBhBPAqQPweYg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.239.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-239-103.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8137 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-sShjBSvmqD4pq1cEqbs4gDRRMyAYik9UHUNUIg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8137 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-PRfBFivmqD4pq1cEqbs4gDRRMyC_iaRwNd05-A
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12622
um
criteo-sync.teads.tv/ Frame 8137 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-eMpn-CvmqD4pq1cEqbs4gDRRMyDVQLKOtRXOgQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Tue, 02 May 2023 13:27:10 GMT
pragma
no-cache
date
Tue, 02 May 2023 13:27:10 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 8137 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-nniGhivmqD4pq1cEqbs4gDRRMyA4ZYRu-nACsw&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 8137
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VWojOivmqD4pq1cEqbs4gDRRMyD-N8bbTJ5MZw
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VWojOivmqD4pq1cEqbs4gDRRMyD-N8bbTJ5MZw&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VWojOivmqD4pq1cEqbs4gDRRMyD-N8bbTJ5MZw&verify=true
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VWojOivmqD4pq1cEqbs4gDRRMyD-N8bbTJ5MZw&verify=true
date
Tue, 02 May 2023 13:27:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 8137 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-7xCK5ivmqD4pq1cEqbs4gDRRMyBQjmvo0uzAUg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
last-modified
Thu, 28 Jul 2022 12:09:37 GMT
server
nginx
accept-ranges
bytes
etag
"62e27c81-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 8137 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-hniQuCvmqD4pq1cEqbs4gDRRMyA6sW4BcabsiQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 13:27:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 8137
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cf72vyvmqD4pq1cEqbs4gDRRMyD4tqFsGwiT1A
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cf72vyvmqD4pq1cEqbs4gDRRMyD4tqFsGwiT1A&C=1
43 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-cf72vyvmqD4pq1cEqbs4gDRRMyD4tqFsGwiT1A&C=1
Protocol
HTTP/1.1
Server
23.201.251.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-251-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 13:27:10 GMT
X-AK-INITIAL-GEO
CC:DE, RC:HE, CN:EU, CIP:217.64.151.8, XFF:
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
X-AK-CLIENT-GEO
12
Expires
Tue, 02 May 2023 13:27:10 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 May 2023 13:27:10 GMT
X-AK-INITIAL-GEO
CC:DE, RC:HE, CN:EU, CIP:217.64.151.8, XFF:
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=20&external_user_id=k-cf72vyvmqD4pq1cEqbs4gDRRMyD4tqFsGwiT1A&C=1
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Tue, 02 May 2023 13:27:10 GMT
demconf.jpg
dpm.demdex.net/ Frame 8137
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=O91mtn4GEeJVH90E3h2fq6OszgMWkx4q
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=O91mtn4GEeJVH90E3h2fq6OszgMWkx4q
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=O91mtn4GEeJVH90E3h2fq6OszgMWkx4q
Protocol
HTTP/1.1
Server
34.243.155.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-155-182.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-026448671.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
OSFMEoUUTdg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v048-090260c2d.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
9lEkvLz7Q4Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=O91mtn4GEeJVH90E3h2fq6OszgMWkx4q
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 8137 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k--Pl5DSvmqD4pq1cEqbs4gDRRMyApymWj_LDkLw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 May 2023 13:27:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ul_cb/ Frame 8137
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-y6DlFCvmqD4pq1cEqbs4gDRRMyCc3Lv-aN2oCQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y6DlFCvmqD4pq1cEqbs4gDRRMyCc3Lv-aN2oCQ
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y6DlFCvmqD4pq1cEqbs4gDRRMyCc3Lv-aN2oCQ
Protocol
H2
Server
34.242.12.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-12-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 May 2023 13:27:10 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y6DlFCvmqD4pq1cEqbs4gDRRMyCc3Lv-aN2oCQ
access-control-allow-origin
*
date
Tue, 02 May 2023 13:27:10 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 8137 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-gUNrdyvmqD4pq1cEqbs4gDRRMyCcKDDngNoo7A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 8137 		0
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Kdku-CvmqD4pq1cEqbs4gDRRMyBp1fluQwRJ_A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.73.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-73-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:10 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 8137 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-zhzX2ivmqD4pq1cEqbs4gDRRMyAdQzy6I84oBQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 13:27:11 GMT
Cache-Control
no-cache
X-TraceId
3e18d06ceca67b9050aa59caa6233d7b
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8137 		42 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-YS86gyvmqD4pq1cEqbs4gDRRMyDI7CHKylADXw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 May 2023 13:27:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 8137 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-ZAyxNCvmqD4pq1cEqbs4gDRRMyD7LRQePXbAiQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:c281:cce8:5ab8:dc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 May 2023 13:27:11 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 8137 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-9eAMPCvmqD4pq1cEqbs4gDRRMyBruY_QiUvIVA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.30
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 May 2023 13:27:10 GMT
server
Apache
x-powered-by
PHP/7.3.30
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 8137 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-MdsEYyvmqD4pq1cEqbs4gDRRMyABQLBWPr-QdQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-16-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 13:27:10 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 May 2023 13:27:10 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 8137 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-HIlIVivmqD4pq1cEqbs4gDRRMyDY_ZqKmTcguw&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.86.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-86-73.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:27:11 GMT
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 8137
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=933LvqP6-b9cKPptuSbB7odhrwU81S-b
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=933LvqP6-b9cKPptuSbB7odhrwU81S-b
Protocol
H2
Server
54.229.82.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-82-2.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
beacon-n019-dub-prod.krxd.net
date
Tue, 02 May 2023 13:27:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1683034031
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=933LvqP6-b9cKPptuSbB7odhrwU81S-b
date
Tue, 02 May 2023 13:27:10 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
682522
content-length
0
cs
s.thebrighttag.com/ Frame 8137
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=iL3Ozd8qT7lypFF8RPD8_omQGANaH37p
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=iL3Ozd8qT7lypFF8RPD8_omQGANaH37p
Protocol
H2
Server
3.141.217.184 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-217-184.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 13:27:11 GMT
x-bt-requestid
0b5d4af1-e8ed-11ed-bd28-0000ac170325
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=iL3Ozd8qT7lypFF8RPD8_omQGANaH37p
date
Tue, 02 May 2023 13:27:10 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
755768
content-length
0

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless function| $ function| jQuery object| __FOUNDATION_EXTERNAL__ object| Foundation object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| metaRobots string| deviceType object| criteo_q object| Criteo

40 Cookies

Domain/Path Name / Value
.jackpocket.com/ Name: _jp_session
Value: zFFVY1Y8UQuIUvuZmpFiC366JzPdB6Q96WvqGE0Ak5OWoxIyawJds45mb1rfzu%2FwUge0OZMvkIEep4oeL4bl%2B%2Bv4niUzBr3rTNc8PYc0T1A1Ixtv9n8FeADT%2F5q54BovBhKzSYeDjPhgnglw%2BpGcq71mzKRvh5sK3FX2J31ijFUWG%2BCHij2A8OCTTRTkFWrJjeDRhls23vhU4mh7xStHojGQ9CZQBA35yOqrYZ77CtH5qBA9jpVGFNyU8OGSIHfjAbLU115hvRDv2VMX2SimPY6buA%3D%3D--umOjomhhyZ1fj3bB--iq%2BmeUCsm8JEA303vpHCuA%3D%3D
.criteo.com/ Name: uid
Value: fa577998-1e4b-4ac4-a41e-4e3cdcfa8780
.jackpocket.com/ Name: cto_bundle
Value: qCfSL19xRnJZJTJGdkRZUkI4Y2tqN1Q2OEJvUTR6WCUyQm9ld1dhMExkWExoV3pmcDIxaHV4MHNlR3hFV1JRa1FjWFRWM0ozVkdIV1lvVjJZT0F1R0ZFMmklMkZCMTdzNmdscU02TlN6ckZ1Q2xxMFdvNUduUWF5REJ0NW1FejBhOTI1TENVOEwyQWxTJTJCNExYb2g0OURyOE9hOVBsTjlYUSUzRCUzRA
match.sharethrough.com/ Name: AWSALBCORS
Value: Lcg6QA0Rzbab/9u6FN1pRbCaVtULs3fkVvL7clnQYHBgWXZC5D2GUkB+VX+8M8Yy6vxpzKKjlwWebCx1QD5Q4MQ2Kj45I8sI2tvURtObXcI3AQaycQ0hU1+GvvQq
.bidswitch.net/ Name: tuuid
Value: 2ebdeb8d-4a26-4cc8-80a8-4166283a0de6
.bidswitch.net/ Name: c
Value: 1683034030
.bidswitch.net/ Name: tuuid_lu
Value: 1683034030
.doubleclick.net/ Name: IDE
Value: AHWqTUmZa54UhFA7hKWgn49lwmiT8tEM7Re14lVofdabSGx0S_Ra8YUThrcdYo6sXlg
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2E>7ChU#g!@wnfH1YdP.dEXlSkg-YpnPnlAiI>YDX%%=V0a#H@/Deh(jxH5pz@kf(^I8N*CJwI1)VYlS`]*!%nugO%v4VB%nqX2+aI(Q
.adnxs.com/ Name: uuid2
Value: 7393558310583702949
.yahoo.com/ Name: A3
Value: d=AQABBK4PUWQCEMmE8mMaaCj9TY9cOf_AFgAFEgEBAQFhUmRaZAAAAAAA_eMAAA&S=AQAAAvS67o6uhVat_U8WlXfy9m8
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~2bf1
.casalemedia.com/ Name: CMID
Value: ZFEPrpz-DU9mq-wQtWu4MQAA
.casalemedia.com/ Name: CMPS
Value: 5238
.casalemedia.com/ Name: CMPRO
Value: 5238
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.media.net/ Name: visitor-id
Value: 3260356308884063000V10
.media.net/ Name: data-c-ts
Value: 1683034030
.media.net/ Name: data-c
Value: k-Ya1GxivmqD4pq1cEqbs4gDRRMyD_CsBggPwaEA~~3
.demdex.net/ Name: demdex
Value: 89424489173669845844054439961662256153
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%220b180490-e8ed-11ed-b5b9-cbc0d6a2267d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%220b180490-e8ed-11ed-b5b9-cbc0d6a2267d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%220b180490-e8ed-11ed-b5b9-cbc0d6a2267d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%220b180490-e8ed-11ed-b5b9-cbc0d6a2267d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-Kdku-CvmqD4pq1cEqbs4gDRRMyBp1fluQwRJ_A%22%2C%22version%22%3A%22criteo%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-YS86gyvmqD4pq1cEqbs4gDRRMyDI7CHKylADXw&KRTB&23144-uid:k-YS86gyvmqD4pq1cEqbs4gDRRMyDI7CHKylADXw&KRTB&23286-uid:k-YS86gyvmqD4pq1cEqbs4gDRRMyDI7CHKylADXw&KRTB&23287-uid:k-YS86gyvmqD4pq1cEqbs4gDRRMyDI7CHKylADXw
.pubmatic.com/ Name: PugT
Value: 1683034029
.dpm.demdex.net/ Name: dpm
Value: 89424489173669845844054439961662256153
.360yield.com/ Name: tuuid
Value: 2936d2e1-db35-44e6-895f-44bca894f532
.360yield.com/ Name: tuuid_lu
Value: 1683034030
.360yield.com/ Name: um
Value: !38,TUR7-z0c4px2Ie4mviEnVNdAXQXh6AVI4C3fVtE12TfO6woyqU01Uv9hCcpobKY9Inx6HC8U,1690810030
.360yield.com/ Name: umeh
Value: !38,0,1745242030,-1
.krxd.net/ Name: _kuid_
Value: Ph8gFEAD
.tremorhub.com/ Name: tvid
Value: 31ac9018965a4f2582368b03442c3cdc
.tremorhub.com/ Name: tv_UICR
Value: k-ZAyxNCvmqD4pq1cEqbs4gDRRMyD7LRQePXbAiQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
beacon.krxd.net
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
jackpocket.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.googletagmanager.com
www.jackpocket.com
x.bidswitch.net
104.111.217.42
141.226.228.48
142.250.185.98
162.19.138.119
178.250.1.11
178.250.1.9
185.255.84.152
185.64.189.110
185.86.139.104
185.89.210.122
185.89.211.116
2.18.235.93
23.201.251.199
23.215.16.120
2600:1f18:612b:4200:c281:cce8:5ab8:dc
2606:4700::6812:1251
2606:4700::6812:1351
2a00:1450:4001:831::2008
2a02:2638:3::c
2a02:2638:3::e
3.122.168.250
3.123.239.103
3.141.217.184
3.71.149.231
34.117.157.22
34.242.12.188
34.243.155.182
37.157.2.234
52.59.73.150
54.229.82.2
63.35.86.73
69.173.144.139
70.42.32.63
74.119.119.150
76.223.111.18
85.215.5.31
011d2f3b46e4d9bbc9cf9bd092cf9cae003cccbd73fbe1cc0266eb2a38380274
05d6b73a36cc9388e350a4636795d7596951b2fe9f2eb1bc28935f4dbd6838b0
0e4d38261a80ed37e154e21e3f258771060349a8e1120d6c43a36a5c8360cc2c
178652e27f7f8f6599a7d58b5159eb8658fdeefdc1ce0a1cfd1ac9dc55a02793
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
430fdbf85cca8a6f1495ae4d51f5209d9534ed3fb223b3a0f3071ac9bea92c5c
43eb7aa912d990405acd7f9c9c64e3b8c0b6319c5f2be947d21c9cef2d44caae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5323c8725b71de58853a131a5e58358782b2edda51c69083d6573904d3e325c2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5fd3207d0717e6073e16ae490bb48768fbe0dd56172ef760582623c0aecd2e9f
6dc9ec533d528173634b2608f98ea477819fea53aec58afb35f1cc8bdbef96fe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ce49ffa31508753f19b045b867ae1984d8f7aca7e9ae0e9dd62adc17ac995865
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d8eb8ee27e4b35264453ce2f37a3c3b6f2c26ce135e24fa239fdc445ae99ea72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e5f9d7d40c5c740dbab8a03024c1ba0640acd6d51566678894815f5a38d4d6
e7c4d71838403fa3b39ec08192311f24c417339c4ccf58bafc81ccd51182949c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff4acaf397c9be790e4020e6ebabc411375c8181c67f95b184d8c427e1c27d7d