sprt.secure.runspectj.com Open in urlscan Pro
45.133.200.3  Malicious Activity! Public Scan

URL: http://sprt.secure.runspectj.com/
Submission: On February 02 via automatic, source openphish — Scanned from DE

Summary

This website contacted 34 IPs in 11 countries across 29 domains to perform 82 HTTP transactions. The main IP is 45.133.200.3, located in Seychelles and belongs to INTERNET-IT, SC. The main domain is sprt.secure.runspectj.com.
This is the only time sprt.secure.runspectj.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Juno (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 45.133.200.3 200313 (INTERNET-IT)
10 64.136.53.46 13446 (AS-NETZERO)
1 64.136.45.32 13446 (AS-NETZERO)
3 64.136.45.83 13446 (AS-NETZERO)
10 64.136.44.49 13446 (AS-NETZERO)
1 64.136.45.30 13446 (AS-NETZERO)
1 2.21.141.148 16625 (AKAMAI-AS)
4 65.9.71.173 16509 (AMAZON-02)
3 2a02:2638::3 44788 (ASN-CRITE...)
3 72.251.249.13 29791 (VOXEL-DOT...)
1 178.18.231.138 50952 (DATAIX-AS...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 35.244.159.8 15169 (GOOGLE)
3 185.33.220.241 29990 (ASN-APPNEX)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 178.250.0.165 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
2 23.79.143.124 16625 (AKAMAI-AS)
2 2.18.233.180 16625 (AKAMAI-AS)
1 198.47.127.19 62713 (AS-PUBMATIC)
3 4 37.157.4.28 198622 (ADFORM)
2 2 213.155.156.165 1299 (TWELVE99 ...)
9 185.64.190.80 62713 (AS-PUBMATIC)
3 3 185.29.132.241 30419 (MEDIAMATH...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
9 10 142.250.185.98 15169 (GOOGLE)
1 185.64.190.81 62713 (AS-PUBMATIC)
3 3 141.94.170.77 16276 (OVH)
2 2 52.17.84.146 16509 (AMAZON-02)
3 4 15.197.193.217 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 169.50.137.184 36351 (SOFTLAYER)
2 2 185.33.221.13 29990 (ASN-APPNEX)
1 35.244.174.68 15169 (GOOGLE)
2 2 151.101.130.49 54113 (FASTLY)
4 69.173.144.138 26667 (RUBICONPR...)
3 3 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 198.47.127.20 ()
82 34
Apex Domain
Subdomains
Transfer
15 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
image2.pubmatic.com — Cisco Umbrella Rank: 1032
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 848
simage4.pubmatic.com
35 KB
11 juno.com
my.juno.com — Cisco Umbrella Rank: 196584
track.juno.com — Cisco Umbrella Rank: 192125
99 KB
10 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
3 KB
10 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
token.rubiconproject.com — Cisco Umbrella Rank: 689
15 KB
10 uolcontent.com
static.uolcontent.com — Cisco Umbrella Rank: 126700
40 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
dis.criteo.com — Cisco Umbrella Rank: 691
8 KB
6 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 565
secure.adnxs.com — Cisco Umbrella Rank: 404
ib.adnxs.com — Cisco Umbrella Rank: 241
36 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
40 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
2 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2218
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
3 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
41 KB
3 netzero.net
webmail.netzero.net — Cisco Umbrella Rank: 228442
11 KB
2 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 913
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
630 B
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
889 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
637 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
610 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
501 B
1 openx.net
uol-d.openx.net — Cisco Umbrella Rank: 138623
384 B
1 casalemedia.com
as.casalemedia.com — Cisco Umbrella Rank: 7324
438 B
1 untd.com
track.untd.com — Cisco Umbrella Rank: 203922
563 B
1 runspectj.com
sprt.secure.runspectj.com
8 KB
0 advertising.com Failed
adserver-us.adtech.advertising.com — Cisco Umbrella Rank: 6676 Failed
82 29
Domain Requested by
10 cm.g.doubleclick.net 9 redirects
10 static.uolcontent.com my.juno.com
static.uolcontent.com
sprt.secure.runspectj.com
10 my.juno.com sprt.secure.runspectj.com
my.juno.com
static.uolcontent.com
5 simage2.pubmatic.com ads.pubmatic.com
4 pixel.rubiconproject.com
4 match.adsrvr.org 3 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 c.amazon-adsystem.com static.uolcontent.com
c.amazon-adsystem.com
3 token.rubiconproject.com 3 redirects
3 pixel.onaudience.com 3 redirects
3 sync.mathtag.com 3 redirects
3 web.hb.ad.cpe.dotomi.com static.uolcontent.com
3 secure.adnxs.com static.uolcontent.com
3 ap.lijit.com static.uolcontent.com
ap.lijit.com
3 static.criteo.net static.uolcontent.com
sprt.secure.runspectj.com
3 webmail.netzero.net sprt.secure.runspectj.com
2 sync-tm.everesttech.net 2 redirects
2 ib.adnxs.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 d5p.de17a.com 2 redirects
2 ads.pubmatic.com static.uolcontent.com
ads.pubmatic.com
2 eus.rubiconproject.com static.uolcontent.com
eus.rubiconproject.com
2 gum.criteo.com 1 redirects static.criteo.net
2 bidder.criteo.com static.criteo.net
1 simage4.pubmatic.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.yahoo.com
1 id.rlcdn.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 mug.criteo.com
1 uol-d.openx.net static.uolcontent.com
1 hbopenbid.pubmatic.com static.uolcontent.com
1 fastlane.rubiconproject.com static.uolcontent.com
1 as.casalemedia.com static.uolcontent.com
1 acdn.adnxs.com static.uolcontent.com
1 track.untd.com sprt.secure.runspectj.com
1 track.juno.com sprt.secure.runspectj.com
1 sprt.secure.runspectj.com
0 adserver-us.adtech.advertising.com Failed sprt.secure.runspectj.com
82 46

This site contains links to these domains. Also see Links.

Domain
my.juno.com
account.juno.com
www.juno.com
track.juno.com
www.unitedonline.net
Subject Issuer Validity Valid
my.juno.com
Go Daddy Secure Certificate Authority - G2
2021-06-29 -
2022-07-11
a year crt.sh
track.netzero.net
Go Daddy Secure Certificate Authority - G2
2021-09-16 -
2022-09-25
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-12-10 -
2022-12-09
a year crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-01 -
2022-02-24
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
content.uolstatic.com
Go Daddy Secure Certificate Authority - G2
2021-07-22 -
2022-07-27
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-07-13 -
2022-06-25
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-01 -
2022-02-26
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh

This page contains 11 frames:

Primary Page: http://sprt.secure.runspectj.com/
Frame ID: 02ABDA511B817825BB5004C676C9D03D
Requests: 51 HTTP requests in this frame

Frame: https://my.juno.com/start/view/redesign/common/phoenix/blankPhnx.html?v=34955
Frame ID: A10C9E795356C862BD17F61B1D0C17EA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sprt.secure.runspectj.com
Frame ID: 53B623FC85912C396C91606F4E636B67
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=
Frame ID: AC5A315A6C471E33D40C9D443F865FE8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 142809F1E2B13CFBF3F7BBA148BB50E9
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3EBCFBA8B1CF4049A4301275B6043E59
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5
Frame ID: 6AC9F9614F3D8FB26B24B95B9EADCB34
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408
Frame ID: 65D67D39DDC020AEAD3F1C58883494F1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=
Frame ID: 201754DB43ABC5649FE8471CFED7709D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F30E7BE4DE7A0829198A2493E01BAB43
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005
Frame ID: F1FDC5867CC2EBF980AFCFC2B3C100C3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Juno - My Juno Personalized Start Page - Sign in

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

66 %
HTTPS

16 %
IPv6

29
Domains

46
Subdomains

34
IPs

11
Countries

335 kB
Transfer

942 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584; HTTP 301
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;
Request Chain 24
  • http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584; HTTP 301
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;
Request Chain 25
  • http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584; HTTP 301
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;
Request Chain 49
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=runspectj.com&sn=ChromeSyncframe&so=0&topUrl=sprt.secure.runspectj.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=G9i6d3xxd2FXMkZRN1FmN1hDY0MwRFlIeW45VlNXamJjcUlyY1dYWkt0czE2Q0JlWnlGdUY0RmI2dzJaU2xWWUk0V3oxcUNQcXRvK3JWdTZNNW1hOVpjMDU5eElDNGdPR1ZJY2svSVgzZnVRMURscmpoSnRZVEdCVHFjSnlmclZVWU83TXlZSjVEMkdCK21MTEg4eitaSGxheTF5SnN5WEVnUzMwTSsvMndRVklGdS9vMXpKd25EMmQ1RnFvbVRyd1QvbjFGaVpQbFlRQytzUmdwZ0NoQXY3cUpBYXJVMmV2c3RmTklmS0VyTFNYL2xmUml6T2NpbXBlYmhQTkZtbE9IQlc3ZnZBRGNaaWVoZUhEU0ZoeDhjdzh3dz09fA&cppv=2
Request Chain 58
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5
Request Chain 59
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408
Request Chain 60
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=
Request Chain 61
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 62
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005
Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnbpHochQHWPQT3UdrjitQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnbpHochQHWPQT3UdrjitQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 64
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=724461f9-de51-4600-a925-4f572c88690a
Request Chain 65
  • https://pixel.onaudience.com/?partner=214&mapped=1A76E91E-8721-4075-8F41-3DD476B8E2B5 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9d48b7c0a35447b65e992ea0b214b798 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=7859ca23-b4d6-4773-aaae-747b26ba7c44&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=0734e64b7f83c308 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zcluid=0734e64b7f83c308&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKrcUSV5zO1RYRJ34V9g2vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zcluid=0734e64b7f83c308&zdid=1332
Request Chain 66
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3NkU5MUUtODcyMS00MDc1LThGNDEtM0RENDc2QjhFMkI1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3NkU5MUUtODcyMS00MDc1LThGNDEtM0RENDc2QjhFMkI1&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 67
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJxQcHtuxsvB_W4f6gcxmAI&google_cver=1
Request Chain 69
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5786927421368742300
Request Chain 70
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7859ca23-b4d6-4773-aaae-747b26ba7c44
Request Chain 71
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5504330569937013556&gdpr=0&gdpr_consent=
Request Chain 73
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfneUQADD10LuQBB HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfneUQADD10LuQBB&_test=YfneUQADD10LuQBB
Request Chain 74
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4VFN91-27-6ARC&sigv=1&esig=2~1b514c4a029595bf584b6bb29a96002e1aa6d65b
Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgCcu8jpyanmTpqHRcbx_8&google_cver=1
Request Chain 76
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LaSnmQDnrW_fZ4G-FLXQnsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1687769153019920754
Request Chain 77
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2OWFhY2Q4YjgzOTBmMGNkY2QyMWI1NmFmOTMzNDliYTQ2MWRjNw
Request Chain 78
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d33261f9-de51-4400-a865-136d7d658a0e

82 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sprt.secure.runspectj.com/
21 KB
8 KB
Document
General
Full URL
http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Server
45.133.200.3 , Seychelles, ASN200313 (INTERNET-IT, SC),
Reverse DNS
cpanel-host.prohoster.info
Software
nginx / PHP/5.6.40
Resource Hash
b921cd7439e3f054bdb852e8a850455031dd4d3e452378716c727d1f9d559fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Wed, 02 Feb 2022 01:28:43 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Nginx-Upstream-Cache-Status
MISS
X-Server-Powered-By
Engintron
Content-Encoding
gzip
pageview.js
my.juno.com/common/js/
425 B
778 B
Script
General
Full URL
https://my.juno.com/common/js/pageview.js
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
Apache /
Resource Hash
abedf7922481b4f2645b96fc74a0c72eea2abe2e3e363e9b7b5176eec761ee77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Jan 2019 03:46:53 GMT
Server
Apache
ETag
"1a9-57f268bb60540"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
264
Expires
Thu, 29 Dec 2022 01:28:44 GMT
jquery-1.12.3.min.js
my.juno.com/redesign/common/js/
95 KB
34 KB
Script
General
Full URL
https://my.juno.com/redesign/common/js/jquery-1.12.3.min.js
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
Apache /
Resource Hash
e7d49cca61290be8f37223db523fef0f0b39fc9f894f75143c8784077fde395d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jan 2018 04:08:39 GMT
Server
Apache
ETag
"17b9b-561ff9a6ddfc0"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
33793
Expires
Thu, 29 Dec 2022 01:28:44 GMT
bootstrap.min.css
my.juno.com/redesign/common/css/
99 KB
17 KB
Stylesheet
General
Full URL
https://my.juno.com/redesign/common/css/bootstrap.min.css?v=42606
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
Apache /
Resource Hash
11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Oct 2014 05:19:27 GMT
Server
Apache
ETag
"18cdb-50674ca8155c0"
Content-Type
text/css
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
17247
Expires
Thu, 29 Dec 2022 01:28:44 GMT
common-redesign.css
my.juno.com/redesign/common/css/
22 KB
5 KB
Stylesheet
General
Full URL
https://my.juno.com/redesign/common/css/common-redesign.css?v=50388
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
Apache /
Resource Hash
530a7ec85c99a87c16767bea53210c18c3ec6c45449c931931276271d5b58bbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Mar 2018 10:13:07 GMT
Server
Apache
ETag
"5982-566f809ddb2c0"
Content-Type
text/css
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4945
Expires
Thu, 29 Dec 2022 01:28:44 GMT
sp-redesign.css
my.juno.com/static/start/view/common/css/
44 KB
10 KB
Stylesheet
General
Full URL
https://my.juno.com/static/start/view/common/css/sp-redesign.css?v=62278
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
Apache /
Resource Hash
1bc13a75564c6146f9ecde68e8ce49a345d225fdf663c8486dad373e06d5fcd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 12:31:08 GMT
Server
Apache
ETag
"b16b-5cdae520adb00"
Content-Type
text/css
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
9651
Expires
Thu, 29 Dec 2022 01:28:44 GMT
common-redesign.js
my.juno.com/redesign/common/js/
9 KB
3 KB
Script
General
Full URL
https://my.juno.com/redesign/common/js/common-redesign.js?v=2345
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
Apache /
Resource Hash
293a55ecf8395b41ce9f3520d72cfc943bf09807aac64595855a8a380f76f19e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Jan 2019 03:46:52 GMT
Server
Apache
ETag
"235b-57f268ba6c300"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2679
Expires
Thu, 29 Dec 2022 01:28:44 GMT
mobile-detect.min.js
my.juno.com/static/start/view/common/js/
35 KB
15 KB
Script
General
Full URL
https://my.juno.com/static/start/view/common/js/mobile-detect.min.js
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
Apache /
Resource Hash
6ba6cfb901156845a6d571c65a55728e59509155f4c05f49a9fc42c2682ee367

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2015 10:37:38 GMT
Server
Apache
ETag
"8b85-51ed55f392080"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
14933
Expires
Thu, 29 Dec 2022 01:28:44 GMT
j_logo.png
my.juno.com/redesign/common/images/
10 KB
11 KB
Image
General
Full URL
https://my.juno.com/redesign/common/images/j_logo.png
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
Apache /
Resource Hash
a3bd4d5f4d5b6ccc9573c2bdb34fda04e96aff2f99bf162f3784acff5ab0bb32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Last-Modified
Wed, 22 Mar 2017 10:00:56 GMT
Server
Apache
ETag
"2983-54b4ed6278600"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
10627
Expires
Thu, 29 Dec 2022 01:28:44 GMT
speed-detector.js
my.juno.com/redesign/common/js/vendor/
3 KB
2 KB
Script
General
Full URL
https://my.juno.com/redesign/common/js/vendor/speed-detector.js?v=20930
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
Apache /
Resource Hash
d762c0ab92d46134c186e1a5c1c21ed4484836560ad255af4d3937c30dc983e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Aug 2018 04:30:23 GMT
Server
Apache
ETag
"c90-572d0da3195c0"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1325
Expires
Thu, 29 Dec 2022 01:28:44 GMT
pv
track.juno.com/s/
43 B
478 B
Image
General
Full URL
https://track.juno.com/s/pv?s=999999&a=logon&p=logon&d=unknown&i=41F4E281110548DC38D9E8463B3D2C06.VGS-AS06&cf=sp&srt=0&crt=0&
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.45.32 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
track.dca.juno.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 01:28:44 GMT
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
P3P
policyref="http://www.juno.com/common/w3c/juno.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
no-cache,post-check=0,pre-check=0
X-User
Content-Type
image/gif
Expires
0
OmnesBlack-Italic.otf
my.juno.com/redesign/common/fonts/
0
0

hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/
3 KB
4 KB
Image
General
Full URL
http://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1643765323755
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Server
64.136.45.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
webmail.dca.netzero.net
Software
Apache /
Resource Hash
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Last-Modified
Fri, 25 Sep 2009 12:30:24 GMT
Server
Apache
ETag
"c27-474661cb5b800"
P3P
policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=60, max=984
Content-Length
3111
Expires
Sat, 31 Jan 2032 01:28:44 GMT
as-3.0.9.min.js
static.uolcontent.com/js_api/
99 KB
31 KB
Script
General
Full URL
http://static.uolcontent.com/js_api/as-3.0.9.min.js
Requested by
Host: my.juno.com
URL: https://my.juno.com/redesign/common/js/jquery-1.12.3.min.js
Protocol
HTTP/1.1
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
d0b2f6f5ca3168e9b22b9e83496921274949e77479f0d4946344d1cd3adadcd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Oct 2019 11:28:52 GMT
Server
lighttpd
ETag
"2514082245"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000
Accept-Ranges
bytes
Content-Length
31381
Expires
Sat, 28 Jan 2023 01:28:45 GMT
hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/
3 KB
4 KB
Image
General
Full URL
http://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1643765324145
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Server
64.136.45.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
webmail.dca.netzero.net
Software
Apache /
Resource Hash
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:44 GMT
Last-Modified
Fri, 25 Sep 2009 12:30:24 GMT
Server
Apache
ETag
"c27-474661cb5b800"
P3P
policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=60, max=978
Content-Length
3111
Expires
Sat, 31 Jan 2032 01:28:44 GMT
hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/
3 KB
4 KB
Image
General
Full URL
http://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1643765324245
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Server
64.136.45.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
webmail.dca.netzero.net
Software
Apache /
Resource Hash
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:45 GMT
Last-Modified
Fri, 25 Sep 2009 12:30:24 GMT
Server
Apache
ETag
"c27-474661cb5b800"
P3P
policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=60, max=998
Content-Length
3111
Expires
Sat, 31 Jan 2032 01:28:45 GMT
oasrdb
track.untd.com/s/
43 B
563 B
Image
General
Full URL
http://track.untd.com/s/oasrdb?pid=SDS&profile=1&ts=1643765324357
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
HTTP/1.1
Server
64.136.45.30 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
track.dca.untd.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 01:28:46 GMT
Server
Apache-Coyote/1.1
P3P
policyref="http://my.untd.com/common/w3c/untd.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
no-cache,post-check=0,pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
0
aconfig
static.uolcontent.com/cgi/
28 KB
8 KB
Fetch
General
Full URL
http://static.uolcontent.com/cgi/aconfig?site=uolstart&apiVersion=3.0.9&brand=JU&format=json
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
442e661cf3a248fc4510ec71ec47ec8c74e824d3a84e4fb4d37d835fc08e25fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jan 2022 05:32:36 GMT
Server
lighttpd
ETag
"2439615990"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Accept-Ranges
bytes
Content-Length
7790
ast.js
acdn.adnxs.com/ast/
90 KB
32 KB
Script
General
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a876f7590c4f5401126a7f86a487411e1edb22b7750b8d7e10dbc2fe1178939d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 15:43:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61b0d28a-169ff"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
32042
Expires
Thu, 03 Feb 2022 01:28:48 GMT
apstag.js
c.amazon-adsystem.com/aax2/
134 KB
36 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
195
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0FSFE9TJ1XVQZ7J3FN4B
date
Wed, 02 Feb 2022 01:28:46 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
I09iqp3QkvS139UWmAC_86nyS1ZWE7aeVVgNyUDGtTiifrrTYovD6Q==
publishertag.js
static.criteo.net/js/ld/
125 KB
40 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1eadc253aa14701ab7ee3d2126ffd9ee8edd6cfb9f3c98284511c392740bcc57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:46 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 04:27:58 GMT
server
nginx
etag
W/"61ee2ace-1f234"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Feb 2022 01:28:46 GMT
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/
6 KB
3 KB
Script
General
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13392629&uid=united_online
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 20:06:40 GMT
Server
nginx
ETag
W/"5e8cdd50-17e9"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Cache-Control
max-age=604800, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap2ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Credentials
true
Expires
Wed, 09 Feb 2022 01:28:46 GMT
spacer.gif
static.uolcontent.com/images/
43 B
233 B
Image
General
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AI%3AsessLog%3Auh%3D%26site%3Duolstart%26dnt%3D0%26dapp%3D0%26dnw%3D4g%26deval%3D0&command=ADLOG&count=1643765325580
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:46 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Fri, 04 Mar 2022 01:28:46 GMT
spacer.gif
static.uolcontent.com/images/
43 B
89 B
Image
General
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aadserver%20is%20not%20configured%20for%20RMA1&command=ADLOG&count=1643765325581
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:46 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Fri, 04 Mar 2022 01:28:46 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;
adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/
Redirect Chain
  • http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?
0
0

ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;
adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/
Redirect Chain
  • http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?
0
0

ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;
adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/
Redirect Chain
  • http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?
0
0

headertag
as.casalemedia.com/
0
438 B
Script
General
Full URL
http://as.casalemedia.com/headertag?v=9&fn=cygnus_index_parse_res&s=185413&r=%7B%22id%22%3A478614016%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fsprt.secure.runspectj.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2246221%22%2C%22siteID%22%3A190476%7D%7D%2C%7B%22id%22%3A%222%22%2C%20%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2246222%22%2C%22siteID%22%3A190477%7D%7D%2C%7B%22id%22%3A%223%22%2C%20%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2246224%22%2C%22siteID%22%3A190480%7D%7D%5D%7D&t=2000
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Server
178.18.231.138 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 01:28:46 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.44], XFF:[]
Last-Modified
Fri, 18 Sep 2020 03:08:00 GMT
Server
Apache
ETag
"0"
Content-Type
text/html
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Wed, 02 Feb 2022 01:28:46 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
507 B
2 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20470&site_id=249838&p_screen_res=1600x1200&tk_flint=uol-ad.js-3.0.9&rp_secure=0&rp_floor=0.01&rf=http%3A%2F%2Fsprt.secure.runspectj.com%2F&zone_id=1240574%3B1240558%3B1240550&size_id=2%3B2%3B15&p_pos=atf%3Batf%3Bbtf&x_source.tid=984053815%3B963515526%3B937476144&rand=866779895&slots=3
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
de56a78eecb3d27a52d895dddb16496fb87b155b4998b59d44fe3101fd666925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 01:28:46 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://sprt.secure.runspectj.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
507
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/
0
0
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://sprt.secure.runspectj.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
http://sprt.secure.runspectj.com
date
Wed, 02 Feb 2022 01:28:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
uol-d.openx.net/w/1.0/
73 B
384 B
Fetch
General
Full URL
https://uol-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fsprt.secure.runspectj.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.7&nocache=1643765325587&ns=0&pubcid=79bf5a13-976f-4970-9f3a-82fc3dba49d5&aus=728x90%7C728x90%7C300x250&dddid=983445369%2C276298834%2C291704174&auid=540737102%2C540737103%2C540737100
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
3ae0a08c22d12371228574f56003ef6d05625f94b3974a357164b626d6e8070b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:46 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://sprt.secure.runspectj.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
jpt
secure.adnxs.com/
0
646 B
Script
General
Full URL
https://secure.adnxs.com/jpt?&id=10431377&size=728x90&referrer=http%3A%2F%2Fsprt.secure.runspectj.com%2F&_=1643765325589&callback=asJSONPCB_1643765325365
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 01:28:46 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
11ecda00-1839-4061-9640-c0073051808a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/
0
646 B
Script
General
Full URL
https://secure.adnxs.com/jpt?&id=10431373&size=728x90&referrer=http%3A%2F%2Fsprt.secure.runspectj.com%2F&_=1643765325590&callback=asJSONPCB_1643765325366
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 01:28:46 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b500d422-5b59-4c06-8c25-f26fe0c80e3f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/
0
646 B
Script
General
Full URL
https://secure.adnxs.com/jpt?&id=10431369&size=300x250&referrer=http%3A%2F%2Fsprt.secure.runspectj.com%2F&_=1643765325590&callback=asJSONPCB_1643765325367
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 01:28:46 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a1b7b116-3c2a-444b-b707-61f31aa7643a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/
180 B
371 B
Fetch
General
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
818f74daf73313871cf4b738cf909fb6e4539867042996455dc1e5e2bdfa394d

Request headers

Referer
http://sprt.secure.runspectj.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:46 GMT
server
nginx
content-type
application/json
access-control-allow-origin
http://sprt.secure.runspectj.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
180
expires
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/
180 B
370 B
Fetch
General
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
606e454e817ad0782f4923f15aa21b9846126f18b767e1d85a823d556e30e312

Request headers

Referer
http://sprt.secure.runspectj.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:46 GMT
server
nginx
content-type
application/json
access-control-allow-origin
http://sprt.secure.runspectj.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
180
expires
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/
180 B
370 B
Fetch
General
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
f0f70a80a444dd700060efa269fffccdd30ab26ba842fafe921851426344cc36

Request headers

Referer
http://sprt.secure.runspectj.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:46 GMT
server
nginx
content-type
application/json
access-control-allow-origin
http://sprt.secure.runspectj.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
180
expires
0
bid
ap.lijit.com/rtb/
43 B
569 B
Script
General
Full URL
https://ap.lijit.com/rtb/bid?&br=%7B%22id%22%3A%22288705193%22%2C%22site%22%3A%7B%22domain%22%3A%22sprt.secure.runspectj.com%22%2C%22page%22%3A%22%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22897707586%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22409809%22%7D%2C%7B%22id%22%3A%22419536564%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22409811%22%7D%2C%7B%22id%22%3A%22669689792%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22453832%22%7D%5D%7D&_=1643765325593&callback=asJSONPCB_1643765325368
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b5f7e157d9ecf0fd9a85a763b7362b0c550d2dbb29540d452d7a2a73a1cc23f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
63
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 20:55:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
16379
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 21 Jan 2022 02:54:57 GMT
Server
AmazonS3
ETag
W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
Via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
FRA56-C1
Content-Type
application/javascript
X-Amz-Cf-Id
92oEot-qU95Xq8hNBoc1txeRJ7gBcdJYpmgDx3xDLhBC163PIJXzCA==
config
c.amazon-adsystem.com/cdn/prod/
0
316 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3406&u=http%3A%2F%2Fsprt.secure.runspectj.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:15:56 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
server
Server
age
770
x-cache
Hit from cloudfront
access-control-allow-origin
http://sprt.secure.runspectj.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
eB2BnBwkvwyC_T9JmJd79gxvjVcsiN0KF97E_CznxSQ7iduSedJ1cg==
bid
c.amazon-adsystem.com/e/dtb/
64 B
541 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3406&u=http%3A%2F%2Fsprt.secure.runspectj.com%2F&pid=LpMTyONi8KP0W&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22Top3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2210022%22%7D%2C%7B%22sd%22%3A%22Bottom4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2210015%22%7D%2C%7B%22sd%22%3A%22Left2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2210007%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:46 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
EX6TBNEQ9FDQFZM3E96C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://sprt.secure.runspectj.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
RmXEULpqMGxcvAqgJ8EURHo0MNNlg5t2xdRjDMVVbh6lVLidaREkbA==
cdb
bidder.criteo.com/
0
225 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=118&profileId=184&cb=57978311023
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://sprt.secure.runspectj.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Feb 2022 01:28:45 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://sprt.secure.runspectj.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
spacer.gif
static.uolcontent.com/images/
43 B
89 B
Image
General
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Arubicon%20bidding%20errors%3A%20Top3%3Aerror-15-internal-error%2CBottom4%3Aerror-15-internal-error%2CLeft2%3Aerror-15-internal-error&command=ADLOG&count=1643765325730
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:46 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Fri, 04 Mar 2022 01:28:46 GMT
blankPhnx.html
my.juno.com/start/view/redesign/common/phoenix/ Frame A10C
1 KB
1 KB
Document
General
Full URL
https://my.juno.com/start/view/redesign/common/phoenix/blankPhnx.html?v=34955
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
my.vgs.juno.com
Software
/
Resource Hash
e9c692bd0c30a7bbc17154b2be4e32f407c11db5098a9a4a02ff148dc4754eed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/

Response headers

Date
Wed, 02 Feb 2022 01:28:46 GMT
Server
Accept-Ranges
bytes
ETag
W/"1045-1494907690000"
Last-Modified
Tue, 16 May 2017 04:08:10 GMT
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
610
X-Pad
avoid browser bug
spacer.gif
static.uolcontent.com/images/
43 B
89 B
Image
General
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aadtech%20bidding%20errors%3A%20Top3%20Failed%20to%20fetch%2CBottom4%20Failed%20to%20fetch%2CLeft2%20Failed%20to%20fetch&command=ADLOG&count=1643765325785
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:46 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Fri, 04 Mar 2022 01:28:46 GMT
events
bidder.criteo.com/csm/
0
225 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://sprt.secure.runspectj.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 02 Feb 2022 01:28:46 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://sprt.secure.runspectj.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:46 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 28 Jan 2023 01:28:46 GMT
pixel.gif
static.criteo.net/images/
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:46 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 28 Jan 2023 01:28:46 GMT
syncframe
gum.criteo.com/ Frame 53B6
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sprt.secure.runspectj.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1800
date
Wed, 02 Feb 2022 01:28:46 GMT
content-length
5182
strict-transport-security
max-age=31536000; preload;
beacon
ap.lijit.com/ Frame AC5A
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13392629&uid=united_online
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/

Response headers

Server
nginx
Date
Wed, 02 Feb 2022 01:28:46 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
sid
mug.criteo.com/ Frame 53B6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=runspectj.com&sn=ChromeSyncframe&so=0&topUrl=sprt.secure.runspectj.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=G9i6d3xxd2FXMkZRN1FmN1hDY0MwRFlIeW45VlNXamJjcUlyY1dYWkt0czE2Q0JlWnlGdUY0RmI2dzJaU2xWWUk0V3oxcUNQcXRvK3JWdTZNNW1hOVpjMDU5eElDNGdPR1ZJY2svSVgzZnVRMURscmpoSnRZVEdCVHFjSn...
430 B
632 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=G9i6d3xxd2FXMkZRN1FmN1hDY0MwRFlIeW45VlNXamJjcUlyY1dYWkt0czE2Q0JlWnlGdUY0RmI2dzJaU2xWWUk0V3oxcUNQcXRvK3JWdTZNNW1hOVpjMDU5eElDNGdPR1ZJY2svSVgzZnVRMURscmpoSnRZVEdCVHFjSnlmclZVWU83TXlZSjVEMkdCK21MTEg4eitaSGxheTF5SnN5WEVnUzMwTSsvMndRVklGdS9vMXpKd25EMmQ1RnFvbVRyd1QvbjFGaVpQbFlRQytzUmdwZ0NoQXY3cUpBYXJVMmV2c3RmTklmS0VyTFNYL2xmUml6T2NpbXBlYmhQTkZtbE9IQlc3ZnZBRGNaaWVoZUhEU0ZoeDhjdzh3dz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4ac5154a91c121c9f8a2e3ff00a5a6172d0724368b4c4a240c73904eea5dd6f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:46 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3800
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:46 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=G9i6d3xxd2FXMkZRN1FmN1hDY0MwRFlIeW45VlNXamJjcUlyY1dYWkt0czE2Q0JlWnlGdUY0RmI2dzJaU2xWWUk0V3oxcUNQcXRvK3JWdTZNNW1hOVpjMDU5eElDNGdPR1ZJY2svSVgzZnVRMURscmpoSnRZVEdCVHFjSnlmclZVWU83TXlZSjVEMkdCK21MTEg4eitaSGxheTF5SnN5WEVnUzMwTSsvMndRVklGdS9vMXpKd25EMmQ1RnFvbVRyd1QvbjFGaVpQbFlRQytzUmdwZ0NoQXY3cUpBYXJVMmV2c3RmTklmS0VyTFNYL2xmUml6T2NpbXBlYmhQTkZtbE9IQlc3ZnZBRGNaaWVoZUhEU0ZoeDhjdzh3dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1912
content-length
541
expires
0
spacer.gif
static.uolcontent.com/images/
43 B
135 B
Image
General
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aindex%20Failed%20to%20get%20bids%3A%20timeout&command=ADLOG&count=1643765327585
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:48 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Fri, 04 Mar 2022 01:28:48 GMT
spacer.gif
static.uolcontent.com/images/
43 B
89 B
Image
General
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aappnexus%20bidding%20errors%3A%20Top3%20jsonp%20script%20loading%20failed%3A%20timeout%2CBottom4%20jsonp%20script%20loading%20failed%3A%20timeout%2CLeft2%20jsonp%20script%20loading%20failed%3A%20timeout&command=ADLOG&count=1643765327590
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:48 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Fri, 04 Mar 2022 01:28:48 GMT
spacer.gif
static.uolcontent.com/images/
43 B
89 B
Image
General
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AI%3Abids%3DTop3%3A12345%7C0%3B46202%7C0%3B46224%7C0%3B46737%7C0%3B46700%7C0%3B46764%7C0%3B46250%7C0%3B46357%7C0%3B46470%7C0%3B46234%7C0%2CBottom4%3A12345%7C0%3B46200%7C0%3B46222%7C0%3B46735%7C0%3B46698%7C0%3B46762%7C0%3B46248%7C0%3B46358%7C0%3B46473%7C0%3B46232%7C0%2CLeft2%3A12345%7C0%3B46199%7C0%3B46221%7C0%3B46734%7C0%3B46697%7C0%3B46761%7C0%3B46247%7C0%3B46355%7C0%3B46474%7C0%3B46238%7C0%26tt%3D2011%7Ca9v2%3A171%7Cadtech%3A203%7Cindex%3A2002%7Crubicon%3A147%7Cpubmatic%3A109%7Copenx%3A144%7Cappnexus%3A2008%7Ccriteo%3A207%7Cconversant%3A134%7Csovrn%3A145%26du%3D0%26site%3Duolstart%26pn%3Ddesk%2Flogin%26fl%3D1%26ar%3D0&command=ADLOG&count=1643765327592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:48 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Fri, 04 Mar 2022 01:28:48 GMT
spacer.gif
static.uolcontent.com/images/
43 B
89 B
Image
General
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aadserver%20is%20not%20configured%20for%20Top3%2CBottom4%2CLeft2&command=ADLOG&count=1643765327592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:48 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Fri, 04 Mar 2022 01:28:48 GMT
usync.html
eus.rubiconproject.com/ Frame 1428
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Feb 2022 01:28:49 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3EBC
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sprt.secure.runspectj.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=152154
expires
Thu, 03 Feb 2022 19:44:43 GMT
date
Wed, 02 Feb 2022 01:28:49 GMT
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 1428
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 01:28:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62487
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 02 Feb 2022 18:50:16 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3EBC
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45912202&p=157483&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4c959273dbb4bef8bdb28b102436fc7149266005b23feb8ab5c84888800d2659

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:48 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 6AC9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 01:28:49 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 02 Feb 2022 01:28:49 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 65D6
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408
42 B
210 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 01:28:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug007:0:430
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 2017
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=
42 B
650 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 01:28:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug003:0:462
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 02 Feb 2022 01:28:49 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=
Expires
Wed, 02 Feb 2022 01:28:48 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F30E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
111 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 01:28:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug004:0:436
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Wed, 02 Feb 2022 01:28:49 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Wed, 02 Feb 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1536314
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame F1FD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005
42 B
210 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 01:28:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug001:0:422
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 02 Feb 2022 01:28:49 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3EBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnbpHochQHWPQT3UdrjitQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnbpHochQHWPQT3UdrjitQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:49 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=105101
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 03 Feb 2022 06:40:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=724461f9-de51-4600-a925-4f572c88690a
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=724461f9-de51-4600-a925-4f572c88690a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Feb 2022 01:28:49 GMT
Server
MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=724461f9-de51-4600-a925-4f572c88690a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Feb 2022 01:28:48 GMT
mw
mwzeom.zeotap.com/ Frame 3EBC
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=1A76E91E-8721-4075-8F41-3DD476B8E2B5
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9d48b7c0a35447b65e992ea0b214b798
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=7859ca23-b4d6-4773-aaae-747b26ba7c44&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=0734e64b7f83c308
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKrcUSV5zO1RYRJ34V9g2vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177...
95 B
164 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEKrcUSV5zO1RYRJ34V9g2vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zcluid=0734e64b7f83c308&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d6fa51faae19067-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEKrcUSV5zO1RYRJ34V9g2vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zcluid=0734e64b7f83c308&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3NkU5MUUtODcyMS00MDc1LThGNDEtM0RENDc2QjhFMkI1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3NkU5MUUtODcyMS00MDc1LThGNDEtM0RENDc2QjhFMkI1&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:424
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJxQcHtuxsvB_W4f6gcxmAI&google_cver=1
42 B
281 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJxQcHtuxsvB_W4f6gcxmAI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug025:0:441
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJxQcHtuxsvB_W4f6gcxmAI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3EBC
43 B
610 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 01 Feb 2022 01:28:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5786927421368742300
42 B
234 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5786927421368742300
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5786927421368742300
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7859ca23-b4d6-4773-aaae-747b26ba7c44
42 B
294 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7859ca23-b4d6-4773-aaae-747b26ba7c44
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:407
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7859ca23-b4d6-4773-aaae-747b26ba7c44
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5504330569937013556&gdpr=0&gdpr_consent=
42 B
235 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5504330569937013556&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug030:0:435
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 01:28:49 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
edfbab1f-cf4b-469d-941d-837c44446e5b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5504330569937013556&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 1428
0
0
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

tap.php
pixel.rubiconproject.com/ Frame 1428
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfneUQADD10LuQBB
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfneUQADD10LuQBB&_test=YfneUQADD10LuQBB
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfneUQADD10LuQBB&_test=YfneUQADD10LuQBB
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643765330.673775,VS0,VE0
x-served-by
cache-hhn4026-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfneUQADD10LuQBB&_test=YfneUQADD10LuQBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
ads.yahoo.com/cms/ Frame 1428
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4VFN91-27-6ARC&sigv=1&esig=2~1b514c4a029595bf584b6bb29a96002e1aa6d65b
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4VFN91-27-6ARC&sigv=1&esig=2~1b514c4a029595bf584b6bb29a96002e1aa6d65b
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:49 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4VFN91-27-6ARC&sigv=1&esig=2~1b514c4a029595bf584b6bb29a96002e1aa6d65b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1428
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgCcu8jpyanmTpqHRcbx_8&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgCcu8jpyanmTpqHRcbx_8&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgCcu8jpyanmTpqHRcbx_8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1428
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LaSnmQDnrW_fZ4G-FLXQnsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1687769153019920754
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1687769153019920754
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Wed, 02 Feb 2022 01:28:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1687769153019920754
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 1428
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2OWFhY2Q4YjgzOTBmMGNkY2QyMWI1NmFmOTMzNDliYTQ2MWRjNw
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2OWFhY2Q4YjgzOTBmMGNkY2QyMWI1NmFmOTMzNDliYTQ2MWRjNw
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2OWFhY2Q4YjgzOTBmMGNkY2QyMWI1NmFmOTMzNDliYTQ2MWRjNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1428
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d33261f9-de51-4400-a865-136d7d658a0e
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d33261f9-de51-4400-a865-136d7d658a0e
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Date
Wed, 02 Feb 2022 01:28:49 GMT
Server
MT3 4133 baa842e master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d33261f9-de51-4400-a865-136d7d658a0e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Feb 2022 01:28:48 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 1428
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 01:28:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
simage4.pubmatic.com/AdServer/ Frame 3EBC
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157483&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:28:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.juno.com
URL
https://my.juno.com/redesign/common/fonts/OmnesBlack-Italic.otf
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Juno (Telecommunication)

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| temp string| servlet string| pname undefined| ssi_sv_path undefined| ssi_pg_path function| logPageView string| context function| debug_pv_values function| $ function| jQuery string| href function| getCookieValue function| getCookieDomain function| setCookieValue function| areCookiesEnabled function| onlyCaptcha function| logonValidate number| count function| validateUserId function| setTakeATourCookie function| setDontShowCookie function| setKeepMeSignin function| setToolTipShown function| getUnreadEmailCount function| getPhoneNumber function| rights function| getAbsDimension function| userConsentForAdsCookie function| showUserConsentOverlay function| MobileDetect string| envDomain string| capid boolean| isDialupFlag object| md string| memid number| nextBtnDelay function| validateForm object| ctcookie function| callback function| set_domain_cookie function| run function| set_untd_cookie function| exec function| send_http_request function| pause object| BandwidthChecker string| CONNECTION_TYPE_COOKIE_NAME string| CONNECTION_TYPE_BROADBAND string| CONNECTION_TYPE_DIALUP string| CONNECTION_TYPE_UNKNOWN number| EXPIRATION_INTERVAL number| CONNECTION_SPEED_THRESHOLD string| COOKIE_PATH string| destination_url string| cookie_domain number| _throughput string| _connection_type boolean| _semaphoreCT boolean| _semaphoreRDB number| screenHeight string| accelUser string| memberNumber object| CT object| __asInfo function| getAsPageName function| getPosList object| imgObj number| nearestNumber number| elapsedTime number| sizeInKBits number| kbps string| cType object| __as function| cygnus_index_parse_res function| cygnus_index_start object| _IndexRequestData object| cygnus_index_args object| apntag object| sovrn boolean| apstagLOADED object| apstag object| criteo_syncframe_state object| googletag object| criteo_pubtag object| criteo_pubtag_118 object| Criteo object| Criteo_118 string| currentTagSRC

46 Cookies

Domain/Path Name / Value
sprt.secure.runspectj.com/ Name: PHPSESSID
Value: g5s5rk7v9gfeatr3fl9bpk2c06
sprt.secure.runspectj.com/ Name: CT
Value: 1
.runspectj.com/ Name: _pubcid
Value: 79bf5a13-976f-4970-9f3a-82fc3dba49d5
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.rubiconproject.com/ Name: khaos
Value: KZ4VFN91-27-6ARC
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qry80F2U4+RRf+oE/PhLWQEKtLvkckcz9uAc5uHgCNHvi7Rt/9SHKZHm0oAqNxU/J0TJ8iF/DOhwrVLARZhc/634HEYI5ehIrVETUC5n6DrItzpQ7vzkXQ/
.criteo.com/ Name: uid
Value: ed7e0489-508f-4bce-85cb-783b85d49cff
.runspectj.com/ Name: cto_bundle
Value: YvxoGF8xMFF2UEIlMkJWZnFqeVd1THh1RTVoQlhOQUxKckp3M2ZwSVYlMkI1blVXcjBYcGc3MFI4RGE2dmo5S1FJSTBkU1JwNkNGMUU1SEg4TGx5VlpOcjUlMkJtalpNVWJyVTE2WHFZaEdsMVhuJTJGOEZRQWhRYmNKOXJNbSUyQjI1bjQxNHV0aXViN0tXYXRHeHJrQW0zMUpCYnBWNXNVdklRJTNEJTNE
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1A76E91E-8721-4075-8F41-3DD476B8E2B5
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 157483:2
.pubmatic.com/ Name: DPSync3
Value: 1644969600%3A197_219_201%7C1643846400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1644969600%3A21_3_220_13_161_56_7_54%7C1645056000%3A35%7C1646352000%3A203
.adfarm1.adition.com/ Name: UserID1
Value: 7059918330360101005
.onaudience.com/ Name: cookie
Value: 0734e64b7f83c308
.onaudience.com/ Name: done_redirects104
Value: 1
.mathtag.com/ Name: uuid
Value: d33261f9-de51-4400-a865-136d7d658a0e
.simpli.fi/ Name: suid
Value: 8777882A0E204B7094B5C002D4D1AD76
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk5bIl3SM96uMZSSgK2A0KTcOSE9Ha1qvWZsSNTXKtPlxTFlAWJbo6TVNiHMHA
.de17a.com/ Name: guid2
Value: 1.8637361553281564408
.adform.net/ Name: uid
Value: 5786927421368742300
.adnxs.com/ Name: uuid2
Value: 5504330569937013556
.adsrvr.org/ Name: TDID
Value: 7859ca23-b4d6-4773-aaae-747b26ba7c44
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&KRTB&16736-uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&KRTB&23019-uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&KRTB&23208-uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438
.pubmatic.com/ Name: PugT
Value: 1643765329
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7059918330360101005
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5786927421368742300&KRTB&23263-5786927421368742300
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8637361553281564408
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJxQcHtuxsvB_W4f6gcxmAI&KRTB&16514-CAESEJxQcHtuxsvB_W4f6gcxmAI&KRTB&23025-CAESEJxQcHtuxsvB_W4f6gcxmAI
.pubmatic.com/ Name: SPugT
Value: 1643765328
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfneUQADD10LuQBB
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5504330569937013556&KRTB&23339-5504330569937013556
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7859ca23-b4d6-4773-aaae-747b26ba7c44&KRTB&22918-7859ca23-b4d6-4773-aaae-747b26ba7c44&KRTB&23031-7859ca23-b4d6-4773-aaae-747b26ba7c44
.yahoo.com/ Name: A3
Value: d=AQABBFHe-WECELk6Tk5dhaR-u0qh_cNSjogFEgEBAQEv-2EDYgAAAAAA_eMAAA&S=AQAAAkfxyz38alijxl3u0faYoAA
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 9d48b7c0a35447b65e992ea0b214b798
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsEwxsUgyTzZINDY1MTFPMjNNtbQ0Sk00SDIyNEkyt7RgAILEn%2FcCQTQUAABWCgsW"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2FHkvEEhBAQAf6AKK"
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj6yp7brP2yOhAFGAEgASgCMgsIrrfTicP9sjoQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: 87d8f765-a622-4adc-73ff-fa2f3c3480c4
.zeotap.com/ Name: zsc
Value: Jw%FC2e%A1%BD8%7D%B4%96%A1%BCD%84%3A%88%8A%BB%3A%E3%C2%2AD%AAA%3B%09%1E%F0%FAH%AA%A0-u%97%A34%0D%A0K%9Ac%81%8F%9D%B9%92%D5%16%C5%E3%D9KAe%8D%AD%E83%3F%96c9P%A08Q8%CF%BC%1E%9E%EA%3F%D21H%843%B3%D2

9 Console Messages

Source Level URL
Text
javascript error URL: http://sprt.secure.runspectj.com/
Message:
Access to font at 'https://my.juno.com/redesign/common/fonts/OmnesBlack-Italic.otf' from origin 'http://sprt.secure.runspectj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://my.juno.com/redesign/common/fonts/OmnesBlack-Italic.otf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://sprt.secure.runspectj.com/
Message:
Access to fetch at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?' (redirected from 'http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?') from origin 'http://sprt.secure.runspectj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://sprt.secure.runspectj.com/
Message:
Access to fetch at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?' (redirected from 'http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?') from origin 'http://sprt.secure.runspectj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://sprt.secure.runspectj.com/
Message:
Access to fetch at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?' (redirected from 'http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?') from origin 'http://sprt.secure.runspectj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
ads.yahoo.com
adserver-us.adtech.advertising.com
ap.lijit.com
as.casalemedia.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cm.g.doubleclick.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
my.juno.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
sprt.secure.runspectj.com
static.criteo.net
static.uolcontent.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
token.rubiconproject.com
track.juno.com
track.untd.com
um.simpli.fi
uol-d.openx.net
web.hb.ad.cpe.dotomi.com
webmail.netzero.net
adserver-us.adtech.advertising.com
my.juno.com
141.94.170.77
142.250.185.98
15.197.193.217
151.101.130.49
169.50.137.184
178.18.231.138
178.250.0.157
178.250.0.165
178.250.2.151
185.29.132.241
185.33.220.241
185.33.221.13
185.64.189.112
185.64.190.80
185.64.190.81
198.47.127.19
198.47.127.20
2.18.233.180
2.21.141.148
213.155.156.165
23.79.143.124
2602:803:c003:200::21
2606:4700:10::6816:1857
2a00:1288:80:800::7001
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:13::1460
2a05:d018:d29:3601:a20d:c00a:cae3:485c
35.244.159.8
35.244.174.68
37.157.4.28
45.133.200.3
52.17.84.146
64.136.44.49
64.136.45.30
64.136.45.32
64.136.45.83
64.136.53.46
65.9.71.173
69.173.144.138
69.173.144.139
72.251.249.13
85.114.159.118
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bc13a75564c6146f9ecde68e8ce49a345d225fdf663c8486dad373e06d5fcd8
1eadc253aa14701ab7ee3d2126ffd9ee8edd6cfb9f3c98284511c392740bcc57
293a55ecf8395b41ce9f3520d72cfc943bf09807aac64595855a8a380f76f19e
3ae0a08c22d12371228574f56003ef6d05625f94b3974a357164b626d6e8070b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
442e661cf3a248fc4510ec71ec47ec8c74e824d3a84e4fb4d37d835fc08e25fd
4ac5154a91c121c9f8a2e3ff00a5a6172d0724368b4c4a240c73904eea5dd6f1
4c959273dbb4bef8bdb28b102436fc7149266005b23feb8ab5c84888800d2659
530a7ec85c99a87c16767bea53210c18c3ec6c45449c931931276271d5b58bbc
606e454e817ad0782f4923f15aa21b9846126f18b767e1d85a823d556e30e312
6ba6cfb901156845a6d571c65a55728e59509155f4c05f49a9fc42c2682ee367
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
818f74daf73313871cf4b738cf909fb6e4539867042996455dc1e5e2bdfa394d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a3bd4d5f4d5b6ccc9573c2bdb34fda04e96aff2f99bf162f3784acff5ab0bb32
a876f7590c4f5401126a7f86a487411e1edb22b7750b8d7e10dbc2fe1178939d
abedf7922481b4f2645b96fc74a0c72eea2abe2e3e363e9b7b5176eec761ee77
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5f7e157d9ecf0fd9a85a763b7362b0c550d2dbb29540d452d7a2a73a1cc23f3
b921cd7439e3f054bdb852e8a850455031dd4d3e452378716c727d1f9d559fe6
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b2f6f5ca3168e9b22b9e83496921274949e77479f0d4946344d1cd3adadcd3
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d762c0ab92d46134c186e1a5c1c21ed4484836560ad255af4d3937c30dc983e7
de56a78eecb3d27a52d895dddb16496fb87b155b4998b59d44fe3101fd666925
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d49cca61290be8f37223db523fef0f0b39fc9f894f75143c8784077fde395d
e9c692bd0c30a7bbc17154b2be4e32f407c11db5098a9a4a02ff148dc4754eed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f70a80a444dd700060efa269fffccdd30ab26ba842fafe921851426344cc36
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85