sprt.secure.runspectj.com Open in urlscan Pro
45.133.200.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sprt.secure.runspectj.com/
Submission: On February 02 via automatic, source openphish (February 2nd 2022, 1:28:53 am UTC) — Scanned from DE

Summary HTTP 82 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 34 IPs in 11 countries across 29 domains to perform 82 HTTP transactions. The main IP is 45.133.200.3, located in Seychelles and belongs to INTERNET-IT, SC. The main domain is sprt.secure.runspectj.com.

This is the only time sprt.secure.runspectj.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Juno (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	45.133.200.3 45.133.200.3	200313 (INTERNET-IT) (INTERNET-IT)
10	64.136.53.46 64.136.53.46	13446 (AS-NETZERO) (AS-NETZERO)
1	64.136.45.32 64.136.45.32	13446 (AS-NETZERO) (AS-NETZERO)
3	64.136.45.83 64.136.45.83	13446 (AS-NETZERO) (AS-NETZERO)
10	64.136.44.49 64.136.44.49	13446 (AS-NETZERO) (AS-NETZERO)
1	64.136.45.30 64.136.45.30	13446 (AS-NETZERO) (AS-NETZERO)
1	2.21.141.148 2.21.141.148	16625 (AKAMAI-AS) (AKAMAI-AS)
4	65.9.71.173 65.9.71.173	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	178.18.231.138 178.18.231.138	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
9	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
9 10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
2 2	52.17.84.146 52.17.84.146	16509 (AMAZON-02) (AMAZON-02)
3 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
2 2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:a20d:c00a:cae3:485c	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.20 198.47.127.20	() ()
82	34

1 45.133.200.3 (Seychelles)

ASN200313 (INTERNET-IT, SC)
PTR: cpanel-host.prohoster.info

sprt.secure.runspectj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 64.136.53.46 (United States)

ASN13446 (AS-NETZERO, US)
PTR: my.vgs.juno.com

my.juno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.136.45.32 (United States)

ASN13446 (AS-NETZERO, US)
PTR: track.dca.juno.com

track.juno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.136.45.83 (United States)

ASN13446 (AS-NETZERO, US)
PTR: webmail.dca.netzero.net

webmail.netzero.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 64.136.44.49 (United States)

ASN13446 (AS-NETZERO, US)
PTR: content.dca.untd.com

static.uolcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.136.45.30 (United States)

ASN13446 (AS-NETZERO, US)
PTR: track.dca.untd.com

track.untd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.141.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-148.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.71.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.18.231.138 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

as.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

uol-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.28 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.170.77 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.84.146 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:a20d:c00a:cae3:485c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 ads.pubmatic.com — Cisco Umbrella Rank: 473 image6.pubmatic.com — Cisco Umbrella Rank: 595 image2.pubmatic.com — Cisco Umbrella Rank: 1032 simage2.pubmatic.com — Cisco Umbrella Rank: 552 image4.pubmatic.com — Cisco Umbrella Rank: 848 simage4.pubmatic.com	35 KB
11	juno.com my.juno.com — Cisco Umbrella Rank: 196584 track.juno.com — Cisco Umbrella Rank: 192125	99 KB
10	doubleclick.net 9 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 197	3 KB
10	rubiconproject.com 3 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 467 eus.rubiconproject.com — Cisco Umbrella Rank: 541 pixel.rubiconproject.com — Cisco Umbrella Rank: 312 token.rubiconproject.com — Cisco Umbrella Rank: 689	15 KB
10	uolcontent.com static.uolcontent.com — Cisco Umbrella Rank: 126700	40 KB
6	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 722 gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864 dis.criteo.com — Cisco Umbrella Rank: 691	8 KB
6	adnxs.com 2 redirects acdn.adnxs.com — Cisco Umbrella Rank: 565 secure.adnxs.com — Cisco Umbrella Rank: 404 ib.adnxs.com — Cisco Umbrella Rank: 241	36 KB
4	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	2 KB
4	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 608	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 281	40 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1510	1 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	2 KB
3	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2218	1 KB
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 690	3 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 645	41 KB
3	netzero.net webmail.netzero.net — Cisco Umbrella Rank: 228442	11 KB
2	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 913 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 560	630 B
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1427 mwzeom.zeotap.com — Cisco Umbrella Rank: 1680	889 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 719	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5889	637 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 738
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 745	610 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751	501 B
1	openx.net uol-d.openx.net — Cisco Umbrella Rank: 138623	384 B
1	casalemedia.com as.casalemedia.com — Cisco Umbrella Rank: 7324	438 B
1	untd.com track.untd.com — Cisco Umbrella Rank: 203922	563 B
1	runspectj.com sprt.secure.runspectj.com	8 KB
0	advertising.com Failed adserver-us.adtech.advertising.com — Cisco Umbrella Rank: 6676 Failed
82	29

	Domain	Requested by
10	cm.g.doubleclick.net	9 redirects
10	static.uolcontent.com	my.juno.com static.uolcontent.com sprt.secure.runspectj.com
10	my.juno.com	sprt.secure.runspectj.com my.juno.com static.uolcontent.com
5	simage2.pubmatic.com	ads.pubmatic.com
4	pixel.rubiconproject.com
4	match.adsrvr.org	3 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	c.amazon-adsystem.com	static.uolcontent.com c.amazon-adsystem.com
3	token.rubiconproject.com	3 redirects
3	pixel.onaudience.com	3 redirects
3	sync.mathtag.com	3 redirects
3	web.hb.ad.cpe.dotomi.com	static.uolcontent.com
3	secure.adnxs.com	static.uolcontent.com
3	ap.lijit.com	static.uolcontent.com ap.lijit.com
3	static.criteo.net	static.uolcontent.com sprt.secure.runspectj.com
3	webmail.netzero.net	sprt.secure.runspectj.com
2	sync-tm.everesttech.net	2 redirects
2	ib.adnxs.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	d5p.de17a.com	2 redirects
2	ads.pubmatic.com	static.uolcontent.com ads.pubmatic.com
2	eus.rubiconproject.com	static.uolcontent.com eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	bidder.criteo.com	static.criteo.net
1	simage4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com
1	id.rlcdn.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	mug.criteo.com
1	uol-d.openx.net	static.uolcontent.com
1	hbopenbid.pubmatic.com	static.uolcontent.com
1	fastlane.rubiconproject.com	static.uolcontent.com
1	as.casalemedia.com	static.uolcontent.com
1	acdn.adnxs.com	static.uolcontent.com
1	track.untd.com	sprt.secure.runspectj.com
1	track.juno.com	sprt.secure.runspectj.com
1	sprt.secure.runspectj.com
0	adserver-us.adtech.advertising.com Failed	sprt.secure.runspectj.com
82	46

This site contains links to these domains. Also see Links.

Domain
my.juno.com
account.juno.com
www.juno.com
track.juno.com
www.unitedonline.net

Subject Issuer	Validity	Valid
my.juno.com Go Daddy Secure Certificate Authority - G2	`2021-06-29` - `2022-07-11`	a year	crt.sh
track.netzero.net Go Daddy Secure Certificate Authority - G2	`2021-09-16` - `2022-09-25`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
content.uolstatic.com Go Daddy Secure Certificate Authority - G2	`2021-07-22` - `2022-07-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 11 frames:

Primary Page: http://sprt.secure.runspectj.com/
Frame ID: 02ABDA511B817825BB5004C676C9D03D
Requests: 51 HTTP requests in this frame

Frame: https://my.juno.com/start/view/redesign/common/phoenix/blankPhnx.html?v=34955
Frame ID: A10C9E795356C862BD17F61B1D0C17EA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sprt.secure.runspectj.com
Frame ID: 53B623FC85912C396C91606F4E636B67
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=
Frame ID: AC5A315A6C471E33D40C9D443F865FE8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 142809F1E2B13CFBF3F7BBA148BB50E9
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3EBCFBA8B1CF4049A4301275B6043E59
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5
Frame ID: 6AC9F9614F3D8FB26B24B95B9EADCB34
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408
Frame ID: 65D67D39DDC020AEAD3F1C58883494F1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=
Frame ID: 201754DB43ABC5649FE8471CFED7709D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F30E7BE4DE7A0829198A2493E01BAB43
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005
Frame ID: F1FDC5867CC2EBF980AFCFC2B3C100C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Juno - My Juno Personalized Start Page - Sign in

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

66 %
HTTPS

16 %
IPv6

29
Domains

46
Subdomains

34
IPs

11
Countries

335 kB
Transfer

942 kB
Size

46
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://my.juno.com/

Search URL Search Domain Scan URL

URL: https://account.juno.com/s/resetpassword
Title: Password?

Search URL Search Domain Scan URL

URL: https://www.juno.com/freeemail
Title: Create A New Account

Search URL Search Domain Scan URL

URL: https://my.juno.com/start/sp.do
Title: My Juno

Search URL Search Domain Scan URL

URL: https://track.juno.com/s/lc?s=&u=https://account.juno.com/s/account
Title: My Account

Search URL Search Domain Scan URL

URL: https://account.juno.com/s/landing
Title: Our Services

Search URL Search Domain Scan URL

URL: http://www.unitedonline.net/advertisers/
Title: Advertisers

Search URL Search Domain Scan URL

URL: https://www.juno.com/start/landing.do?page=www/legal/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.juno.com/start/landing.do?page=www/legal/privacy#III
Title: About Ads

Search URL Search Domain Scan URL

URL: https://www.juno.com/start/landing.do?page=www/legal/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://my.juno.com/start/landing.do?page=www/legal/cookie
Title: Cookie Policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584; HTTP 301
https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;

Request Chain 24

http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584; HTTP 301
https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;

Request Chain 25

http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584; HTTP 301
https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;

Request Chain 49

https://gum.criteo.com/sid/json?origin=publishertag&domain=runspectj.com&sn=ChromeSyncframe&so=0&topUrl=sprt.secure.runspectj.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=G9i6d3xxd2FXMkZRN1FmN1hDY0MwRFlIeW45VlNXamJjcUlyY1dYWkt0czE2Q0JlWnlGdUY0RmI2dzJaU2xWWUk0V3oxcUNQcXRvK3JWdTZNNW1hOVpjMDU5eElDNGdPR1ZJY2svSVgzZnVRMURscmpoSnRZVEdCVHFjSnlmclZVWU83TXlZSjVEMkdCK21MTEg4eitaSGxheTF5SnN5WEVnUzMwTSsvMndRVklGdS9vMXpKd25EMmQ1RnFvbVRyd1QvbjFGaVpQbFlRQytzUmdwZ0NoQXY3cUpBYXJVMmV2c3RmTklmS0VyTFNYL2xmUml6T2NpbXBlYmhQTkZtbE9IQlc3ZnZBRGNaaWVoZUhEU0ZoeDhjdzh3dz09fA&cppv=2

Request Chain 58

https://c1.adform.net/serving/cookie/match?party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5

Request Chain 59

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408

Request Chain 60

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=

Request Chain 61

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 62

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnbpHochQHWPQT3UdrjitQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnbpHochQHWPQT3UdrjitQ%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 64

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=724461f9-de51-4600-a925-4f572c88690a

Request Chain 65

https://pixel.onaudience.com/?partner=214&mapped=1A76E91E-8721-4075-8F41-3DD476B8E2B5 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9d48b7c0a35447b65e992ea0b214b798 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=7859ca23-b4d6-4773-aaae-747b26ba7c44&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=0734e64b7f83c308 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zcluid=0734e64b7f83c308&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEKrcUSV5zO1RYRJ34V9g2vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zcluid=0734e64b7f83c308&zdid=1332

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3NkU5MUUtODcyMS00MDc1LThGNDEtM0RENDc2QjhFMkI1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3NkU5MUUtODcyMS00MDc1LThGNDEtM0RENDc2QjhFMkI1&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJxQcHtuxsvB_W4f6gcxmAI&google_cver=1

Request Chain 69

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5786927421368742300

Request Chain 70

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7859ca23-b4d6-4773-aaae-747b26ba7c44

Request Chain 71

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5504330569937013556&gdpr=0&gdpr_consent=

Request Chain 73

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfneUQADD10LuQBB HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfneUQADD10LuQBB&_test=YfneUQADD10LuQBB

Request Chain 74

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4VFN91-27-6ARC&sigv=1&esig=2~1b514c4a029595bf584b6bb29a96002e1aa6d65b

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgCcu8jpyanmTpqHRcbx_8&google_cver=1

Request Chain 76

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/LaSnmQDnrW_fZ4G-FLXQnsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1687769153019920754

Request Chain 77

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2OWFhY2Q4YjgzOTBmMGNkY2QyMWI1NmFmOTMzNDliYTQ2MWRjNw

Request Chain 78

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d33261f9-de51-4400-a865-136d7d658a0e

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sprt.secure.runspectj.com/ 21 KB
8 KB 159ms
126ms Document
text/html 45.133.200.3
INTERNET-IT

General

Check archive.org

Show headers Download Go to

Full URL

http://sprt.secure.runspectj.com/

Protocol

HTTP/1.1

Server

45.133.200.3 , Seychelles, ASN200313 (INTERNET-IT, SC),

Reverse DNS

cpanel-host.prohoster.info

Software

nginx / PHP/5.6.40

Resource Hash

b921cd7439e3f054bdb852e8a850455031dd4d3e452378716c727d1f9d559fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Wed, 02 Feb 2022 01:28:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK pageview.js Show response
my.juno.com/common/js/ 425 B
778 B 852ms
174ms Script
application/x-javascript 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/common/js/pageview.js
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: Apache /
Resource Hash: abedf7922481b4f2645b96fc74a0c72eea2abe2e3e363e9b7b5176eec761ee77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jan 2019 03:46:53 GMT
Server: Apache
ETag: "1a9-57f268bb60540"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 264
Expires: Thu, 29 Dec 2022 01:28:44 GMT

GET
H/1.1 200
OK jquery-1.12.3.min.js Show response
my.juno.com/redesign/common/js/ 95 KB
34 KB 857ms
179ms Script
application/x-javascript 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/redesign/common/js/jquery-1.12.3.min.js
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: Apache /
Resource Hash: e7d49cca61290be8f37223db523fef0f0b39fc9f894f75143c8784077fde395d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jan 2018 04:08:39 GMT
Server: Apache
ETag: "17b9b-561ff9a6ddfc0"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 33793
Expires: Thu, 29 Dec 2022 01:28:44 GMT

GET
H/1.1 200
OK bootstrap.min.css
my.juno.com/redesign/common/css/ 99 KB
17 KB 785ms
159ms Stylesheet
text/css 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/redesign/common/css/bootstrap.min.css?v=42606
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: Apache /
Resource Hash: 11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Oct 2014 05:19:27 GMT
Server: Apache
ETag: "18cdb-50674ca8155c0"
Content-Type: text/css
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 17247
Expires: Thu, 29 Dec 2022 01:28:44 GMT

GET
H/1.1 200
OK common-redesign.css
my.juno.com/redesign/common/css/ 22 KB
5 KB 827ms
169ms Stylesheet
text/css 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/redesign/common/css/common-redesign.css?v=50388
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: Apache /
Resource Hash: 530a7ec85c99a87c16767bea53210c18c3ec6c45449c931931276271d5b58bbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 10:13:07 GMT
Server: Apache
ETag: "5982-566f809ddb2c0"
Content-Type: text/css
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 4945
Expires: Thu, 29 Dec 2022 01:28:44 GMT

GET
H/1.1 200
OK sp-redesign.css
my.juno.com/static/start/view/common/css/ 44 KB
10 KB 833ms
171ms Stylesheet
text/css 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/static/start/view/common/css/sp-redesign.css?v=62278
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: Apache /
Resource Hash: 1bc13a75564c6146f9ecde68e8ce49a345d225fdf663c8486dad373e06d5fcd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 12:31:08 GMT
Server: Apache
ETag: "b16b-5cdae520adb00"
Content-Type: text/css
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 9651
Expires: Thu, 29 Dec 2022 01:28:44 GMT

GET
H/1.1 200
OK common-redesign.js Show response
my.juno.com/redesign/common/js/ 9 KB
3 KB 853ms
175ms Script
application/x-javascript 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/redesign/common/js/common-redesign.js?v=2345
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: Apache /
Resource Hash: 293a55ecf8395b41ce9f3520d72cfc943bf09807aac64595855a8a380f76f19e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jan 2019 03:46:52 GMT
Server: Apache
ETag: "235b-57f268ba6c300"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 2679
Expires: Thu, 29 Dec 2022 01:28:44 GMT

GET
H/1.1 200
OK mobile-detect.min.js Show response
my.juno.com/static/start/view/common/js/ 35 KB
15 KB 999ms
169ms Script
application/x-javascript 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/static/start/view/common/js/mobile-detect.min.js
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: Apache /
Resource Hash: 6ba6cfb901156845a6d571c65a55728e59509155f4c05f49a9fc42c2682ee367

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2015 10:37:38 GMT
Server: Apache
ETag: "8b85-51ed55f392080"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 14933
Expires: Thu, 29 Dec 2022 01:28:44 GMT

GET
H/1.1 200
OK j_logo.png
my.juno.com/redesign/common/images/ 10 KB
11 KB 176ms
174ms Image
image/png 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.juno.com/redesign/common/images/j_logo.png
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: Apache /
Resource Hash: a3bd4d5f4d5b6ccc9573c2bdb34fda04e96aff2f99bf162f3784acff5ab0bb32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Last-Modified: Wed, 22 Mar 2017 10:00:56 GMT
Server: Apache
ETag: "2983-54b4ed6278600"
Content-Type: image/png
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 10627
Expires: Thu, 29 Dec 2022 01:28:44 GMT

GET
H/1.1 200
OK speed-detector.js Show response
my.juno.com/redesign/common/js/vendor/ 3 KB
2 KB 177ms
174ms Script
application/x-javascript 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/redesign/common/js/vendor/speed-detector.js?v=20930
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: Apache /
Resource Hash: d762c0ab92d46134c186e1a5c1c21ed4484836560ad255af4d3937c30dc983e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Aug 2018 04:30:23 GMT
Server: Apache
ETag: "c90-572d0da3195c0"
Content-Type: application/x-javascript
Cache-Control: max-age=28512000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1325
Expires: Thu, 29 Dec 2022 01:28:44 GMT

GET
H/1.1 200
OK pv
track.juno.com/s/ 43 B
478 B 557ms
97ms Image
image/gif 64.136.45.32
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.juno.com/s/pv?s=999999&a=logon&p=logon&d=unknown&i=41F4E281110548DC38D9E8463B3D2C06.VGS-AS06&cf=sp&srt=0&crt=0&
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.45.32 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: track.dca.juno.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 01:28:44 GMT
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked
P3P: policyref="http://www.juno.com/common/w3c/juno.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control: no-cache,post-check=0,pre-check=0
X-User
Content-Type: image/gif
Expires: 0

GET OmnesBlack-Italic.otf
my.juno.com/redesign/common/fonts/ 0
0

GET
H/1.1 200
OK hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/ 3 KB
4 KB 387ms
96ms Image
image/gif 64.136.45.83
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1643765323755
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Server: 64.136.45.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: webmail.dca.netzero.net
Software: Apache /
Resource Hash: fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Last-Modified: Fri, 25 Sep 2009 12:30:24 GMT
Server: Apache
ETag: "c27-474661cb5b800"
P3P: policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control: max-age=315360000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=60, max=984
Content-Length: 3111
Expires: Sat, 31 Jan 2032 01:28:44 GMT

GET
H/1.1 200
OK as-3.0.9.min.js Show response
static.uolcontent.com/js_api/ 99 KB
31 KB 647ms
95ms Script
text/javascript 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Requested by: Host: my.juno.com
URL: https://my.juno.com/redesign/common/js/jquery-1.12.3.min.js
Protocol: HTTP/1.1
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: d0b2f6f5ca3168e9b22b9e83496921274949e77479f0d4946344d1cd3adadcd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Oct 2019 11:28:52 GMT
Server: lighttpd
ETag: "2514082245"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Content-Length: 31381
Expires: Sat, 28 Jan 2023 01:28:45 GMT

GET
H/1.1 200
OK hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/ 3 KB
4 KB 97ms
96ms Image
image/gif 64.136.45.83
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1643765324145
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Server: 64.136.45.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: webmail.dca.netzero.net
Software: Apache /
Resource Hash: fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:44 GMT
Last-Modified: Fri, 25 Sep 2009 12:30:24 GMT
Server: Apache
ETag: "c27-474661cb5b800"
P3P: policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control: max-age=315360000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=60, max=978
Content-Length: 3111
Expires: Sat, 31 Jan 2032 01:28:44 GMT

GET
H/1.1 200
OK hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/ 3 KB
4 KB 97ms
96ms Image
image/gif 64.136.45.83
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1643765324245
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Server: 64.136.45.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: webmail.dca.netzero.net
Software: Apache /
Resource Hash: fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:45 GMT
Last-Modified: Fri, 25 Sep 2009 12:30:24 GMT
Server: Apache
ETag: "c27-474661cb5b800"
P3P: policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control: max-age=315360000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=60, max=998
Content-Length: 3111
Expires: Sat, 31 Jan 2032 01:28:45 GMT

GET
H/1.1 200
OK oasrdb
track.untd.com/s/ 43 B
563 B 307ms
97ms Image
image/gif 64.136.45.30
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://track.untd.com/s/oasrdb?pid=SDS&profile=1&ts=1643765324357
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: HTTP/1.1
Server: 64.136.45.30 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: track.dca.untd.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 01:28:46 GMT
Server: Apache-Coyote/1.1
P3P: policyref="http://my.untd.com/common/w3c/untd.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control: no-cache,post-check=0,pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK aconfig Show response
static.uolcontent.com/cgi/ 28 KB
8 KB 191ms
96ms Fetch
application/json 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: http://static.uolcontent.com/cgi/aconfig?site=uolstart&apiVersion=3.0.9&brand=JU&format=json
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: HTTP/1.1
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: 442e661cf3a248fc4510ec71ec47ec8c74e824d3a84e4fb4d37d835fc08e25fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jan 2022 05:32:36 GMT
Server: lighttpd
ETag: "2439615990"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Accept-Ranges: bytes
Content-Length: 7790

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 90 KB
32 KB 94ms
8ms Script
application/javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a876f7590c4f5401126a7f86a487411e1edb22b7750b8d7e10dbc2fe1178939d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 15:43:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61b0d28a-169ff"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 32042
Expires: Thu, 03 Feb 2022 01:28:48 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 99ms
9ms Script
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 195
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0FSFE9TJ1XVQZ7J3FN4B
date: Wed, 02 Feb 2022 01:28:46 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: I09iqp3QkvS139UWmAC_86nyS1ZWE7aeVVgNyUDGtTiifrrTYovD6Q==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 125 KB
40 KB 106ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1eadc253aa14701ab7ee3d2126ffd9ee8edd6cfb9f3c98284511c392740bcc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 04:27:58 GMT
server: nginx
etag: W/"61ee2ace-1f234"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Feb 2022 01:28:46 GMT

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 6 KB
3 KB 98ms
15ms Script
text/javascript 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13392629&uid=united_online
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:06:40 GMT
Server: nginx
ETag: W/"5e8cdd50-17e9"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap2ams1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Credentials: true
Expires: Wed, 09 Feb 2022 01:28:46 GMT

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
233 B 288ms
96ms Image
image/gif 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AI%3AsessLog%3Auh%3D%26site%3Duolstart%26dnt%3D0%26dapp%3D0%26dnw%3D4g%26deval%3D0&command=ADLOG&count=1643765325580
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:46 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Mar 2022 01:28:46 GMT

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
89 B 288ms
97ms Image
image/gif 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aadserver%20is%20not%20configured%20for%20RMA1&command=ADLOG&count=1643765325581
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:46 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Mar 2022 01:28:46 GMT

GET

ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;
adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/
Redirect Chain

http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?
https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?

0
0

GET

ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;
adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/
Redirect Chain

http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?
https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?

0
0

GET

ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;
adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/
Redirect Chain

http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?
https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?

0
0

GET
H/1.1 200
OK headertag Show response
as.casalemedia.com/ 0
438 B 240ms
141ms Script
text/html 178.18.231.138
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: http://as.casalemedia.com/headertag?v=9&fn=cygnus_index_parse_res&s=185413&r=%7B%22id%22%3A478614016%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fsprt.secure.runspectj.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2246221%22%2C%22siteID%22%3A190476%7D%7D%2C%7B%22id%22%3A%222%22%2C%20%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2246222%22%2C%22siteID%22%3A190477%7D%7D%2C%7B%22id%22%3A%223%22%2C%20%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2246224%22%2C%22siteID%22%3A190480%7D%7D%5D%7D&t=2000
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: HTTP/1.1
Server: 178.18.231.138 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 01:28:46 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.44], XFF:[]
Last-Modified: Fri, 18 Sep 2020 03:08:00 GMT
Server: Apache
ETag: "0"
Content-Type: text/html
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Wed, 02 Feb 2022 01:28:46 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 507 B
2 KB 134ms
23ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20470&site_id=249838&p_screen_res=1600x1200&tk_flint=uol-ad.js-3.0.9&rp_secure=0&rp_floor=0.01&rf=http%3A%2F%2Fsprt.secure.runspectj.com%2F&zone_id=1240574%3B1240558%3B1240550&size_id=2%3B2%3B15&p_pos=atf%3Batf%3Bbtf&x_source.tid=984053815%3B963515526%3B937476144&rand=866779895&slots=3
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: de56a78eecb3d27a52d895dddb16496fb87b155b4998b59d44fe3101fd666925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 01:28:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://sprt.secure.runspectj.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 507
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator
hbopenbid.pubmatic.com/ 0
0 103ms
18ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://sprt.secure.runspectj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://sprt.secure.runspectj.com
date: Wed, 02 Feb 2022 01:28:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
uol-d.openx.net/w/1.0/ 73 B
384 B 102ms
19ms Fetch
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://uol-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fsprt.secure.runspectj.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.7&nocache=1643765325587&ns=0&pubcid=79bf5a13-976f-4970-9f3a-82fc3dba49d5&aus=728x90%7C728x90%7C300x250&dddid=983445369%2C276298834%2C291704174&auid=540737102%2C540737103%2C540737100
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 3ae0a08c22d12371228574f56003ef6d05625f94b3974a357164b626d6e8070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:46 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://sprt.secure.runspectj.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
646 B 95ms
14ms Script
text/html 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?&id=10431377&size=728x90&referrer=http%3A%2F%2Fsprt.secure.runspectj.com%2F&_=1643765325589&callback=asJSONPCB_1643765325365

Requested by

Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 01:28:46 GMT
X-Proxy-Origin: 193.27.14.44; 193.27.14.44; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 11ecda00-1839-4061-9640-c0073051808a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
646 B 95ms
14ms Script
text/html 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?&id=10431373&size=728x90&referrer=http%3A%2F%2Fsprt.secure.runspectj.com%2F&_=1643765325590&callback=asJSONPCB_1643765325366

Requested by

Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 01:28:46 GMT
X-Proxy-Origin: 193.27.14.44; 193.27.14.44; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b500d422-5b59-4c06-8c25-f26fe0c80e3f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
646 B 36ms
13ms Script
text/html 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?&id=10431369&size=300x250&referrer=http%3A%2F%2Fsprt.secure.runspectj.com%2F&_=1643765325590&callback=asJSONPCB_1643765325367

Requested by

Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 01:28:46 GMT
X-Proxy-Origin: 193.27.14.44; 193.27.14.44; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a1b7b116-3c2a-444b-b707-61f31aa7643a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 180 B
371 B 95ms
14ms Fetch
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 818f74daf73313871cf4b738cf909fb6e4539867042996455dc1e5e2bdfa394d

Request headers

Referer: http://sprt.secure.runspectj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:46 GMT
server: nginx
content-type: application/json
access-control-allow-origin: http://sprt.secure.runspectj.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 180
expires: 0

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 180 B
370 B 104ms
25ms Fetch
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 606e454e817ad0782f4923f15aa21b9846126f18b767e1d85a823d556e30e312

Request headers

Referer: http://sprt.secure.runspectj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:46 GMT
server: nginx
content-type: application/json
access-control-allow-origin: http://sprt.secure.runspectj.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 180
expires: 0

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 180 B
370 B 94ms
15ms Fetch
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: f0f70a80a444dd700060efa269fffccdd30ab26ba842fafe921851426344cc36

Request headers

Referer: http://sprt.secure.runspectj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:46 GMT
server: nginx
content-type: application/json
access-control-allow-origin: http://sprt.secure.runspectj.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 180
expires: 0

GET
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 43 B
569 B 20ms
16ms Script
application/x-javascript 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?&br=%7B%22id%22%3A%22288705193%22%2C%22site%22%3A%7B%22domain%22%3A%22sprt.secure.runspectj.com%22%2C%22page%22%3A%22%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22897707586%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22409809%22%7D%2C%7B%22id%22%3A%22419536564%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22409811%22%7D%2C%7B%22id%22%3A%22669689792%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22453832%22%7D%5D%7D&_=1643765325593&callback=asJSONPCB_1643765325368
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b5f7e157d9ecf0fd9a85a763b7362b0c550d2dbb29540d452d7a2a73a1cc23f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 63

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 13ms
7ms XHR
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 20:55:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 16379
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 21 Jan 2022 02:54:57 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
Via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: FRA56-C1
Content-Type: application/javascript
X-Amz-Cf-Id: 92oEot-qU95Xq8hNBoc1txeRJ7gBcdJYpmgDx3xDLhBC163PIJXzCA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
316 B 14ms
13ms XHR
text/plain 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3406&u=http%3A%2F%2Fsprt.secure.runspectj.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:15:56 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
server: Server
age: 770
x-cache: Hit from cloudfront
access-control-allow-origin: http://sprt.secure.runspectj.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: eB2BnBwkvwyC_T9JmJd79gxvjVcsiN0KF97E_CznxSQ7iduSedJ1cg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
541 B 40ms
40ms XHR
text/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3406&u=http%3A%2F%2Fsprt.secure.runspectj.com%2F&pid=LpMTyONi8KP0W&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22Top3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2210022%22%7D%2C%7B%22sd%22%3A%22Bottom4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2210015%22%7D%2C%7B%22sd%22%3A%22Left2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2210007%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:46 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: EX6TBNEQ9FDQFZM3E96C
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://sprt.secure.runspectj.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: RmXEULpqMGxcvAqgJ8EURHo0MNNlg5t2xdRjDMVVbh6lVLidaREkbA==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
225 B 60ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=118&profileId=184&cb=57978311023

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://sprt.secure.runspectj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 02 Feb 2022 01:28:45 GMT
server: Finatra
vary: Origin
access-control-allow-origin: http://sprt.secure.runspectj.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
89 B 141ms
96ms Image
image/gif 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Arubicon%20bidding%20errors%3A%20Top3%3Aerror-15-internal-error%2CBottom4%3Aerror-15-internal-error%2CLeft2%3Aerror-15-internal-error&command=ADLOG&count=1643765325730
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:46 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Mar 2022 01:28:46 GMT

GET
H/1.1 200
OK blankPhnx.html Show response
my.juno.com/start/view/redesign/common/phoenix/ Frame A10C 1 KB
1 KB 176ms
175ms Document
text/html 64.136.53.46
AS-NETZERO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.juno.com/start/view/redesign/common/phoenix/blankPhnx.html?v=34955
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 64.136.53.46 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: my.vgs.juno.com
Software: /
Resource Hash: e9c692bd0c30a7bbc17154b2be4e32f407c11db5098a9a4a02ff148dc4754eed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/

Response headers

Date: Wed, 02 Feb 2022 01:28:46 GMT
Server
Accept-Ranges: bytes
ETag: W/"1045-1494907690000"
Last-Modified: Tue, 16 May 2017 04:08:10 GMT
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 610
X-Pad: avoid browser bug

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
89 B 96ms
95ms Image
image/gif 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aadtech%20bidding%20errors%3A%20Top3%20Failed%20to%20fetch%2CBottom4%20Failed%20to%20fetch%2CLeft2%20Failed%20to%20fetch&command=ADLOG&count=1643765325785
Requested by: Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:46 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Mar 2022 01:28:46 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
225 B 16ms
15ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://sprt.secure.runspectj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 02 Feb 2022 01:28:46 GMT
server: Finatra
vary: Origin
access-control-allow-origin: http://sprt.secure.runspectj.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 16ms
16ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:46 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 28 Jan 2023 01:28:46 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 16ms
16ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: sprt.secure.runspectj.com
URL: http://sprt.secure.runspectj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:46 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 28 Jan 2023 01:28:46 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 53B6 13 KB
5 KB 64ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sprt.secure.runspectj.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1800
date: Wed, 02 Feb 2022 01:28:46 GMT
content-length: 5182
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame AC5A 0
0 16ms
16ms Document
text/plain 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13392629&uid=united_online
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/

Response headers

Server: nginx
Date: Wed, 02 Feb 2022 01:28:46 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap2ams1

GET
H2

200

sid Show response
mug.criteo.com/ Frame 53B6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=runspectj.com&sn=ChromeSyncframe&so=0&topUrl=sprt.secure.runspectj.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=G9i6d3xxd2FXMkZRN1FmN1hDY0MwRFlIeW45VlNXamJjcUlyY1dYWkt0czE2Q0JlWnlGdUY0RmI2dzJaU2xWWUk0V3oxcUNQcXRvK3JWdTZNNW1hOVpjMDU5eElDNGdPR1ZJY2svSVgzZnVRMURscmpoSnRZVEdCVHFjSn...

430 B
632 B

66ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=G9i6d3xxd2FXMkZRN1FmN1hDY0MwRFlIeW45VlNXamJjcUlyY1dYWkt0czE2Q0JlWnlGdUY0RmI2dzJaU2xWWUk0V3oxcUNQcXRvK3JWdTZNNW1hOVpjMDU5eElDNGdPR1ZJY2svSVgzZnVRMURscmpoSnRZVEdCVHFjSnlmclZVWU83TXlZSjVEMkdCK21MTEg4eitaSGxheTF5SnN5WEVnUzMwTSsvMndRVklGdS9vMXpKd25EMmQ1RnFvbVRyd1QvbjFGaVpQbFlRQytzUmdwZ0NoQXY3cUpBYXJVMmV2c3RmTklmS0VyTFNYL2xmUml6T2NpbXBlYmhQTkZtbE9IQlc3ZnZBRGNaaWVoZUhEU0ZoeDhjdzh3dz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4ac5154a91c121c9f8a2e3ff00a5a6172d0724368b4c4a240c73904eea5dd6f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:46 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3800
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:46 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=G9i6d3xxd2FXMkZRN1FmN1hDY0MwRFlIeW45VlNXamJjcUlyY1dYWkt0czE2Q0JlWnlGdUY0RmI2dzJaU2xWWUk0V3oxcUNQcXRvK3JWdTZNNW1hOVpjMDU5eElDNGdPR1ZJY2svSVgzZnVRMURscmpoSnRZVEdCVHFjSnlmclZVWU83TXlZSjVEMkdCK21MTEg4eitaSGxheTF5SnN5WEVnUzMwTSsvMndRVklGdS9vMXpKd25EMmQ1RnFvbVRyd1QvbjFGaVpQbFlRQytzUmdwZ0NoQXY3cUpBYXJVMmV2c3RmTklmS0VyTFNYL2xmUml6T2NpbXBlYmhQTkZtbE9IQlc3ZnZBRGNaaWVoZUhEU0ZoeDhjdzh3dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1912
content-length: 541
expires: 0

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
135 B 96ms
96ms Image
image/gif 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aindex%20Failed%20to%20get%20bids%3A%20timeout&command=ADLOG&count=1643765327585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:48 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Mar 2022 01:28:48 GMT

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
89 B 96ms
96ms Image
image/gif 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aappnexus%20bidding%20errors%3A%20Top3%20jsonp%20script%20loading%20failed%3A%20timeout%2CBottom4%20jsonp%20script%20loading%20failed%3A%20timeout%2CLeft2%20jsonp%20script%20loading%20failed%3A%20timeout&command=ADLOG&count=1643765327590
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:48 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Mar 2022 01:28:48 GMT

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
89 B 96ms
95ms Image
image/gif 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AI%3Abids%3DTop3%3A12345%7C0%3B46202%7C0%3B46224%7C0%3B46737%7C0%3B46700%7C0%3B46764%7C0%3B46250%7C0%3B46357%7C0%3B46470%7C0%3B46234%7C0%2CBottom4%3A12345%7C0%3B46200%7C0%3B46222%7C0%3B46735%7C0%3B46698%7C0%3B46762%7C0%3B46248%7C0%3B46358%7C0%3B46473%7C0%3B46232%7C0%2CLeft2%3A12345%7C0%3B46199%7C0%3B46221%7C0%3B46734%7C0%3B46697%7C0%3B46761%7C0%3B46247%7C0%3B46355%7C0%3B46474%7C0%3B46238%7C0%26tt%3D2011%7Ca9v2%3A171%7Cadtech%3A203%7Cindex%3A2002%7Crubicon%3A147%7Cpubmatic%3A109%7Copenx%3A144%7Cappnexus%3A2008%7Ccriteo%3A207%7Cconversant%3A134%7Csovrn%3A145%26du%3D0%26site%3Duolstart%26pn%3Ddesk%2Flogin%26fl%3D1%26ar%3D0&command=ADLOG&count=1643765327592
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:48 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Mar 2022 01:28:48 GMT

GET
H2 200 spacer.gif
static.uolcontent.com/images/ 43 B
89 B 101ms
101ms Image
image/gif 64.136.44.49
AS-NETZERO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aadserver%20is%20not%20configured%20for%20Top3%2CBottom4%2CLeft2&command=ADLOG&count=1643765327592
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS: content.dca.untd.com
Software: lighttpd /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:48 GMT
last-modified: Wed, 04 Jan 2017 07:38:14 GMT
server: lighttpd
etag: "4030218971"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Mar 2022 01:28:48 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1428 281 B
554 B 45ms
7ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2022 01:28:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3EBC 38 KB
14 KB 71ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: static.uolcontent.com
URL: http://static.uolcontent.com/js_api/as-3.0.9.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://sprt.secure.runspectj.com/

Response headers

last-modified: Tue, 11 Jan 2022 05:13:08 GMT
etag: "1302647-9687-5d547824a78f1"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13928
content-type: text/html; charset=UTF-8
cache-control: public, max-age=152154
expires: Thu, 03 Feb 2022 19:44:43 GMT
date: Wed, 02 Feb 2022 01:28:49 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1428 32 KB
10 KB 7ms
7ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 01:28:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62487
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Wed, 02 Feb 2022 18:50:16 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3EBC 2 KB
3 KB 62ms
13ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45912202&p=157483&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4c959273dbb4bef8bdb28b102436fc7149266005b23feb8ab5c84888800d2659

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:48 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 6AC9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5

35 B
468 B

22ms
20ms

Document
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Feb 2022 01:28:49 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 02 Feb 2022 01:28:49 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1A76E91E-8721-4075-8F41-3DD476B8E2B5
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 65D6
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408

42 B
210 B

19ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Feb 2022 01:28:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug007:0:430
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8637361553281564408
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2017
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=

42 B
650 B

65ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Feb 2022 01:28:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug003:0:462
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Wed, 02 Feb 2022 01:28:49 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&gdpr=0&gdpr_consent=
Expires: Wed, 02 Feb 2022 01:28:48 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F30E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
111 B

60ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Feb 2022 01:28:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug004:0:436
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Wed, 02 Feb 2022 01:28:49 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Wed, 02 Feb 2022 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1536314
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F1FD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005

42 B
210 B

76ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Feb 2022 01:28:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug001:0:422
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Wed, 02 Feb 2022 01:28:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059918330360101005

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3EBC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnbpHochQHWPQT3UdrjitQ%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnbpHochQHWPQT3UdrjitQ%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

20ms
18ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:49 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=105101
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Thu, 03 Feb 2022 06:40:30 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=724461f9-de51-4600-a925-4f572c88690a

0
260 B

78ms
19ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=724461f9-de51-4600-a925-4f572c88690a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 02 Feb 2022 01:28:49 GMT
Server: MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=724461f9-de51-4600-a925-4f572c88690a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 02 Feb 2022 01:28:48 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3EBC
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=1A76E91E-8721-4075-8F41-3DD476B8E2B5
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9d48b7c0a35447b65e992ea0b214b798
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=7859ca23-b4d6-4773-aaae-747b26ba7c44&icm
https://spl.zeotap.com/?zdid=1332&zcluid=0734e64b7f83c308
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEKrcUSV5zO1RYRJ34V9g2vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177...

95 B
164 B

30ms
19ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEKrcUSV5zO1RYRJ34V9g2vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zcluid=0734e64b7f83c308&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6d6fa51faae19067-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEKrcUSV5zO1RYRJ34V9g2vM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=87d8f765-a622-4adc-73ff-fa2f3c3480c4&reqId=321ca341-9537-42aa-5fa9-177bfba3fd79&zcluid=0734e64b7f83c308&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3NkU5MUUtODcyMS00MDc1LThGNDEtM0RENDc2QjhFMkI1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUE3NkU5MUUtODcyMS00MDc1LThGNDEtM0RENDc2QjhFMkI1&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

54ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:424
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJxQcHtuxsvB_W4f6gcxmAI&google_cver=1

42 B
281 B

55ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJxQcHtuxsvB_W4f6gcxmAI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug025:0:441
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJxQcHtuxsvB_W4f6gcxmAI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 3EBC 43 B
610 B 72ms
19ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 01 Feb 2022 01:28:49 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5786927421368742300

42 B
234 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5786927421368742300
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:436
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5786927421368742300
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7859ca23-b4d6-4773-aaae-747b26ba7c44

42 B
294 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7859ca23-b4d6-4773-aaae-747b26ba7c44
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:407
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7859ca23-b4d6-4773-aaae-747b26ba7c44
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3EBC
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5504330569937013556&gdpr=0&gdpr_consent=

42 B
235 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5504330569937013556&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug030:0:435
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 01:28:49 GMT
X-Proxy-Origin: 193.27.14.44; 193.27.14.44; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: edfbab1f-cf4b-469d-941d-837c44446e5b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5504330569937013556&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 1428 0
0 44ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1428
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfneUQADD10LuQBB
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfneUQADD10LuQBB&_test=YfneUQADD10LuQBB

0
239 B

7ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfneUQADD10LuQBB&_test=YfneUQADD10LuQBB
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643765330.673775,VS0,VE0
x-served-by: cache-hhn4026-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfneUQADD10LuQBB&_test=YfneUQADD10LuQBB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 1428
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4VFN91-27-6ARC&sigv=1&esig=2~1b514c4a029595bf584b6bb29a96002e1aa6d65b

0
194 B

36ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4VFN91-27-6ARC&sigv=1&esig=2~1b514c4a029595bf584b6bb29a96002e1aa6d65b

Protocol

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:49 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4VFN91-27-6ARC&sigv=1&esig=2~1b514c4a029595bf584b6bb29a96002e1aa6d65b
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1428
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgCcu8jpyanmTpqHRcbx_8&google_cver=1

0
239 B

25ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgCcu8jpyanmTpqHRcbx_8&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgCcu8jpyanmTpqHRcbx_8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1428
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/LaSnmQDnrW_fZ4G-FLXQnsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1687769153019920754

0
239 B

8ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1687769153019920754
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Wed, 02 Feb 2022 01:28:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1687769153019920754
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1428
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2OWFhY2Q4YjgzOTBmMGNkY2QyMWI1NmFmOTMzNDliYTQ2MWRjNw

170 B
243 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2OWFhY2Q4YjgzOTBmMGNkY2QyMWI1NmFmOTMzNDliYTQ2MWRjNw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTc2OWFhY2Q4YjgzOTBmMGNkY2QyMWI1NmFmOTMzNDliYTQ2MWRjNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1428
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d33261f9-de51-4400-a865-136d7d658a0e

0
239 B

37ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d33261f9-de51-4400-a865-136d7d658a0e
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

Date: Wed, 02 Feb 2022 01:28:49 GMT
Server: MT3 4133 baa842e master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d33261f9-de51-4400-a865-136d7d658a0e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 02 Feb 2022 01:28:48 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1428 70 B
264 B 101ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 01:28:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 3EBC 0
260 B 73ms
20ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=157483&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 01:28:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: my.juno.com
URL: https://my.juno.com/redesign/common/fonts/OmnesBlack-Italic.otf

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Juno (Telecommunication)

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sprt.secure.runspectj.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: g5s5rk7v9gfeatr3fl9bpk2c06
sprt.secure.runspectj.com/	1970-01-20 00:46:10	Name: CT Value: 1
.runspectj.com/	1970-01-20 09:21:41	Name: _pubcid Value: 79bf5a13-976f-4970-9f3a-82fc3dba49d5
.lijit.com/	1970-01-20 09:21:41	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.rubiconproject.com/	1970-01-20 09:21:41	Name: khaos Value: KZ4VFN91-27-6ARC
.rubiconproject.com/	1970-01-20 09:21:41	Name: audit Value: 1\|naVuGyos1qry80F2U4+RRf+oE/PhLWQEKtLvkckcz9uAc5uHgCNHvi7Rt/9SHKZHm0oAqNxU/J0TJ8iF/DOhwrVLARZhc/634HEYI5ehIrVETUC5n6DrItzpQ7vzkXQ/
.criteo.com/	1970-01-20 09:57:41	Name: uid Value: ed7e0489-508f-4bce-85cb-783b85d49cff
.runspectj.com/	1970-01-20 09:57:41	Name: cto_bundle Value: YvxoGF8xMFF2UEIlMkJWZnFqeVd1THh1RTVoQlhOQUxKckp3M2ZwSVYlMkI1blVXcjBYcGc3MFI4RGE2dmo5S1FJSTBkU1JwNkNGMUU1SEg4TGx5VlpOcjUlMkJtalpNVWJyVTE2WHFZaEdsMVhuJTJGOEZRQWhRYmNKOXJNbSUyQjI1bjQxNHV0aXViN0tXYXRHeHJrQW0zMUpCYnBWNXNVdklRJTNEJTNE
.ads.pubmatic.com/	1970-01-20 00:37:31	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 02:45:41	Name: KADUSERCOOKIE Value: 1A76E91E-8721-4075-8F41-3DD476B8E2B5
.pubmatic.com/	1970-01-20 02:45:41	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 00:37:31	Name: pi Value: 157483:2
.pubmatic.com/	1970-01-20 02:45:41	Name: DPSync3 Value: 1644969600%3A197_219_201%7C1643846400%3A174
.pubmatic.com/	1970-01-20 02:45:41	Name: SyncRTB3 Value: 1644969600%3A21_3_220_13_161_56_7_54%7C1645056000%3A35%7C1646352000%3A203
.adfarm1.adition.com/	1970-01-20 02:45:41	Name: UserID1 Value: 7059918330360101005
.onaudience.com/	1970-01-20 09:21:41	Name: cookie Value: 0734e64b7f83c308
.onaudience.com/	1970-01-20 00:37:31	Name: done_redirects104 Value: 1
.mathtag.com/	1970-01-20 10:02:00	Name: uuid Value: d33261f9-de51-4400-a865-136d7d658a0e
.simpli.fi/	1970-01-20 09:23:07	Name: suid Value: 8777882A0E204B7094B5C002D4D1AD76
.adform.net/	1970-01-20 01:16:24	Name: C Value: 1
.doubleclick.net/	1970-01-20 09:57:41	Name: IDE Value: AHWqTUk5bIl3SM96uMZSSgK2A0KTcOSE9Ha1qvWZsSNTXKtPlxTFlAWJbo6TVNiHMHA
.de17a.com/	1970-01-20 09:14:29	Name: guid2 Value: 1.8637361553281564408
.adform.net/	1970-01-20 02:02:29	Name: uid Value: 5786927421368742300
.adnxs.com/	1970-01-20 02:45:41	Name: uuid2 Value: 5504330569937013556
.adsrvr.org/	1970-01-20 09:21:41	Name: TDID Value: 7859ca23-b4d6-4773-aaae-747b26ba7c44
.pubmatic.com/	1970-01-20 02:45:41	Name: KRTBCOOKIE_27 Value: 16735-uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&KRTB&16736-uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&KRTB&23019-uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438&KRTB&23208-uid:adcf61f9-de51-4f00-a06f-c2b0f82f3438
.pubmatic.com/	1970-01-20 01:19:17	Name: PugT Value: 1643765329
.pubmatic.com/	1970-01-20 02:45:41	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 01:19:17	Name: KRTBCOOKIE_1101 Value: 23040-7059918330360101005
.pubmatic.com/	1970-01-20 01:19:17	Name: KRTBCOOKIE_391 Value: 22924-5786927421368742300&KRTB&23263-5786927421368742300
.pubmatic.com/	1970-01-20 01:19:17	Name: KRTBCOOKIE_336 Value: 5844-8637361553281564408
.pubmatic.com/	1970-01-20 02:45:41	Name: KRTBCOOKIE_80 Value: 22987-CAESEJxQcHtuxsvB_W4f6gcxmAI&KRTB&16514-CAESEJxQcHtuxsvB_W4f6gcxmAI&KRTB&23025-CAESEJxQcHtuxsvB_W4f6gcxmAI
.pubmatic.com/	1970-01-20 01:19:17	Name: SPugT Value: 1643765328
.everesttech.net/	1970-01-20 09:21:41	Name: everest_g_v2 Value: g_surferid~YfneUQADD10LuQBB
.pubmatic.com/	1970-01-20 02:45:41	Name: KRTBCOOKIE_57 Value: 22776-5504330569937013556&KRTB&23339-5504330569937013556
.pubmatic.com/	1970-01-20 02:45:41	Name: KRTBCOOKIE_377 Value: 6810-7859ca23-b4d6-4773-aaae-747b26ba7c44&KRTB&22918-7859ca23-b4d6-4773-aaae-747b26ba7c44&KRTB&23031-7859ca23-b4d6-4773-aaae-747b26ba7c44
.yahoo.com/	1970-01-20 09:22:02	Name: A3 Value: d=AQABBFHe-WECELk6Tk5dhaR-u0qh_cNSjogFEgEBAQEv-2EDYgAAAAAA_eMAAA&S=AQAAAkfxyz38alijxl3u0faYoAA
.crwdcntrl.net/	1970-01-20 07:04:52	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:04:52	Name: _cc_id Value: 9d48b7c0a35447b65e992ea0b214b798
.crwdcntrl.net/	1970-01-20 07:04:53	Name: _cc_cc Value: "ACZ4XmNQsEwxsUgyTzZINDY1MTFPMjNNtbQ0Sk00SDIyNEkyt7RgAILEn%2FcCQTQUAABWCgsW"
.crwdcntrl.net/	1970-01-20 07:04:53	Name: _cc_aud Value: "ABR4XmNgYGBI%2FHkvEEhBAQAf6AKK"
.onaudience.com/	1970-01-20 00:37:31	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-20 09:21:41	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwj6yp7brP2yOhAFGAEgASgCMgsIrrfTicP9sjoQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/	1970-01-20 00:37:31	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 09:21:41	Name: zc Value: 87d8f765-a622-4adc-73ff-fa2f3c3480c4
.zeotap.com/	1970-01-20 00:37:31	Name: zsc Value: Jw%FC2e%A1%BD8%7D%B4%96%A1%BCD%84%3A%88%8A%BB%3A%E3%C2%2AD%AAA%3B%09%1E%F0%FAH%AA%A0-u%97%A34%0D%A0K%9Ac%81%8F%9D%B9%92%D5%16%C5%E3%D9KAe%8D%AD%E83%3F%96c9P%A08Q8%CF%BC%1E%9E%EA%3F%D21H%843%B3%D2

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://sprt.secure.runspectj.com/ Message: Access to font at 'https://my.juno.com/redesign/common/fonts/OmnesBlack-Italic.otf' from origin 'http://sprt.secure.runspectj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://my.juno.com/redesign/common/fonts/OmnesBlack-Italic.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://sprt.secure.runspectj.com/ Message: Access to fetch at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?' (redirected from 'http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;?') from origin 'http://sprt.secure.runspectj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/5138117/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46199;misc=1643765325584;? Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://sprt.secure.runspectj.com/ Message: Access to fetch at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?' (redirected from 'http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;?') from origin 'http://sprt.secure.runspectj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311095/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46202;misc=1643765325584;? Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://sprt.secure.runspectj.com/ Message: Access to fetch at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?' (redirected from 'http://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;?') from origin 'http://sprt.secure.runspectj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9821.1/4311092/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46200;misc=1643765325584;? Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
ads.yahoo.com
adserver-us.adtech.advertising.com
ap.lijit.com
as.casalemedia.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cm.g.doubleclick.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
my.juno.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
sprt.secure.runspectj.com
static.criteo.net
static.uolcontent.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
token.rubiconproject.com
track.juno.com
track.untd.com
um.simpli.fi
uol-d.openx.net
web.hb.ad.cpe.dotomi.com
webmail.netzero.net
adserver-us.adtech.advertising.com
my.juno.com
141.94.170.77
142.250.185.98
15.197.193.217
151.101.130.49
169.50.137.184
178.18.231.138
178.250.0.157
178.250.0.165
178.250.2.151
185.29.132.241
185.33.220.241
185.33.221.13
185.64.189.112
185.64.190.80
185.64.190.81
198.47.127.19
198.47.127.20
2.18.233.180
2.21.141.148
213.155.156.165
23.79.143.124
2602:803:c003:200::21
2606:4700:10::6816:1857
2a00:1288:80:800::7001
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:13::1460
2a05:d018:d29:3601:a20d:c00a:cae3:485c
35.244.159.8
35.244.174.68
37.157.4.28
45.133.200.3
52.17.84.146
64.136.44.49
64.136.45.30
64.136.45.32
64.136.45.83
64.136.53.46
65.9.71.173
69.173.144.138
69.173.144.139
72.251.249.13
85.114.159.118
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bc13a75564c6146f9ecde68e8ce49a345d225fdf663c8486dad373e06d5fcd8
1eadc253aa14701ab7ee3d2126ffd9ee8edd6cfb9f3c98284511c392740bcc57
293a55ecf8395b41ce9f3520d72cfc943bf09807aac64595855a8a380f76f19e
3ae0a08c22d12371228574f56003ef6d05625f94b3974a357164b626d6e8070b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
442e661cf3a248fc4510ec71ec47ec8c74e824d3a84e4fb4d37d835fc08e25fd
4ac5154a91c121c9f8a2e3ff00a5a6172d0724368b4c4a240c73904eea5dd6f1
4c959273dbb4bef8bdb28b102436fc7149266005b23feb8ab5c84888800d2659
530a7ec85c99a87c16767bea53210c18c3ec6c45449c931931276271d5b58bbc
606e454e817ad0782f4923f15aa21b9846126f18b767e1d85a823d556e30e312
6ba6cfb901156845a6d571c65a55728e59509155f4c05f49a9fc42c2682ee367
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
818f74daf73313871cf4b738cf909fb6e4539867042996455dc1e5e2bdfa394d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a3bd4d5f4d5b6ccc9573c2bdb34fda04e96aff2f99bf162f3784acff5ab0bb32
a876f7590c4f5401126a7f86a487411e1edb22b7750b8d7e10dbc2fe1178939d
abedf7922481b4f2645b96fc74a0c72eea2abe2e3e363e9b7b5176eec761ee77
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5f7e157d9ecf0fd9a85a763b7362b0c550d2dbb29540d452d7a2a73a1cc23f3
b921cd7439e3f054bdb852e8a850455031dd4d3e452378716c727d1f9d559fe6
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b2f6f5ca3168e9b22b9e83496921274949e77479f0d4946344d1cd3adadcd3
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d762c0ab92d46134c186e1a5c1c21ed4484836560ad255af4d3937c30dc983e7
de56a78eecb3d27a52d895dddb16496fb87b155b4998b59d44fe3101fd666925
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d49cca61290be8f37223db523fef0f0b39fc9f894f75143c8784077fde395d
e9c692bd0c30a7bbc17154b2be4e32f407c11db5098a9a4a02ff148dc4754eed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f70a80a444dd700060efa269fffccdd30ab26ba842fafe921851426344cc36
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

sprt.secure.runspectj.com Open in urlscan Pro 45.133.200.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

66 %HTTPS

16 %IPv6

29 Domains

46 Subdomains

34 IPs

11 Countries

335 kBTransfer

942 kBSize

46 Cookies

11 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sprt.secure.runspectj.com Open in urlscan Pro
45.133.200.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

66 %
HTTPS

16 %
IPv6

29
Domains

46
Subdomains

34
IPs

11
Countries

335 kB
Transfer

942 kB
Size

46
Cookies

82 HTTP transactions
0 data transactions