urlscan.io logo urlscan.io
SecurityTrails logo

s32.web-hosting.com Open in urlscan Pro
162.213.253.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.nagapoker.best/
Effective URL: http://s32.web-hosting.com/
Submission Tags: falconsandbox
Submission: On September 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 8 countries across 35 domains to perform 47 HTTP transactions. The main IP is 162.213.253.109, located in United States and belongs to NAMECHEAP-NET, US. The main domain is s32.web-hosting.com.
This is the only time s32.web-hosting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 51.89.48.112 16276 (OVH)
1 162.213.253.109 22612 (NAMECHEAP...)
6 162.213.253.96 22612 (NAMECHEAP...)
1 104.16.19.94 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
1 198.27.80.143 16276 (OVH)
2 3 158.69.139.225 16276 (OVH)
2 158.69.139.238 16276 (OVH)
1 13.225.78.99 16509 (AMAZON-02)
1 3.121.175.251 16509 (AMAZON-02)
1 13.225.78.71 16509 (AMAZON-02)
1 13.225.78.3 16509 (AMAZON-02)
3 13.225.78.128 16509 (AMAZON-02)
1 138.197.56.196 14061 (DIGITALOC...)
3 3 51.210.112.63 16276 (OVH)
3 4 76.223.111.131 16509 (AMAZON-02)
1 3 104.111.215.191 16625 (AKAMAI-AS)
1 5 34.253.111.115 16509 (AMAZON-02)
1 185.64.189.115 62713 (AS-PUBMATIC)
4 4 51.89.7.202 16276 (OVH)
3 3 46.228.164.13 56396 (AMOBEE)
1 8 52.209.129.133 16509 (AMAZON-02)
3 5 142.250.186.98 15169 (GOOGLE)
1 151.101.1.44 54113 (FASTLY)
2 2 35.227.248.159 15169 (GOOGLE)
1 2 54.78.254.47 16509 (AMAZON-02)
2 2 52.210.87.143 16509 (AMAZON-02)
1 51.144.7.192 8075 (MICROSOFT...)
1 99.81.82.31 16509 (AMAZON-02)
1 1 216.46.185.183 13649 (ASN-VINS)
1 64.58.232.177 ()
2 2 63.32.79.233 16509 (AMAZON-02)
6 7 3.121.27.153 16509 (AMAZON-02)
2 2 185.29.134.244 30419 (MEDIAMATH...)
3 3 151.101.194.49 54113 (FASTLY)
1 1 199.127.207.190 26120 (RHYTHMONE)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 37.252.173.62 29990 (ASN-APPNEX)
47 27
3    51.89.48.112 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip112.ip-51-89-48.eu
www.nagapoker.best
www.nagapoker.name
1    162.213.253.109 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nagapoker21.xyz
s32.web-hosting.com
6    162.213.253.96 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nagapoker.kim
162.213.253.96
1    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net
s4.histats.com
3    158.69.139.225 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip225.ip-158-69-139.net
e.dtscout.com
2    158.69.139.238 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip238.ip-158-69-139.net
t.dtscout.com
1    13.225.78.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-99.fra2.r.cloudfront.net
get.s-onetag.com
1    3.121.175.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-175-251.eu-central-1.compute.amazonaws.com
pd.sharethis.com
1    13.225.78.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-71.fra2.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.225.78.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-3.fra2.r.cloudfront.net
onetag-geo-grouping.s-onetag.com
3    13.225.78.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-128.fra2.r.cloudfront.net
tags.crwdcntrl.net
1    138.197.56.196 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
t.dtscdn.com
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
4    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
5    34.253.111.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    51.89.7.202 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p37.id5-sync.com
id5-sync.com
3    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
8    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
5    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
2    52.210.87.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-87-143.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
1    99.81.82.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-82-31.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    216.46.185.183 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    64.58.232.177 (None, )

ASN- ()
ib.mookie1.com
2    63.32.79.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-79-233.eu-west-1.compute.amazonaws.com
sync.tidaltv.com
7    3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    199.127.207.190 (United States)

ASN26120 (RHYTHMONE, US)
dt-secure.videohub.tv
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
16 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
23 KB
7 eyeota.net
ps.eyeota.net
4 KB
5 doubleclick.net
cm.g.doubleclick.net
2 KB
5 dtscout.com
e.dtscout.com
t.dtscout.com
10 KB
4 id5-sync.com
id5-sync.com
6 KB
4 adsrvr.org
match.adsrvr.org
2 KB
3 everesttech.net
sync-tm.everesttech.net
738 B
3 turn.com
d.turn.com
1 KB
3 bluekai.com
tags.bluekai.com
903 B
3 onaudience.com
pixel.onaudience.com
1 KB
3 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
onetag-geo-grouping.s-onetag.com
12 KB
2 adnxs.com
secure.adnxs.com
2 KB
2 sitescout.com
pixel-sync.sitescout.com
941 B
2 mathtag.com
sync.mathtag.com
1 KB
2 tidaltv.com
sync.tidaltv.com
687 B
2 demdex.net
dpm.demdex.net
2 KB
2 exelator.com
loadm.exelator.com
2 KB
2 tapad.com
pixel.tapad.com
916 B
2 histats.com
s10.histats.com
s4.histats.com
5 KB
2 nagapoker.best
www.nagapoker.best
449 B
1 rubiconproject.com
token.rubiconproject.com
214 B
1 videohub.tv
dt-secure.videohub.tv
547 B
1 mookie1.com
ib.mookie1.com
992 B
1 ib-ibi.com
global.ib-ibi.com
512 B
1 krxd.net
beacon.krxd.net
338 B
1 cintnetworks.com
c.cintnetworks.com
328 B
1 taboola.com
trc.taboola.com
240 B
1 pubmatic.com
image6.pubmatic.com
166 B
1 dtscdn.com
t.dtscdn.com
407 B
1 sharethis.com
pd.sharethis.com
88 B
1 cloudflare.com
cdnjs.cloudflare.com
6 KB
1 web-hosting.com
s32.web-hosting.com
903 B
1 nagapoker.name
www.nagapoker.name
316 B
0 clrstm.com Failed
sync.tag.clrstm.com Failed
0 survata.com Failed
px.surveywall-api.survata.com Failed
47 35
Domain Requested by
8 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
7 ps.eyeota.net 6 redirects bcp.crwdcntrl.net
5 cm.g.doubleclick.net 3 redirects bcp.crwdcntrl.net
5 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
bcp.crwdcntrl.net
4 id5-sync.com 4 redirects
4 match.adsrvr.org 3 redirects bcp.crwdcntrl.net
3 sync-tm.everesttech.net 3 redirects
3 d.turn.com 3 redirects
3 tags.bluekai.com 1 redirects bcp.crwdcntrl.net
3 pixel.onaudience.com 3 redirects
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 e.dtscout.com 2 redirects 162.213.253.96
2 secure.adnxs.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 sync.mathtag.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 dpm.demdex.net 2 redirects
2 loadm.exelator.com 1 redirects bcp.crwdcntrl.net
2 pixel.tapad.com 2 redirects
2 t.dtscout.com e.dtscout.com
2 www.nagapoker.best 2 redirects
1 token.rubiconproject.com bcp.crwdcntrl.net
1 dt-secure.videohub.tv 1 redirects
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 beacon.krxd.net bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 trc.taboola.com bcp.crwdcntrl.net
1 image6.pubmatic.com bcp.crwdcntrl.net
1 t.dtscdn.com e.dtscout.com
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 pd.sharethis.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 s4.histats.com s10.histats.com
1 s10.histats.com 162.213.253.96
1 cdnjs.cloudflare.com 162.213.253.96
1 s32.web-hosting.com
1 www.nagapoker.name 1 redirects
0 sync.tag.clrstm.com Failed bcp.crwdcntrl.net
0 px.surveywall-api.survata.com Failed bcp.crwdcntrl.net
47 41

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
histats.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
*.dtscout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-03		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
sharethis.com
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
t.dtscdn.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-15		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.cintnetworks.com
DigiCert SHA2 Secure Server CA		 2020-09-21 -
2021-10-23		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
ib.mookie1.com
DigiCert SHA2 High Assurance Server CA		 2019-10-07 -
2021-11-12		 2 years crt.sh
*.eyeota.net
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh

This page contains 5 frames:

Primary Page: http://s32.web-hosting.com/
Frame ID: E0209F535C0903CC66B42ECE7F672DFE
Requests: 1 HTTP requests in this frame

Frame: http://162.213.253.96/
Frame ID: 3CE3FB467BB1F4075F1A02047B81D1F7
Requests: 20 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D0016318176835338515C9C7200233B
Frame ID: FD5A74C8FF359710E84379EFD855AE0B
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 1EDDB1654BFFA92D5D31391B1C679B68
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: 428B8DEDD784D0697B9A491BD587A96D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NagaPoker | NagaPoker Asia | NagaPoker Online Asia

Page URL History Show full URLs

  1. http://www.nagapoker.best/ HTTP 301
    https://www.nagapoker.best/ HTTP 301
    http://www.nagapoker.name/ HTTP 301
    http://s32.web-hosting.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

47
Requests

79 %
HTTPS

0 %
IPv6

35
Domains

41
Subdomains

27
IPs

8
Countries

153 kB
Transfer

226 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nagapoker.best/ HTTP 301
    https://www.nagapoker.best/ HTTP 301
    http://www.nagapoker.name/ HTTP 301
    http://s32.web-hosting.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F HTTP 307
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F HTTP 301
  • https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
Request Chain 18
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D0016318176835338515C9C7200233B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=8d9e1f1e-d7de-41f1-bd8b-675a61a84395&icm HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=9137c3ac84a240ac
Request Chain 24
  • https://id5-sync.com/s/19/9.gif?puid=3b64a9e86f064daab2349c7aa5a27948&gdpr=1 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=3b64a9e86f064daab2349c7aa5a27948&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=c5833ad6a173b92c629ec3f8d44b0db7&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMODw9fGzxmih9fvk8p8B2GZi15QcAvxeXLBDMYMg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/7/3.gif?puid=2313517104370823283&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMODw9fGzxmih9fvk8p8B2GZi15QcAvxeXLBDMYMg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I2NGE5ZTg2ZjA2NGRhYWIyMzQ5YzdhYTVhMjc5NDg&google_redir={xENCODEDURL}&id5id=ID5-ZHMODw9fGzxmih9fvk8p8B2GZi15QcAvxeXLBDMYMg
Request Chain 27
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=3b64a9e86f064daab2349c7aa5a27948&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=3b64a9e86f064daab2349c7aa5a27948&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=f083d6f4-5cc1-4155-b76c-e27a42e7a853
Request Chain 28
  • https://loadm.exelator.com/load/?p=204&g=260&buid=3b64a9e86f064daab2349c7aa5a27948&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=260&buid=3b64a9e86f064daab2349c7aa5a27948&j=0&xl8blockcheck=1
Request Chain 30
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=3b64a9e86f064daab2349c7aa5a27948&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=3b64a9e86f064daab2349c7aa5a27948&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=59484940562408593580607064069796898128
Request Chain 34
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=3b64a9e86f064daab2349c7aa5a27948 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=3b64a9e86f064daab2349c7aa5a27948
Request Chain 35
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5351e5bc-5418-4c44-a947-b1154f9f5484?gdpr=1&gdpr_consent=
Request Chain 36
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=3b64a9e86f064daab2349c7aa5a27948 HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=3b64a9e86f064daab2349c7aa5a27948 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkhfeEZTMzJudVJLMVBZZWNpZjBCNVJrMDU0WFpHRFQ5dWlhdExPdG5sNms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkhfeEZTMzJudVJLMVBZZWNpZjBCNVJrMDU0WFpHRFQ5dWlhdExPdG5sNms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEGh0Lv-9kKBdOnZAJtE3W1c&google_cver=1 HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2313517104370823283&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=bcc46143-8fd4-4700-a4d0-bfaad5c3d890&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?uid=YUOP1QACB4ncjQAT&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
  • https://ps.eyeota.net/match?uid=8d9e1f1e-d7de-41f1-bd8b-675a61a84395&bid=1e2n4ou
Request Chain 37
  • https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
  • https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-6f91a532afdaf288c2bf245f78a5e682
Request Chain 38
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bcc46143-8fd4-4700-a4d0-bfaad5c3d890
Request Chain 39
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=8080f5e9-d59d-4b76-8cf3-a4e057bdbf2a-61438fd5-5553
Request Chain 41
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUOP1QACB4ncjQAT HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUOP1QACB4ncjQAT&_test=YUOP1QACB4ncjQAT
Request Chain 42
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=
Request Chain 44
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/3b64a9e86f064daab2349c7aa5a27948/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8884830811146170483
Request Chain 45
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=417014430%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D417014430%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/rand=417014430/tpid=8006309039735099573/tp=ANXS

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
s32.web-hosting.com/
Redirect Chain
  • http://www.nagapoker.best/
  • https://www.nagapoker.best/
  • http://www.nagapoker.name/
  • http://s32.web-hosting.com/
2 KB
903 B 		Document
General
Check archive.org
Download Go to
Full URL
http://s32.web-hosting.com/
Protocol
HTTP/1.1
Server
162.213.253.109 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nagapoker21.xyz
Software
LiteSpeed / PHP/7.2.34
Resource Hash
fe02af3b6cd36898586049469371fb5e714fb448a458dc8c632441ea64bdabe6

Request headers

Host
s32.web-hosting.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.2.34
content-type
text/html; charset=UTF-8
content-length
663
content-encoding
gzip
vary
Accept-Encoding
date
Thu, 16 Sep 2021 18:41:22 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed

Redirect headers

Date
Thu, 16 Sep 2021 18:41:21 GMT
Server
Apache
Location
http://s32.web-hosting.com/
Cache-Control
max-age=600
Expires
Thu, 16 Sep 2021 18:51:21 GMT
Content-Length
235
Keep-Alive
timeout=1, max=500
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
/
162.213.253.96/ Frame 3CE3 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://162.213.253.96/
Requested by
Host: s32.web-hosting.com
URL: http://s32.web-hosting.com/
Protocol
HTTP/1.1
Server
162.213.253.96 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nagapoker.kim
Software
LiteSpeed / PHP/7.2.34
Resource Hash
27abf3da33fad8506207135e65414af59cb75e4ca0147a1fc06632a143a32731

Request headers

Host
162.213.253.96
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://s32.web-hosting.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://s32.web-hosting.com/

Response headers

x-powered-by
PHP/7.2.34
content-type
text/html; charset=UTF-8
content-length
2168
content-encoding
gzip
vary
Accept-Encoding
date
Thu, 16 Sep 2021 18:41:22 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
style.css
162.213.253.96/css/ Frame 3CE3 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://162.213.253.96/css/style.css
Requested by
Host: 162.213.253.96
URL: http://162.213.253.96/
Protocol
HTTP/1.1
Server
162.213.253.96 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nagapoker.kim
Software
LiteSpeed /
Resource Hash
9355a7bb8f20a2a7233e9d83694c912d69527d206e432911533ce5f6fbbd6fa1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:22 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 06:37:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
802
expires
Thu, 23 Sep 2021 18:41:22 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 3CE3 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: 162.213.253.96
URL: http://162.213.253.96/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
549186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THY28wislsT%2F4n7bTTorUcW2eIoYYp5g%2FfXae3rYrSto0RA6B49NKnl4jmIyj73dHntMOVOlCm%2BJfrzzGgV2utsIANL1E7bwhqFxfgE86N8Bg3zlvXflIpFLceBGgVss3mCbadzr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68fc3a845f2c8766-DUS
expires
Tue, 06 Sep 2022 18:41:22 GMT
logo.png
162.213.253.96/gambar/ Frame 3CE3 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://162.213.253.96/gambar/logo.png
Requested by
Host: 162.213.253.96
URL: http://162.213.253.96/
Protocol
HTTP/1.1
Server
162.213.253.96 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nagapoker.kim
Software
LiteSpeed /
Resource Hash
8926e50c8e0c2661a7b1b2ae10dc75a49cc99ee8298656ae759b793c11a786b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:22 GMT
last-modified
Fri, 09 Apr 2021 06:02:44 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
32664
expires
Thu, 23 Sep 2021 18:41:22 GMT
login.jpg
162.213.253.96/gambar/ Frame 3CE3 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://162.213.253.96/gambar/login.jpg
Requested by
Host: 162.213.253.96
URL: http://162.213.253.96/
Protocol
HTTP/1.1
Server
162.213.253.96 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nagapoker.kim
Software
LiteSpeed /
Resource Hash
54e7553111598ca2ad2640c37cbe792b06b14d62b292b3f76f72f8f1b4468c16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:22 GMT
last-modified
Thu, 08 Apr 2021 12:19:00 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6867
expires
Thu, 23 Sep 2021 18:41:22 GMT
daftar.jpg
162.213.253.96/gambar/ Frame 3CE3 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://162.213.253.96/gambar/daftar.jpg
Requested by
Host: 162.213.253.96
URL: http://162.213.253.96/
Protocol
HTTP/1.1
Server
162.213.253.96 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nagapoker.kim
Software
LiteSpeed /
Resource Hash
dab25c54c7eb527594c637eedf56534453cc4aefff744b6cf7c417a66aadf7f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:22 GMT
last-modified
Thu, 08 Apr 2021 12:19:02 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
7627
expires
Thu, 23 Sep 2021 18:41:22 GMT
nagapoker.jpg
162.213.253.96/gambar/ Frame 3CE3 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://162.213.253.96/gambar/nagapoker.jpg
Requested by
Host: 162.213.253.96
URL: http://162.213.253.96/
Protocol
HTTP/1.1
Server
162.213.253.96 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nagapoker.kim
Software
LiteSpeed /
Resource Hash
951045d026d841aeb9750aadf1c16246e32336d0fd4704c5bb39ea80428d0a49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:22 GMT
last-modified
Fri, 09 Apr 2021 06:04:37 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
42636
expires
Thu, 23 Sep 2021 18:41:22 GMT
js15_as.js
s10.histats.com/ Frame 3CE3 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: 162.213.253.96
URL: http://162.213.253.96/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:31:44 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
vary
Accept-Encoding
x-iplb-instance
42472
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
x-iplb-request-id
D8836F89:99CC_2E69C9F0:0050_61438FD2_5907B:A4A9
content-length
4547
x-request-id
191595129
0.php
s4.histats.com/stats/ Frame 3CE3 		378 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4550331&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mNagaPoker%20%7C%20Judi%20Naga%20Poker%20Online%20Terpercaya&@n0&@ohttp%3A%2F%2Fs32.web-hosting.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-98937854&@b3:1631817683&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F162.213.253.96%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
f7cf02e3f66015f94b3a6cea82d895f90ffd4e8dff28b61da958fe85bb20b313

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:41:23 GMT
Connection
close
Content-Length
378
Content-Type
text/html;charset=UTF-8
/
e.dtscout.com/e/ Frame 3CE3
Redirect Chain
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
  • https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
Requested by
Host: 162.213.253.96
URL: http://162.213.253.96/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip225.ip-158-69-139.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5b093af6e4d816b55fc70396e3ac52ad6551528c24cc068b002a54535fd9ec4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:41:23 GMT
X-T
0.674
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl1
Expires
Thu, 16 Sep 2021 18:41:22 GMT

Redirect headers

Location
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
Date
Thu, 16 Sep 2021 18:41:23 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
194
Content-Type
text/html
/
t.dtscout.com/idg/ Frame FD5A 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=6D0016318176835338515C9C7200233B
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cd1288d0dbb04e637d6b6f98d687a0bc41ed2015982b824d8ba1305b05df55e9

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://162.213.253.96/
Accept-Encoding
gzip, deflate, br
Cookie
m=1; st=1; oa=1; df=1631817683; l=6D0016318176835338515C9C7200233B
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 16 Sep 2021 18:41:23 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Thu, 16 Sep 2021 18:41:22 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 3CE3 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-99.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
3212
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 16 Sep 2021 17:47:52 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
KpPdOnBU-TidGmc1yHScTTRbsOTFoM9fdTCEbG_72HorYDIKoemsFw==
dtscout
pd.sharethis.com/pd/ Frame 3CE3 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.175.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-175-251.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 16 Sep 2021 18:41:23 GMT
/
t.dtscout.com/pv/ Frame 3CE3 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=162.213.253.96&_ss=26q94kfo4j&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=45fu&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ec3f936266f6239c515002b304dbe5687395b3bd384bff49e4a9483fd7fc46da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:41:23 GMT
X-T
0.168
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Thu, 16 Sep 2021 18:41:22 GMT
/
onetag-geo.s-onetag.com/ Frame 3CE3 		555 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-71.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:23 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ed.cloudfront.net (CloudFront), 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2, FRA2-C2
x-amzn-requestid
3d39387a-1b7d-4bcc-9eb4-f8ef80b56b82
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
FxNpHGTKCYcFqlw=
content-length
555
x-amz-cf-id
AkxOYoNWdWms7hQPIyS0hT59GwNLChZFKMbCAdwn8kvVINC6EurL6w==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ Frame 3CE3 		1 KB
826 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-3.fra2.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:23 GMT
content-encoding
gzip
server
restify
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding,origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
http://162.213.253.96
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-id
h2YbfH6oFAY75v2Et2DV6jGVsRp3FLHvIk8840R5E6WerQoQcP71EA==
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ Frame 3CE3 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 14:24:35 GMT
content-encoding
gzip
etag
W/"f321a7442b8087eba0d1817aa7dbb5f7"
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
age
15409
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
HmU5ycv544InMGZIzi7Eb-a0qETc2pvquJ_K7EyT2pTGgby8YRz52g==
/
t.dtscdn.com/widget/ Frame 3CE3 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=6D0016318176835338515C9C7200233B&nid=300&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2F162.213.253.96%2F&r=http%3A%2F%2Fs32.web-hosting.com%2F
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F162.213.253.96%2F&j=http%3A%2F%2Fs32.web-hosting.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:27:26 GMT
X-T
46.6
x-server
web16.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Thu, 16 Sep 2021 18:27:25 GMT
33141
tags.bluekai.com/site/ Frame 3CE3
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D0016318176835338515C9C7200233B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=8d9e1f1e-d7de-41f1-bd8b-675a61a84395&icm
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=9137c3ac84a240ac
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=9137c3ac84a240ac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:41:24 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=9137c3ac84a240ac
content-length
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ Frame 3CE3 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
http://162.213.253.96/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 16 Sep 2021 18:41:25 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-cache
Miss from cloudfront
x-amz-cf-id
khjXnAW8zIx6WWcQMYscxzasjxijvqB8DaNR8Si989Y1crtU-IJbEg==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
data
bcp.crwdcntrl.net/6/ Frame 3CE3 		552 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e3cab2b8a9e4d99448e6e8ec64d0aa4e1e0fb87720c4c9d3dd0648996de6a96f

Request headers

Referer
http://162.213.253.96/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://162.213.253.96
cache-control
no-cache
x-server
10.45.10.89
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
552
expires
0
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 1EDD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method
GET
:authority
tags.crwdcntrl.net
:scheme
https
:path
/lt/shared/2/lt.iframe.html?c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://162.213.253.96/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=3b64a9e86f064daab2349c7aa5a27948; _cc_cc="ACZ4XmNQME4yM0m0TLUwSzMwM0lJTEwyMjaxTDZPTDRNNDK3NLFgAIJE5%2F4rIBoCeCe8OK%2FN%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQT6jAl75YgTFyz4Sk3TLxz8kktGBsA%2BvFBzQ%3D%3D"; _cc_aud="ABR4XmNgYGBIdO6%2FAqQggJmBgWsGmLmoFUQyPqwHkgBipQU1"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://162.213.253.96/

Response headers

content-type
text/html
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption
AES256
server
AmazonS3
content-encoding
gzip
date
Thu, 16 Sep 2021 17:42:49 GMT
cache-control
max-age: 86400
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ygQOT3HLU-sd7hL5vp6zmm5dgR_a3TSURz1dOnjCTrQ9wsiAoO6viA==
age
3516
pixels
bcp.crwdcntrl.net/ Frame 428B 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
df09be817cc52e18ec0987489e2f482d5882f33efdf914b578b6f4176b6f23aa

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tags.crwdcntrl.net/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=3b64a9e86f064daab2349c7aa5a27948; _cc_cc="ACZ4XmNQME4yM0m0TLUwSzMwM0lJTEwyMjaxTDZPTDRNNDK3NLFgAIJE5%2F4rIBoCeCe8OK%2FN%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQT6jAl75YgTFyz4Sk3TLxz8kktGBsA%2BvFBzQ%3D%3D"; _cc_aud="ABR4XmNgYGBIdO6%2FAqQggJmBgWsGmLmoFUQyPqwHkgBipQU1"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Thu, 16 Sep 2021 18:41:24 GMT
content-type
text/html
content-length
3165
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.25.165
server
Jetty(9.4.38.v20210224)
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 428B 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 428B
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=3b64a9e86f064daab2349c7aa5a27948&gdpr=1
  • https://id5-sync.com/c/19/19/9/1.gif?puid=3b64a9e86f064daab2349c7aa5a27948&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=c5833ad6a173b92c629ec3f8d44b0db7&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMODw9fGzxmih9fvk8p8B2GZi15QcAvxeXLBDMYMg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/7/3.gif?puid=2313517104370823283&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMODw9fGzxmih9fvk8p8B2GZi1...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I2NGE5ZTg2ZjA2NGRhYWIyMzQ5YzdhYTVhMjc5NDg&google_redir={xENCODEDURL}&id5id=ID5-ZHMODw9fGzxmih9fvk8p8B2GZi15QcAvxeXLBDMYMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I2NGE5ZTg2ZjA2NGRhYWIyMzQ5YzdhYTVhMjc5NDg&google_redir={xENCODEDURL}&id5id=ID5-ZHMODw9fGzxmih9fvk8p8B2GZi15QcAvxeXLBDMYMg
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I2NGE5ZTg2ZjA2NGRhYWIyMzQ5YzdhYTVhMjc5NDg&google_redir={xENCODEDURL}&id5id=ID5-ZHMODw9fGzxmih9fvk8p8B2GZi15QcAvxeXLBDMYMg
cache-control
no-cache
x-server
10.45.13.118
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 428B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/lotame/1/ Frame 428B 		43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/lotame/1/cm
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
14
pragma
no-cache
date
Thu, 16 Sep 2021 18:41:24 GMT
via
1.1 varnish
server
nginx
x-timer
S1631817685.807195,VS0,VE14
x-served-by
cache-hhn4028-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
tpid=f083d6f4-5cc1-4155-b76c-e27a42e7a853
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 428B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=3b64a9e86f064daab2349c7aa5a27948&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=3b64a9e86f064daab2349c7aa5a27948&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=f083d6f4-5cc1-4155-b76c-e27a42e7a853
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=f083d6f4-5cc1-4155-b76c-e27a42e7a853
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.209
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=f083d6f4-5cc1-4155-b76c-e27a42e7a853
date
Thu, 16 Sep 2021 18:41:24 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
loadm.exelator.com/load/ Frame 428B
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=260&buid=3b64a9e86f064daab2349c7aa5a27948&j=0
  • https://loadm.exelator.com/load/?p=204&g=260&buid=3b64a9e86f064daab2349c7aa5a27948&j=0&xl8blockcheck=1
0
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=260&buid=3b64a9e86f064daab2349c7aa5a27948&j=0&xl8blockcheck=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 16 Sep 2021 18:41:24 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=260&buid=3b64a9e86f064daab2349c7aa5a27948&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
t
px.surveywall-api.survata.com/ Frame 428B 		0
0
tpid=59484940562408593580607064069796898128
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 428B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=3b64a9e86f064daab2349c7aa5a27948&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=3b64a9e86f064daab2349c7aa5a27948&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=59484940562408593580607064069796898128
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=59484940562408593580607064069796898128
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.146
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-1-v016-07800fea7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4mGDBoobTAQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=59484940562408593580607064069796898128
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame 428B 		0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/identity?a=5461&id=Lotame:3b64a9e86f064daab2349c7aa5a27948
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:41:24 GMT
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity
true
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5
Content-Length
0
sync
sync.tag.clrstm.com/lotame/ Frame 428B 		0
0
usermatch.gif
beacon.krxd.net/ Frame 428B 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=3b64a9e86f064daab2349c7aa5a27948
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.82.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-82-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:41:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1631817684
x-served-by
beacon-n017-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
image.sbxx
ib.mookie1.com/ Frame 428B
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=3b64a9e86f064daab2349c7aa5a27948
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=3b64a9e86f064daab2349c7aa5a27948
120 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=3b64a9e86f064daab2349c7aa5a27948
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.58.232.177 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 18:41:25 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS04
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Thu, 16 Sep 2021 18:41:23 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=3b64a9e86f064daab2349c7aa5a27948
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
COR09
Content-Type
text/html; charset=utf-8
Content-Length
217
tpid=5351e5bc-5418-4c44-a947-b1154f9f5484
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 428B
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5351e5bc-5418-4c44-a947-b1154f9f5484?gdpr=1&gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5351e5bc-5418-4c44-a947-b1154f9f5484?gdpr=1&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.89
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
Apache-Coyote/1.1
location
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5351e5bc-5418-4c44-a947-b1154f9f5484?gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
match
ps.eyeota.net/ Frame 428B
Redirect Chain
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=3b64a9e86f064daab2349c7aa5a27948
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=3b64a9e86f064daab2349c7aa5a27948
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkhfeEZTMzJudVJLMVBZZWNpZjBCNVJrMDU0WFpHRFQ5dWlhdExPdG5sNms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkhfeEZTMzJudVJLMVBZZWNpZjBCNVJrMDU0WFpHRFQ5dWlhdExPdG5sNms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEGh0Lv-9kKBdOnZAJtE3W1c&google_cver=1
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u&
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2313517104370823283&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u&
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=bcc46143-8fd4-4700-a4d0-bfaad5c3d890&dc_rc=3&dc_mr=5&dc_orig=51mdg9u&
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
  • https://ps.eyeota.net/match?uid=YUOP1QACB4ncjQAT&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
  • https://ps.eyeota.net/match?uid=8d9e1f1e-d7de-41f1-bd8b-675a61a84395&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=8d9e1f1e-d7de-41f1-bd8b-675a61a84395&bid=1e2n4ou
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:41:25 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=8d9e1f1e-d7de-41f1-bd8b-675a61a84395&bid=1e2n4ou
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
191
tpid=CI-6f91a532afdaf288c2bf245f78a5e682
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame 428B
Redirect Chain
  • https://dt-secure.videohub.tv/v1/usync/lo
  • https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-6f91a532afdaf288c2bf245f78a5e682
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-6f91a532afdaf288c2bf245f78a5e682
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.38
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-6f91a532afdaf288c2bf245f78a5e682
Date
Thu, 16 Sep 2021 18:41:25 GMT
useSecure
true
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 428B
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bcc46143-8fd4-4700-a4d0-bfaad5c3d890
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bcc46143-8fd4-4700-a4d0-bfaad5c3d890
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.50
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Thu, 16 Sep 2021 18:41:24 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x10 config:1.0.1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bcc46143-8fd4-4700-a4d0-bfaad5c3d890
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 16 Sep 2021 18:41:23 GMT
tpid=8080f5e9-d59d-4b76-8cf3-a4e057bdbf2a-61438fd5-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 428B
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=8080f5e9-d59d-4b76-8cf3-a4e057bdbf2a-61438fd5-5553
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=8080f5e9-d59d-4b76-8cf3-a4e057bdbf2a-61438fd5-5553
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.213
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=8080f5e9-d59d-4b76-8cf3-a4e057bdbf2a-61438fd5-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
token
token.rubiconproject.com/ Frame 428B 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=3b64a9e86f064daab2349c7aa5a27948&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpid=YUOP1QACB4ncjQAT&_test=YUOP1QACB4ncjQAT
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 428B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUOP1QACB4ncjQAT
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUOP1QACB4ncjQAT&_test=YUOP1QACB4ncjQAT
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUOP1QACB4ncjQAT&_test=YUOP1QACB4ncjQAT
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.92
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631817685.173255,VS0,VE0
x-served-by
cache-hhn4021-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUOP1QACB4ncjQAT&_test=YUOP1QACB4ncjQAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 428B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 428B 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=c5833ad6a173b92c629ec3f8d44b0db7
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:41:25 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tpid=8884830811146170483
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 428B
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/3b64a9e86f064daab2349c7aa5a27948/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8884830811146170483
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8884830811146170483
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.38
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8884830811146170483
pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=417014430/tpid=8006309039735099573/ Frame 428B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=417014430%2Ftpid%3D%24UID%2Ftp%3DANXS
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D417014430%252Ftpid%253D%2524UID%252Ftp%253DANXS
  • https://sync.crwdcntrl.net/map/c=281/rand=417014430/tpid=8006309039735099573/tp=ANXS
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/rand=417014430/tpid=8006309039735099573/tp=ANXS
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 18:41:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.237
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 18:41:25 GMT
X-Proxy-Origin
216.131.111.137; 216.131.111.137; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
11dc9b42-9fad-4323-a69b-304e7b6caf5f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/rand=417014430/tpid=8006309039735099573/tp=ANXS
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.surveywall-api.survata.com
URL
https://px.surveywall-api.survata.com/t
Domain
sync.tag.clrstm.com
URL
https://sync.tag.clrstm.com/lotame/sync?uid=3b64a9e86f064daab2349c7aa5a27948

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster

45 Cookies

Domain/Path Name / Value
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1631817683
.dtscout.com/ Name: l
Value: 6D0016318176835338515C9C7200233B
.onaudience.com/ Name: cookie
Value: 50b6f46fff2f1ad0
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDID
Value: 8d9e1f1e-d7de-41f1-bd8b-675a61a84395
.onaudience.com/ Name: done_redirects109
Value: 1
.dtscdn.com/ Name: uid
Value: 6D0016318176835338515C9C7200233B
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 3b64a9e86f064daab2349c7aa5a27948
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME4yM0m0TLUwSzMwM0lJTEwyMjaxTDZPTDRNNDK3NLFgAIJE5%2F4rIBoCeCe8OK%2FN%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQT6jAl75YgTFyz4Sk3TLxz8kktGBsA%2BvFBzQ%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIdO6%2FAqQggJmBgWsGmLmoFUQyPqwHkgBipQU1"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: c8e838e7-3f90-424d-8158-37370969e4a4#1631817681830#2
.tapad.com/ Name: TapAd_TS
Value: 1631817684851
.tapad.com/ Name: TapAd_DID
Value: f083d6f4-5cc1-4155-b76c-e27a42e7a853
.demdex.net/ Name: demdex
Value: 59484940562408593580607064069796898128
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.krxd.net/ Name: _kuid_
Value: OXam3fpA
.eyeota.net/ Name: mako_uid
Value: 17befe9d7bc-606c0000010f41e8
.eyeota.net/ Name: SERVERID
Value: 16872~DM
.dpm.demdex.net/ Name: dpm
Value: 59484940562408593580607064069796898128
.exelator.com/ Name: EE
Value: "5fae351e703967d14aece6a20ac77588"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE0LTHV2NQw1dzA2NLMPMXQJDE1OdUs0cggMdnc3NTCYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJoSX5RZvoiF9fFRSlpDItKik8F7%252F3%252BFQCC2SsW"
.mathtag.com/ Name: uuid
Value: bcc46143-8fd4-4700-a4d0-bfaad5c3d890
.tidaltv.com/ Name: tidal_ttid
Value: 5351e5bc-5418-4c44-a947-b1154f9f5484
.sitescout.com/ Name: ssi
Value: 8080f5e9-d59d-4b76-8cf3-a4e057bdbf2a#1631817685025
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0sjA3tzI0NAAA9Yzi0wkAAAA="
.sitescout.com/ Name: _ssuma
Value: eyI3IjoxNjMxODE3Njg1MDQ3fQ
.adnxs.com/ Name: uuid2
Value: 8006309039735099573
.doubleclick.net/ Name: IDE
Value: AHWqTUlbit-HWK7Bhw9YJSnASUyDgPu0Aj75wA4kogY8dAmZJQMK145jb1NCKQ0VEks
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YUOP1QACB4ncjQAT
.turn.com/ Name: uid
Value: 2313517104370823283
.id5-sync.com/ Name: 3pi
Value: 224#1631817682199#-195837789|321#1631817682153#-1897356074|19#1631817681841#-1593969586#3b64a9e86f064daab2349c7aa5a27948|398#1631817682199#-849783290
.videohub.tv/ Name: UIXX_UPDT
Value: "UILO=1631817685171"
.videohub.tv/ Name: uid
Value: CI-6f91a532afdaf288c2bf245f78a5e682
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjavJiYitP8ORAFOAFaBmV5ZW90YWAC
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: 05tofqtlztiehul5mq5lchgx

2 Console Messages

Source Level URL
Text
network error URL: https://px.surveywall-api.survata.com/t
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.tag.clrstm.com/lotame/sync?uid=3b64a9e86f064daab2349c7aa5a27948
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
d.turn.com
dpm.demdex.net
dt-secure.videohub.tv
e.dtscout.com
get.s-onetag.com
global.ib-ibi.com
ib.mookie1.com
id5-sync.com
image6.pubmatic.com
loadm.exelator.com
match.adsrvr.org
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.surveywall-api.survata.com
s10.histats.com
s32.web-hosting.com
s4.histats.com
secure.adnxs.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.tag.clrstm.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
www.nagapoker.best
www.nagapoker.name
px.surveywall-api.survata.com
sync.tag.clrstm.com
104.111.215.191
104.16.19.94
13.225.78.128
13.225.78.3
13.225.78.71
13.225.78.99
138.197.56.196
142.250.186.98
151.101.1.44
151.101.194.49
158.69.139.225
158.69.139.238
162.213.253.109
162.213.253.96
185.29.134.244
185.64.189.115
198.27.80.143
199.127.207.190
216.46.185.183
3.121.175.251
3.121.27.153
34.253.111.115
35.227.248.159
37.252.173.62
46.105.201.240
46.228.164.13
51.144.7.192
51.210.112.63
51.89.48.112
51.89.7.202
52.209.129.133
52.210.87.143
54.78.254.47
63.32.79.233
64.58.232.177
66.155.71.149
69.173.144.139
76.223.111.131
99.81.82.31
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
27abf3da33fad8506207135e65414af59cb75e4ca0147a1fc06632a143a32731
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
54e7553111598ca2ad2640c37cbe792b06b14d62b292b3f76f72f8f1b4468c16
5b093af6e4d816b55fc70396e3ac52ad6551528c24cc068b002a54535fd9ec4e
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8926e50c8e0c2661a7b1b2ae10dc75a49cc99ee8298656ae759b793c11a786b5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9355a7bb8f20a2a7233e9d83694c912d69527d206e432911533ce5f6fbbd6fa1
951045d026d841aeb9750aadf1c16246e32336d0fd4704c5bb39ea80428d0a49
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
cd1288d0dbb04e637d6b6f98d687a0bc41ed2015982b824d8ba1305b05df55e9
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
dab25c54c7eb527594c637eedf56534453cc4aefff744b6cf7c417a66aadf7f0
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df09be817cc52e18ec0987489e2f482d5882f33efdf914b578b6f4176b6f23aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cab2b8a9e4d99448e6e8ec64d0aa4e1e0fb87720c4c9d3dd0648996de6a96f
ec3f936266f6239c515002b304dbe5687395b3bd384bff49e4a9483fd7fc46da
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f7cf02e3f66015f94b3a6cea82d895f90ffd4e8dff28b61da958fe85bb20b313
fe02af3b6cd36898586049469371fb5e714fb448a458dc8c632441ea64bdabe6