track.adform.net Open in urlscan Pro
37.157.2.234 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&r...
Submission: On January 31 via manual (January 31st 2022, 2:17:31 pm UTC) from ES — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 22 domains to perform 22 HTTP transactions. The main IP is 37.157.2.234, located in Denmark and belongs to ADFORM, DK. The main domain is track.adform.net. The Cisco Umbrella rank of the primary domain is 3933.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 6th 2021. Valid for: a year.

This is the only time track.adform.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	2600:9000:215... 2600:9000:2156:2a00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 5	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
3 3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	54.220.215.179 54.220.215.179	16509 (AMAZON-02) (AMAZON-02)
1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1	23.58.216.132 23.58.216.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.121.193.6 3.121.193.6	16509 (AMAZON-02) (AMAZON-02)
1 1	13.32.121.9 13.32.121.9	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.200.119.241 52.200.119.241	14618 (AMAZON-AES) (AMAZON-AES)
1 2	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4264:c62f:533:271f:3e7e	14618 (AMAZON-AES) (AMAZON-AES)
1	3.68.148.208 3.68.148.208	16509 (AMAZON-02) (AMAZON-02)
1	52.205.5.180 52.205.5.180	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
22	19

1 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2a00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20780873p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.215.179 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-215-179.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.58.216.132 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-216-132.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.193.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-193-6.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.9 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-9.fra60.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.119.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-119-241.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:c62f:533:271f:3e7e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.148.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-148-208.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.5.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-5-180.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	rfihub.com 2 redirects 20780873p.rfihub.com a.rfihub.com — Cisco Umbrella Rank: 3309 p.rfihub.com — Cisco Umbrella Rank: 702	8 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 316	1011 B
3	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 197	1 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 483	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 205	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	2 KB
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 560	178 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 408	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 442	238 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1017	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1265	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 2151	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 2416	783 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1469	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 516	614 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 916	344 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 312	239 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 510	676 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 6049	6 KB
1	adform.net track.adform.net — Cisco Umbrella Rank: 3933	1 KB
22	22

	Domain	Requested by
3	idsync.rlcdn.com	1 redirects track.adform.net
3	p.rfihub.com	2 redirects
3	cm.g.doubleclick.net	3 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	dpm.demdex.net	1 redirects
2	ib.adnxs.com	1 redirects
1	sync-tm.everesttech.net	track.adform.net
1	beacon.krxd.net	track.adform.net
1	aa.agkn.com	track.adform.net
1	partners.tremorhub.com	track.adform.net
1	x.dlx.addthis.com	track.adform.net
1	bpi.rtactivate.com	track.adform.net
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	track.adform.net
1	contextual.media.net	track.adform.net
1	ps.eyeota.net
1	pixel.rubiconproject.com	track.adform.net
1	stags.bluekai.com	1 redirects
1	a.rfihub.com
1	20780873p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	track.adform.net
1	track.adform.net
22	24

This site contains no links.

Subject Issuer	Validity	Valid
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Frame ID: EF84E895A7D140DBEFE9ADE0C1D0468C
Requests: 2 HTTP requests in this frame

Frame: https://20780873p.rfihub.com/ca.html?ver=9&rb=32634&ca=20780873&_o=32634&_t=20780873&pe=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D712578%26lid%3D21491348%26ctype%3D0%26media%3D0%26PageName%3DChequeGourmet%257cAreaCliente%26rnd%3D1714408991%26cpref%3Dhttps%253a%252f%252fwww.tarjetachequegourmet.es%252fcheque%252faction%252fprivate%252fconsultaAction%253fmethod%253dcargas%26loc%3Dhttps%253a%252f%252fwww.tarjetachequegourmet.es%252fcheque%252faction%252fprivate%252fconsultaAction%253fmethod%253dcargas&pf=&ra=5309906079535107
Frame ID: F2BFFA8A96B21EE939170F7313C95F78
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

22
Requests

59 %
HTTPS

10 %
IPv6

22
Domains

24
Subdomains

19
IPs

5
Countries

21 kB
Transfer

25 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyMjM4NTU0NTA4MA==&forward= HTTP 302
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyMjM4NTU0NTA4MA==&forward=&google_tc= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENBfD6yvfMU15jf9cxLF_dc&google_cver=1

Request Chain 3

https://ib.adnxs.com/setuid?entity=18&code=5108559722385545080 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559722385545080

Request Chain 4

https://stags.bluekai.com/site/4722?id=5108559722385545080&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 6

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559722385545080&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559722385545080&redir=

Request Chain 7

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5108559722385545080&bid=omt9pi0

Request Chain 10

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559722385545080&referrer=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D712578%26lid%3D21491348%26ctype%3D0%26media%3D0%26PageName%3DChequeGourmet%257cAreaCliente%26rnd%3D1714408991%26cpref%3Dhttps%253a%252f%252fwww.tarjetachequegourmet.es%252fcheque%252faction%252fprivate%252fconsultaAction%253fmethod%253dcargas%26loc%3Dhttps%253a%252f%252fwww.tarjetachequegourmet.es%252fcheque%252faction%252fprivate%252fconsultaAction%253fmethod%253dcargas HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=ffea6912-a947-4073-8b4b-5ceac7e5d744%3A1643638647.43&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dffea6912-a947-4073-8b4b-5ceac7e5d744%253A1643638647.43 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=ffea6912-a947-4073-8b4b-5ceac7e5d744%3A1643638647.43 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEODFMyqfR-n3AoGmsa-SBxA&google_cver=1

Request Chain 12

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559722385545080&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559722385545080&forward=&C=1

Request Chain 15

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559722385545080&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559722385545080&img=1&__user_check__=1&sync_id=84b95653-82a0-11ec-b1b8-160292010506

Request Chain 19

https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559722385545080&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5108559722385545080&expires=30

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
track.adform.net/serving/container/ 2 KB
1 KB 144ms
40ms Document
text/html 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c2e296a32c782f2b0a35ba3e951b5dfd3f4baee36dae76f57f60d3e596c1ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 31 Jan 2022 14:17:26 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 92ms
17ms Script
application/x-javascript 2600:9000:2156:2a00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 13:59:05 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 13:58:55 GMT
server: Jetty(9.3.29.v20201019)
age: 1102
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: 5p7AoG3ODY9VfYqJZLG9Ut3QfDDdl6ORyk_ko9epYOpQsMkCF1TqWg==
expires: Mon, 31 Jan 2022 14:59:05 GMT

GET
H/1.1 200
OK ca.html Show response
20780873p.rfihub.com/ Frame F2BF 3 KB
4 KB 158ms
31ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20780873p.rfihub.com/ca.html?ver=9&rb=32634&ca=20780873&_o=32634&_t=20780873&pe=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D712578%26lid%3D21491348%26ctype%3D0%26media%3D0%26PageName%3DChequeGourmet%257cAreaCliente%26rnd%3D1714408991%26cpref%3Dhttps%253a%252f%252fwww.tarjetachequegourmet.es%252fcheque%252faction%252fprivate%252fconsultaAction%253fmethod%253dcargas%26loc%3Dhttps%253a%252f%252fwww.tarjetachequegourmet.es%252fcheque%252faction%252fprivate%252fconsultaAction%253fmethod%253dcargas&pf=&ra=5309906079535107
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 0976bb349cb60f1ece2b1cacaef4198d86e60a50fd30bc3db9fc5d5f625ca1aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://track.adform.net/

Response headers

Date: Mon, 31 Jan 2022 14:17:27 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 3192
Server: Jetty(9.3.29.v20201019)

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame F2BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyMjM4NTU0NTA4MA==&forward=
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyMjM4NTU0NTA4MA==&forward=&google_tc=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENBfD6yvfMU15jf9cxLF_dc&google_cver=1

42 B
1022 B

98ms
25ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENBfD6yvfMU15jf9cxLF_dc&google_cver=1
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 14:17:27 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:17:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENBfD6yvfMU15jf9cxLF_dc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame F2BF
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5108559722385545080
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559722385545080

43 B
1 KB

25ms
24ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559722385545080

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 14:17:27 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 52f4ab87-d754-4f0d-a0ee-8d49c3ed6ad1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 14:17:27 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 817b1f62-afc9-4a7d-bf83-81c105c0d263
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559722385545080
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame F2BF
Redirect Chain

https://stags.bluekai.com/site/4722?id=5108559722385545080&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

42 B
1 KB

28ms
27ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 14:17:27 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Date: Mon, 31 Jan 2022 14:17:27 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F2BF 0
239 B 66ms
16ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5108559722385545080&
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F2BF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559722385545080&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559722385545080&redir=

42 B
945 B

42ms
42ms

Image
image/gif

54.220.215.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559722385545080&redir=

Protocol

HTTP/1.1

Server

54.220.215.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-215-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-0364aa5d9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MfZMPVetRW4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v027-0eab81db2.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zLVdsNhyQnY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559722385545080&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame F2BF
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5108559722385545080&bid=omt9pi0

0
344 B

84ms
21ms

Image
text/plain

3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5108559722385545080&bid=omt9pi0
Protocol: HTTP/1.1
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 14:17:27 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5108559722385545080&bid=omt9pi0
Date: Mon, 31 Jan 2022 14:17:27 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame F2BF 45 B
614 B 110ms
57ms Image
image/gif 23.58.216.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559722385545080

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.58.216.132 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-58-216-132.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 31 Jan 2022 14:17:27 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 31 Jan 2022 14:17:27 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame F2BF 0
105 B 111ms
18ms Image
text/plain 3.121.193.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.193.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-193-6.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:17:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame F2BF
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559722385545080&referrer=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D712578%26lid%3D21491348%26ctype%3D0%...
https://p.rfihub.com/cm?pub=39342&in=0&userid=ffea6912-a947-4073-8b4b-5ceac7e5d744%3A1643638647.43&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dffea6912-a947-4073-8b4b-5ceac7e5d744...
https://idsync.rlcdn.com/501709.gif?partner_uid=ffea6912-a947-4073-8b4b-5ceac7e5d744%3A1643638647.43
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEODFMyqfR-n3AoGmsa-SBxA&google_cver=1

42 B
300 B

25ms
24ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEODFMyqfR-n3AoGmsa-SBxA&google_cver=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 14:17:27 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:17:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEODFMyqfR-n3AoGmsa-SBxA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame F2BF 43 B
109 B 362ms
123ms Image
image/gif 52.200.119.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559722385545080
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.119.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-119-241.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:17:27 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F2BF
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559722385545080&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559722385545080&forward=&C=1

43 B
1006 B

32ms
32ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559722385545080&forward=&C=1
Protocol: HTTP/1.1
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 14:17:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 14:17:27 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 14:17:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559722385545080&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Mon, 31 Jan 2022 14:17:27 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame F2BF 42 B
418 B 58ms
24ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559722385545080
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 14:17:27 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame F2BF 43 B
191 B 256ms
155ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559722385545080

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:17:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 31 Jan 2022 14:17:27 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame F2BF
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559722385545080&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559722385545080&img=1&__user_check__=1&sync_id=84b95653-82a0-11ec-b1b8-160292010506

43 B
547 B

25ms
24ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559722385545080&img=1&__user_check__=1&sync_id=84b95653-82a0-11ec-b1b8-160292010506
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 14:17:27 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 2
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 31 Jan 2022 14:17:27 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=5108559722385545080&img=1&__user_check__=1&sync_id=84b95653-82a0-11ec-b1b8-160292010506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 135
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame F2BF 43 B
183 B 310ms
100ms Image
image/gif 2600:1f18:612b:4264:c62f:533:271f:3e7e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5108559722385545080&r=RYpajjulWsPa
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:c62f:533:271f:3e7e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:17:27 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame F2BF 43 B
238 B 103ms
16ms Image
image/gif 3.68.148.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559722385545080
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.148.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-148-208.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:17:27 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F2BF 0
338 B 337ms
100ms Image
text/plain 52.205.5.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559722385545080
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.5.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-5-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:17:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1643638648
x-served-by: beacon-n020-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame F2BF
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559722385545080&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5108559722385545080&expires=30

43 B
510 B

160ms
160ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5108559722385545080&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 14:17:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5108559722385545080&expires=30
Date: Mon, 31 Jan 2022 14:17:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 503 /
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/ Frame F2BF 0
178 B 70ms
15ms Image
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=712578&lid=21491348&ctype=0&media=0&PageName=ChequeGourmet%7cAreaCliente&rnd=1714408991&cpref=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas&loc=https%3a%2f%2fwww.tarjetachequegourmet.es%2fcheque%2faction%2fprivate%2fconsultaAction%3fmethod%3dcargas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20780873p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 14:17:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643638648.555173,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4036-HHN

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjIG0iamBhYGQnyGuonGeYHp_mkRKf5JzgD_rSkQJQAAAA
.rfihub.com/	1970-01-20 09:55:34	Name: rud Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjIG0iamBhYGQnyGuonGeYHp_mkRKf5JzlK8hmYmxmbGFmYm5kbGlgDfdZ8ONAAAAA
.adnxs.com/	1970-01-20 02:43:34	Name: uuid2 Value: 6701733124046099906
.doubleclick.net/	1970-01-20 09:55:34	Name: IDE Value: AHWqTUnJGg-shUMNPZpKI-t76RntEi8seYnQmDWb8M3DydmLvqEmBbxq_YxwYSZILDI
.media.net/	1970-01-20 09:19:34	Name: visitor-id Value: 2866402478214866000V10
.media.net/	1970-01-20 09:18:08	Name: data-rk Value: 5108559722385545080~~3
.adnxs.com/	1970-01-20 02:43:34	Name: anj Value: dTM7k!M4/YErk#WF']wIg2Ilks/I/J!]tbPl1MNu::wpAk`W=edYV+elwVTV<ATygA?Z@pcR`Kg=sJSA.gLHHXs6>J90l/s
.casalemedia.com/	1970-01-20 09:19:34	Name: CMID Value: Yffvdxn1kqZbBn23.EB6FgAA
.casalemedia.com/	1970-01-20 02:43:34	Name: CMPS Value: 3193
.demdex.net/	1970-01-20 04:53:10	Name: demdex Value: 60463926971988890712239822197661761558
.rlcdn.com/	1970-01-20 09:19:34	Name: rlas3 Value: OXQYSLytkXITF+g4l8OlOCB1rQXhFO6YMNi/BUAbbeI=
.casalemedia.com/	1970-01-20 02:43:34	Name: CMPRO Value: 1104
.casalemedia.com/	1970-01-20 09:19:34	Name: CMRUM3 Value: 3961f7ef7727605108559722385545080
.casalemedia.com/	1970-01-20 00:35:25	Name: CMST Value: Yffvd2H373cA
.dpm.demdex.net/	1970-01-20 04:53:10	Name: dpm Value: 60463926971988890712239822197661761558
.spotxchange.com/	1970-01-20 09:19:38	Name: audience Value: 84b95612-82a0-11ec-b1b8-160292010506
.eyeota.net/	1970-01-20 00:33:59	Name: SERVERID Value: 23603~DM
.rezync.com/	1970-01-20 04:52:41	Name: zync-uuid Value: ffea6912-a947-4073-8b4b-5ceac7e5d744:1643638647.43
live.rezync.com/	1970-01-20 04:53:10	Name: sd-session-id Value: .eJwVikELgjAYQP9KfGcPX7ORCd2MENoiGMm8SOmopa5w89Bk_711eu_BW6D5qGm8GWUc5G6aVQLtoGNZyBew2o-qhxzoGjNKd1tC0sgNxQwhJGCVtfptGt3979U9nvVYD1JIykTppOiRfxFZ0fqTeGp-LB2v-CArltbi2nN_wfPrQHjBCPOPyHaOvocQfqiEMHU.FNmA9w.UommQEM4h1g1qumTIwEU6qVMJ8o
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129XNKczGrLEvzDTU0zUqzTK7wcYtPSW5iMUpLS000szQ00k20NDHXNTEwN9a1SDJJ0jVNTk1MNk81TTE3MbEyNDMxNjO2MDMx1zMxBgD8Ix6_UwAAAA
.rfihub.com/	1970-01-20 09:55:34	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA129XNKczGrLEvzDTU0zUqzTK7wcYtPSQ7iNTQzMTYztjAzMTcxtZzFiMQ3MjFehcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuNv4kVTT83mnvR-JOEjdLSUhPNLA2NdBMtTcx1TQzMjXUtkkySdE2TUxOTzVNNU8xNTKwQmvSAnhJGMsTUxHyRMKqhj9D4AGK42QqSAQAA
.rlcdn.com/	1970-01-20 02:00:22	Name: pxrc Value: CPfe348GEgYIuuoBEAA=
.krxd.net/	1970-01-20 04:53:10	Name: _kuid_ Value: OonhTN67
.bidswitch.net/	1970-01-20 09:19:34	Name: tuuid Value: 185693c5-e683-4ee7-adab-556a38ba220c
.bidswitch.net/	1970-01-20 09:19:34	Name: c Value: 1643638647
.bidswitch.net/	1970-01-20 09:19:34	Name: tuuid_lu Value: 1643638647

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20780873p.rfihub.com
a.rfihub.com
aa.agkn.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cm.g.doubleclick.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
stags.bluekai.com
sync-tm.everesttech.net
sync.search.spotxchange.com
track.adform.net
x.bidswitch.net
x.dlx.addthis.com
104.111.215.191
13.32.121.9
142.250.181.226
151.101.2.49
184.30.20.241
185.33.220.240
185.94.180.126
193.0.160.129
23.58.216.132
2600:1f18:612b:4264:c62f:533:271f:3e7e
2600:9000:2156:2a00:1:76cf:fe80:93a1
3.121.193.6
3.122.214.165
3.68.148.208
35.211.178.172
35.244.174.68
37.157.2.234
52.200.119.241
52.205.5.180
54.220.215.179
69.173.144.138
0976bb349cb60f1ece2b1cacaef4198d86e60a50fd30bc3db9fc5d5f625ca1aa
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7c2e296a32c782f2b0a35ba3e951b5dfd3f4baee36dae76f57f60d3e596c1ddd
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

track.adform.net Open in urlscan Pro 37.157.2.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

59 %HTTPS

10 %IPv6

22 Domains

24 Subdomains

19 IPs

5 Countries

21 kBTransfer

25 kBSize

26 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

26 Cookies

1 Console Messages

Security Headers

Indicators

track.adform.net Open in urlscan Pro
37.157.2.234 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

59 %
HTTPS

10 %
IPv6

22
Domains

24
Subdomains

19
IPs

5
Countries

21 kB
Transfer

25 kB
Size

26
Cookies

22 HTTP transactions
0 data transactions